lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Thu, 17 Jan 2013 22:49:28 -0500
From:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To:	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Cc:	xen-devel@...ts.xensource.com
Subject: [GIT PULL] (xen) stable/for-linus-3.8-rc3-tag

Hello Linus,

Please git pull the following tag:

 git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen.git stable/for-linus-3.8-rc3-tag

which has fixes that have been accumulating since rc0<signed tag>
Fixes:
 - CVE-2013-0190/XSA-40 (or stack corruption for 32-bit PV kernels)
 - Fix racy vma access spotted by Al Viro
 - Fix mmap batch ioctl potentially resulting in large O(n) page allcations.
 - Fix vcpu online/offline BUG:scheduling while atomic..
 - Fix unbound buffer scanning for more than 32 vCPUs.
 - Fix grant table being incorrectly initialized
 - Fix incorrect check in pciback
 - Allow privcmd in backend domains.
</signed tag>

You will find that I had to pull in my tree 'v3.7' as the original
root of the 'stable/for-linus-3.8' was based on v3.7-rc3, but there are
fixes (the ones from Daniel and Andres) that are dependent on the v3.7-rc6.
To make it easier I merged the v3.7 in the 'stable/for-linus-3.8'.

You are still going to have a merge conflict in the arch/arm/xen  - but
that one is fairly easy to fix (just remove the two functions with XXX and
leave the EXPORT_SYMBOL_GPLs). I did a resolution in #linux-next-resolution
http://git.kernel.org/?p=linux/kernel/git/konrad/xen.git;a=shortlog;h=refs/heads/linux-next-resolution
in case you want to double-check yourself.

Please pull!

 arch/x86/kernel/entry_32.S        |   1 -
 arch/x86/xen/smp.c                |   7 --
 drivers/xen/cpu_hotplug.c         |   4 +-
 drivers/xen/gntdev.c              | 130 ++++++++++++++++++++++++++------------
 drivers/xen/grant-table.c         |  48 ++++++++------
 drivers/xen/privcmd.c             |  89 ++++++++++++++------------
 drivers/xen/xen-pciback/pciback.h |   2 +-
 7 files changed, 167 insertions(+), 114 deletions(-)

Andres Lagar-Cavilla (1):
      xen/privcmd: Fix mmap batch ioctl.

Andrew Cooper (1):
      xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests.

Daniel De Graaf (3):
      xen/gntdev: fix unsafe vma access
      xen/gntdev: correctly unmap unlinked maps in mmu notifier
      xen/gntdev: remove erronous use of copy_to_user

Jan Beulich (1):
      Xen: properly bound buffer access when parsing cpu/*/availability

Konrad Rzeszutek Wilk (1):
      Revert "xen/smp: Fix CPU online/offline bug triggering a BUG: scheduling while atomic."

Matt Wilson (1):
      xen/grant-table: correctly initialize grant table version 1

Tamas Lengyel (1):
      xen/privcmd: Relax access control in privcmd_ioctl_mmap

Yang Zhang (1):
      x86/xen : Fix the wrong check in pciback


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ