[Pkg-xen-changes] [xen] 07/10: merge patched-develop into develop

Bastian Blank waldi at moszumanska.debian.org
Fri Oct 17 13:35:11 UTC 2014


This is an automated email from the git hooks/post-receive script.

waldi pushed a commit to branch develop
in repository xen.

commit de42d295b1b8878128ce98cabb52bcc944920bc4
Merge: a787a50 a90ace8
Author: Bastian Blank <waldi at debian.org>
Date:   Fri Oct 17 11:20:42 2014 +0200

    merge patched-develop into develop

 debian/.git-dpm                                    |   4 +-
 ...k-control-block-exists-when-using-FIFO-ba.patch | 175 +++++++++++++++++++++
 ...fix-race-condition-sampling-the-dirty-vra.patch |  57 +++++++
 ...-check-cpl-for-all-privileged-instruction.patch |  47 ++++++
 ...y-emulate-software-interrupt-injection-fo.patch |  33 ++++
 ...7-x86-HVM-properly-bound-x2APIC-MSR-range.patch |  46 ++++++
 ...ss-UR-signaling-for-further-desktop-chips.patch |  42 +++++
 debian/patches/series                              |   6 +
 xen/arch/x86/hvm/hvm.c                             |   4 +-
 xen/arch/x86/mm/shadow/common.c                    |   4 +-
 xen/arch/x86/x86_emulate/x86_emulate.c             |   4 +
 xen/common/event_fifo.c                            |  82 +++++++---
 xen/drivers/passthrough/vtd/quirks.c               |  10 +-
 xen/include/asm-x86/hvm/domain.h                   |   2 +-
 14 files changed, 482 insertions(+), 34 deletions(-)

diff --cc debian/.git-dpm
index 57ffd32,0000000..a0324c0
mode 100644,000000..100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@@ -1,8 -1,0 +1,8 @@@
 +# see git-dpm(1) from git-dpm package
- 2dec9f02a44a006887469c80a7649c31bb518899
- 2dec9f02a44a006887469c80a7649c31bb518899
++a90ace8403cf00b7eacd5cf2df1d588e15fb5610
++a90ace8403cf00b7eacd5cf2df1d588e15fb5610
 +3387be132d526263f246c24d3bbc94767a4eba76
 +3387be132d526263f246c24d3bbc94767a4eba76
 +xen_4.4.1.orig.tar.xz
 +900ed093d14caf511fa1a22f48bbf0499bb2ee11
 +3778516
diff --cc debian/patches/0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
index 0000000,0000000..944ccee
new file mode 100644
--- /dev/null
+++ b/debian/patches/0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
@@@ -1,0 -1,0 +1,175 @@@
++From d8a7da2812c0a7e71e756a416153d0182e658a3d Mon Sep 17 00:00:00 2001
++From: David Vrabel <david.vrabel at citrix.com>
++Date: Tue, 9 Sep 2014 15:31:37 +0200
++Subject: evtchn: check control block exists when using FIFO-based events
++
++When using the FIFO-based event channels, there are no checks for the
++existance of a control block when binding an event or moving it to a
++different VCPU.  This is because events may be bound when the ABI is
++in 2-level mode (e.g., by the toolstack before the domain is started).
++
++The guest may trigger a Xen crash in evtchn_fifo_set_pending() if:
++
++  a) the event is bound to a VCPU without a control block; or
++  b) VCPU 0 does not have a control block.
++
++In case (a), Xen will crash when looking up the current queue.  In
++(b), Xen will crash when looking up the old queue (which defaults to a
++queue on VCPU 0).
++
++By allocating all the per-VCPU structures when enabling the FIFO ABI,
++we can be sure that v->evtchn_fifo is always valid.
++
++EVTCHNOP_init_control_block for all the other CPUs need only map the
++shared control block.
++
++A single check in evtchn_fifo_set_pending() before accessing the
++control block fixes all cases where the guest has not initialized some
++control blocks.
++
++This is XSA-107.
++
++Reported-by: Vitaly Kuznetsov <vkuznets at redhat.com>
++Signed-off-by: David Vrabel <david.vrabel at citrix.com>
++Reviewed-by: Jan Beulich <jbeulich at suse.com>
++master commit: a4e0cea6fced50e251453dfe52e1b9dde77a84f5
++master date: 2014-09-09 15:25:58 +0200
++---
++ xen/common/event_fifo.c | 82 ++++++++++++++++++++++++++++++++++---------------
++ 1 file changed, 58 insertions(+), 24 deletions(-)
++
++diff --git a/xen/common/event_fifo.c b/xen/common/event_fifo.c
++index 1fce3f1..e9c1fbe 100644
++--- a/xen/common/event_fifo.c
+++++ b/xen/common/event_fifo.c
++@@ -178,6 +178,19 @@ static void evtchn_fifo_set_pending(struct vcpu *v, struct evtchn *evtchn)
++         bool_t linked = 0;
++ 
++         /*
+++         * Control block not mapped.  The guest must not unmask an
+++         * event until the control block is initialized, so we can
+++         * just drop the event.
+++         */
+++        if ( unlikely(!v->evtchn_fifo->control_block) )
+++        {
+++            printk(XENLOG_G_WARNING
+++                   "d%dv%d has no FIFO event channel control block\n",
+++                   d->domain_id, v->vcpu_id);
+++            goto done;
+++        }
+++
+++        /*
++          * No locking around getting the queue. This may race with
++          * changing the priority but we are allowed to signal the
++          * event once on the old priority.
++@@ -385,36 +398,42 @@ static void init_queue(struct vcpu *v, struct evtchn_fifo_queue *q,
++ {
++     spin_lock_init(&q->lock);
++     q->priority = i;
++-    q->head = &v->evtchn_fifo->control_block->head[i];
++ }
++ 
++-static int setup_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+++static int setup_control_block(struct vcpu *v)
++ {
++-    struct domain *d = v->domain;
++     struct evtchn_fifo_vcpu *efv;
++-    void *virt;
++     unsigned int i;
++-    int rc;
++-
++-    if ( v->evtchn_fifo )
++-        return -EINVAL;
++ 
++     efv = xzalloc(struct evtchn_fifo_vcpu);
++     if ( !efv )
++         return -ENOMEM;
++ 
++-    rc = map_guest_page(d, gfn, &virt);
+++    for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
+++        init_queue(v, &efv->queue[i], i);
+++
+++    v->evtchn_fifo = efv;
+++
+++    return 0;
+++}
+++
+++static int map_control_block(struct vcpu *v, uint64_t gfn, uint32_t offset)
+++{
+++    void *virt;
+++    unsigned int i;
+++    int rc;
+++
+++    if ( v->evtchn_fifo->control_block )
+++        return -EINVAL;
+++
+++    rc = map_guest_page(v->domain, gfn, &virt);
++     if ( rc < 0 )
++-    {
++-        xfree(efv);
++         return rc;
++-    }
++ 
++-    v->evtchn_fifo = efv;
++     v->evtchn_fifo->control_block = virt + offset;
++ 
++     for ( i = 0; i <= EVTCHN_FIFO_PRIORITY_MIN; i++ )
++-        init_queue(v, &v->evtchn_fifo->queue[i], i);
+++        v->evtchn_fifo->queue[i].head = &v->evtchn_fifo->control_block->head[i];
++ 
++     return 0;
++ }
++@@ -508,28 +527,43 @@ int evtchn_fifo_init_control(struct evtchn_init_control *init_control)
++ 
++     spin_lock(&d->event_lock);
++ 
++-    rc = setup_control_block(v, gfn, offset);
++-
++     /*
++      * If this is the first control block, setup an empty event array
++      * and switch to the fifo port ops.
++      */
++-    if ( rc == 0 && !d->evtchn_fifo )
+++    if ( !d->evtchn_fifo )
++     {
+++        struct vcpu *vcb;
+++
+++        for_each_vcpu ( d, vcb ) {
+++            rc = setup_control_block(vcb);
+++            if ( rc < 0 )
+++                goto error;
+++        }
+++
++         rc = setup_event_array(d);
++         if ( rc < 0 )
++-            cleanup_control_block(v);
++-        else
++-        {
++-            d->evtchn_port_ops = &evtchn_port_ops_fifo;
++-            d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
++-            setup_ports(d);
++-        }
+++            goto error;
+++
+++        rc = map_control_block(v, gfn, offset);
+++        if ( rc < 0 )
+++            goto error;
+++
+++        d->evtchn_port_ops = &evtchn_port_ops_fifo;
+++        d->max_evtchns = EVTCHN_FIFO_NR_CHANNELS;
+++        setup_ports(d);
++     }
+++    else
+++        rc = map_control_block(v, gfn, offset);
++ 
++     spin_unlock(&d->event_lock);
++ 
++     return rc;
+++
+++ error:
+++    evtchn_fifo_destroy(d);
+++    spin_unlock(&d->event_lock);
+++    return rc;
++ }
++ 
++ static int add_page_to_event_array(struct domain *d, unsigned long gfn)
diff --cc debian/patches/0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
index 0000000,0000000..2dee3ba
new file mode 100644
--- /dev/null
+++ b/debian/patches/0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
@@@ -1,0 -1,0 +1,57 @@@
++From e4aa132e656197ccd65e612f1e1dc49b1d46f8b9 Mon Sep 17 00:00:00 2001
++From: Andrew Cooper <andrew.cooper3 at citrix.com>
++Date: Tue, 23 Sep 2014 14:39:05 +0200
++Subject: x86/shadow: fix race condition sampling the dirty vram state
++
++d->arch.hvm_domain.dirty_vram must be read with the domain's paging lock held.
++
++If not, two concurrent hypercalls could both end up attempting to free
++dirty_vram (the second of which will free a wild pointer), or both end up
++allocating a new dirty_vram structure (the first of which will be leaked).
++
++This is XSA-104.
++
++Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
++Reviewed-by: Tim Deegan <tim at xen.org>
++master commit: 46a49b91f1026f64430b84dd83e845a33f06415e
++master date: 2014-09-23 14:31:47 +0200
++---
++ xen/arch/x86/mm/shadow/common.c  | 4 +++-
++ xen/include/asm-x86/hvm/domain.h | 2 +-
++ 2 files changed, 4 insertions(+), 2 deletions(-)
++
++diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
++index be095f6..3ed48c4 100644
++--- a/xen/arch/x86/mm/shadow/common.c
+++++ b/xen/arch/x86/mm/shadow/common.c
++@@ -3486,7 +3486,7 @@ int shadow_track_dirty_vram(struct domain *d,
++     int flush_tlb = 0;
++     unsigned long i;
++     p2m_type_t t;
++-    struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram;
+++    struct sh_dirty_vram *dirty_vram;
++     struct p2m_domain *p2m = p2m_get_hostp2m(d);
++ 
++     if ( end_pfn < begin_pfn || end_pfn > p2m->max_mapped_pfn + 1 )
++@@ -3496,6 +3496,8 @@ int shadow_track_dirty_vram(struct domain *d,
++     p2m_lock(p2m_get_hostp2m(d));
++     paging_lock(d);
++ 
+++    dirty_vram = d->arch.hvm_domain.dirty_vram;
+++
++     if ( dirty_vram && (!nr ||
++              ( begin_pfn != dirty_vram->begin_pfn
++             || end_pfn   != dirty_vram->end_pfn )) )
++diff --git a/xen/include/asm-x86/hvm/domain.h b/xen/include/asm-x86/hvm/domain.h
++index b1e3187..99c5e44 100644
++--- a/xen/include/asm-x86/hvm/domain.h
+++++ b/xen/include/asm-x86/hvm/domain.h
++@@ -67,7 +67,7 @@ struct hvm_domain {
++     /* Memory ranges with pinned cache attributes. */
++     struct list_head       pinned_cacheattr_ranges;
++ 
++-    /* VRAM dirty support. */
+++    /* VRAM dirty support.  Protect with the domain paging lock. */
++     struct sh_dirty_vram *dirty_vram;
++ 
++     /* If one of vcpus of this domain is in no_fill_mode or
diff --cc debian/patches/0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
index 0000000,0000000..8b7dbd4
new file mode 100644
--- /dev/null
+++ b/debian/patches/0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
@@@ -1,0 -1,0 +1,47 @@@
++From 65f95b5c8bb858165c90155a95788fd66f447e1c Mon Sep 17 00:00:00 2001
++From: Andrew Cooper <andrew.cooper3 at citrix.com>
++Date: Tue, 23 Sep 2014 14:40:12 +0200
++Subject: x86/emulate: check cpl for all privileged instructions
++
++Without this, it is possible for userspace to load its own IDT or GDT.
++
++This is XSA-105.
++
++Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
++Signed-off-by: Andrew Cooper <andrew.cooper3 at citrix.com>
++Tested-by: Andrei LUTAS <vlutas at bitdefender.com>
++Reviewed-by: Jan Beulich <jbeulich at suse.com>
++master commit: 0e442727ceccfa32a7276cccd205b4722e68fdc1
++master date: 2014-09-23 14:33:06 +0200
++---
++ xen/arch/x86/x86_emulate/x86_emulate.c | 3 +++
++ 1 file changed, 3 insertions(+)
++
++diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
++index 50d8965..4810e68 100644
++--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++++ b/xen/arch/x86/x86_emulate/x86_emulate.c
++@@ -3314,6 +3314,7 @@ x86_emulate(
++         goto swint;
++ 
++     case 0xf4: /* hlt */
+++        generate_exception_if(!mode_ring0(), EXC_GP, 0);
++         ctxt->retire.flags.hlt = 1;
++         break;
++ 
++@@ -3710,6 +3711,7 @@ x86_emulate(
++             break;
++         case 2: /* lgdt */
++         case 3: /* lidt */
+++            generate_exception_if(!mode_ring0(), EXC_GP, 0);
++             generate_exception_if(ea.type != OP_MEM, EXC_UD, -1);
++             fail_if(ops->write_segment == NULL);
++             memset(&reg, 0, sizeof(reg));
++@@ -3738,6 +3740,7 @@ x86_emulate(
++         case 6: /* lmsw */
++             fail_if(ops->read_cr == NULL);
++             fail_if(ops->write_cr == NULL);
+++            generate_exception_if(!mode_ring0(), EXC_GP, 0);
++             if ( (rc = ops->read_cr(0, &cr0, ctxt)) )
++                 goto done;
++             if ( ea.type == OP_REG )
diff --cc debian/patches/0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
index 0000000,0000000..6317de2
new file mode 100644
--- /dev/null
+++ b/debian/patches/0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
@@@ -1,0 -1,0 +1,33 @@@
++From a22de27132bab557dcee6e5726d0145364cafcc9 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Tue, 23 Sep 2014 14:40:51 +0200
++Subject: x86emul: only emulate software interrupt injection for real mode
++
++Protected mode emulation currently lacks proper privilege checking of
++the referenced IDT entry, and there's currently no legitimate way for
++any of the respective instructions to reach the emulator when the guest
++is in protected mode.
++
++This is XSA-106.
++
++Reported-by: Andrei LUTAS <vlutas at bitdefender.com>
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++Acked-by: Keir Fraser <keir at xen.org>
++master commit: 346d4545569928b652c40c7815c1732676f8587c
++master date: 2014-09-23 14:33:50 +0200
++---
++ xen/arch/x86/x86_emulate/x86_emulate.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
++index 4810e68..5fbe024 100644
++--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++++ b/xen/arch/x86/x86_emulate/x86_emulate.c
++@@ -2634,6 +2634,7 @@ x86_emulate(
++     case 0xcd: /* int imm8 */
++         src.val = insn_fetch_type(uint8_t);
++     swint:
+++        fail_if(!in_realmode(ctxt, ops)); /* XSA-106 */
++         fail_if(ops->inject_sw_interrupt == NULL);
++         rc = ops->inject_sw_interrupt(src.val, _regs.eip - ctxt->regs->eip,
++                                       ctxt) ? : X86EMUL_EXCEPTION;
diff --cc debian/patches/0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
index 0000000,0000000..42f8e85
new file mode 100644
--- /dev/null
+++ b/debian/patches/0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
@@@ -1,0 -1,0 +1,46 @@@
++From 1dd58bd5087cd48a4f5bd6dde2e6116ba95ee677 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Wed, 1 Oct 2014 14:59:00 +0200
++Subject: x86/HVM: properly bound x2APIC MSR range
++
++While the write path change appears to be purely cosmetic (but still
++gets done here for consistency), the read side mistake permitted
++accesses beyond the virtual APIC page.
++
++Note that while this isn't fully in line with the specification
++(digesting MSRs 0x800-0xBFF for the x2APIC), this is the minimal
++possible fix addressing the security issue and getting x2APIC related
++code into a consistent shape (elsewhere a 256 rather than 1024 wide
++window is being used too). This will be dealt with subsequently.
++
++This is CVE-2014-7188 / XSA-108.
++
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++master commit: 61fdda7acf3de11f3d50d50e5b4f4ecfac7e0d04
++master date: 2014-10-01 14:54:47 +0200
++---
++ xen/arch/x86/hvm/hvm.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
++index be1a2d3..3289604 100644
++--- a/xen/arch/x86/hvm/hvm.c
+++++ b/xen/arch/x86/hvm/hvm.c
++@@ -3022,7 +3022,7 @@ int hvm_msr_read_intercept(unsigned int msr, uint64_t *msr_content)
++         *msr_content = vcpu_vlapic(v)->hw.apic_base_msr;
++         break;
++ 
++-    case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+++    case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
++         if ( hvm_x2apic_msr_read(v, msr, msr_content) )
++             goto gp_fault;
++         break;
++@@ -3148,7 +3148,7 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content)
++         vlapic_tdt_msr_set(vcpu_vlapic(v), msr_content);
++         break;
++ 
++-    case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0x3ff:
+++    case MSR_IA32_APICBASE_MSR ... MSR_IA32_APICBASE_MSR + 0xff:
++         if ( hvm_x2apic_msr_write(v, msr, msr_content) )
++             goto gp_fault;
++         break;
diff --cc debian/patches/0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch
index 0000000,0000000..e501ee8
new file mode 100644
--- /dev/null
+++ b/debian/patches/0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch
@@@ -1,0 -1,0 +1,42 @@@
++From a90ace8403cf00b7eacd5cf2df1d588e15fb5610 Mon Sep 17 00:00:00 2001
++From: Jan Beulich <jbeulich at suse.com>
++Date: Wed, 1 Oct 2014 15:06:39 +0200
++Subject: VT-d: suppress UR signaling for further desktop chipsets
++
++This extends commit d6cb14b34f ("VT-d: suppress UR signaling for
++desktop chipsets") as per the finally obtained list of affected
++chipsets from Intel.
++
++Also pad the IDs we had listed there before to full 4 hex digits.
++
++This is CVE-2013-3495 / XSA-59.
++
++Signed-off-by: Jan Beulich <jbeulich at suse.com>
++Acked-by: Yang Zhang <yang.z.zhang at intel.com>
++master commit: 3e2331d271cc0882e4013c8f20398c46c35f90a1
++master date: 2014-09-18 15:03:22 +0200
++---
++ xen/drivers/passthrough/vtd/quirks.c | 10 ++++++----
++ 1 file changed, 6 insertions(+), 4 deletions(-)
++
++diff --git a/xen/drivers/passthrough/vtd/quirks.c b/xen/drivers/passthrough/vtd/quirks.c
++index 647723d..2fac35d 100644
++--- a/xen/drivers/passthrough/vtd/quirks.c
+++++ b/xen/drivers/passthrough/vtd/quirks.c
++@@ -474,10 +474,12 @@ void pci_vtd_quirk(const struct pci_dev *pdev)
++                action, seg, bus, dev, func);
++         break;
++ 
++-    case 0x100: case 0x104: case 0x108: /* Sandybridge */
++-    case 0x150: case 0x154: case 0x158: /* Ivybridge */
++-    case 0xa04: /* Haswell ULT */
++-    case 0xc00: case 0xc04: case 0xc08: /* Haswell */
+++    case 0x0040: case 0x0044: case 0x0048: /* Nehalem/Westmere */
+++    case 0x0100: case 0x0104: case 0x0108: /* Sandybridge */
+++    case 0x0150: case 0x0154: case 0x0158: /* Ivybridge */
+++    case 0x0a04: /* Haswell ULT */
+++    case 0x0c00: case 0x0c04: case 0x0c08: /* Haswell */
+++    case 0x1600: case 0x1604: case 0x1608: /* Broadwell */
++         bar = pci_conf_read32(seg, bus, dev, func, 0x6c);
++         bar = (bar << 32) | pci_conf_read32(seg, bus, dev, func, 0x68);
++         pa = bar & 0x7ffffff000UL; /* bits 12...38 */
diff --cc debian/patches/series
index 01adedf,0000000..874c871
mode 100644,000000..100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -1,32 -1,0 +1,38 @@@
 +0001-version.patch
 +0002-config-prefix.diff.patch
 +0003-tools-libfsimage-abiname.diff.patch
 +0004-tools-libxc-abiname.diff.patch
 +0005-tools-libxl-abiname.diff.patch
 +0006-tools-xenstat-abiname.diff.patch
 +0007-tools-rpath.diff.patch
 +0008-tools-blktap2-prefix.diff.patch
 +0009-tools-console-prefix.diff.patch
 +0010-tools-libfsimage-prefix.diff.patch
 +0011-tools-libxl-prefix.diff.patch
 +0012-tools-misc-prefix.diff.patch
 +0013-tools-pygrub-prefix.diff.patch
 +0014-tools-python-prefix.diff.patch
 +0015-tools-xcutils-rpath.diff.patch
 +0016-tools-xenmon-prefix.diff.patch
 +0017-tools-xenpaging-prefix.diff.patch
 +0018-tools-xenstat-prefix.diff.patch
 +0019-tools-xenstore-prefix.diff.patch
 +0020-tools-xentrace-prefix.diff.patch
 +0021-tools-python-xen-relative-path.diff.patch
 +0022-tools-misc-xend-startup.diff.patch
 +0023-tools-disable.diff.patch
 +0024-tools-examples-xend-disable-network.diff.patch
 +0025-tools-examples-xend-disable-relocation.diff.patch
 +0026-tools-pygrub-remove-static-solaris-support.patch
 +0027-tools-include-install.diff.patch
 +0028-tools-xenmon-install.diff.patch
 +0029-tools-hotplug-udevrules.diff.patch
 +0030-tools-python-shebang.diff.patch
 +0031-tools-xenstore-compatibility.diff.patch
 +0032-send-xl-coredumps-var-lib-xen-dump-NAME.patch
++0033-evtchn-check-control-block-exists-when-using-FIFO-ba.patch
++0034-x86-shadow-fix-race-condition-sampling-the-dirty-vra.patch
++0035-x86-emulate-check-cpl-for-all-privileged-instruction.patch
++0036-x86emul-only-emulate-software-interrupt-injection-fo.patch
++0037-x86-HVM-properly-bound-x2APIC-MSR-range.patch
++0038-VT-d-suppress-UR-signaling-for-further-desktop-chips.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-xen/xen.git



More information about the Pkg-xen-changes mailing list