* preparations for 4.8.2
@ 2017-07-06 7:17 Jan Beulich
2017-07-17 8:01 ` Wei Liu
0 siblings, 1 reply; 12+ messages in thread
From: Jan Beulich @ 2017-07-06 7:17 UTC (permalink / raw)
To: xen-devel; +Cc: Lars Kurth, Stefano Stabellini, Wei Liu, Ian Jackson
All,
with the goal of releasing in the first half of August (once I'm back
from vacation and had time to sync back up, and the tree has got
the necessary push), please point out backport candidates you
find missing from the respective staging branches, but which you
consider relevant. Note that commit 2ff229643b ("livepatch: Don't
crash on encountering STN_UNDEF relocations") is already on my
list; I'm not fully decided on bd53b85156 ("livepatch: Use zeroed
memory allocations for arrays") yet, but I tend towards taking it as
long as it applies reasonably cleanly (which I expect it will do).
Thanks, Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 12+ messages in thread* Re: preparations for 4.8.2 2017-07-06 7:17 preparations for 4.8.2 Jan Beulich @ 2017-07-17 8:01 ` Wei Liu 2017-07-17 8:17 ` Lars Kurth 0 siblings, 1 reply; 12+ messages in thread From: Wei Liu @ 2017-07-17 8:01 UTC (permalink / raw) To: Jan Beulich Cc: xen-devel, Stefano Stabellini, Wei Liu, Ian Jackson, Lars Kurth On Thu, Jul 06, 2017 at 01:17:02AM -0600, Jan Beulich wrote: > All, > > with the goal of releasing in the first half of August (once I'm back > from vacation and had time to sync back up, and the tree has got > the necessary push), please point out backport candidates you > find missing from the respective staging branches, but which you > consider relevant. Note that commit 2ff229643b ("livepatch: Don't > crash on encountering STN_UNDEF relocations") is already on my > list; I'm not fully decided on bd53b85156 ("livepatch: Use zeroed > memory allocations for arrays") yet, but I tend towards taking it as > long as it applies reasonably cleanly (which I expect it will do). > > Thanks, Jan > xen-RELEASE-4.8.2 tagged in mini-os.git. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-17 8:01 ` Wei Liu @ 2017-07-17 8:17 ` Lars Kurth 2017-07-17 10:40 ` Wei Liu 0 siblings, 1 reply; 12+ messages in thread From: Lars Kurth @ 2017-07-17 8:17 UTC (permalink / raw) To: Wei Liu, Jan Beulich; +Cc: xen-devel, Stefano Stabellini, Ian Jackson Folks, I didn't run the XSA script. Maybe someone can have a go and test out the instructions in https://xenbits.xenproject.org/gitweb/?p=people/larsk/xen-release-scripts.g it;a=summary The scripts does requireS XSA.GIT to be checked out, but can be changed easily to fetch XSAs from xenbits: line 26, and then follow $XSADIR In fact --xsadir http://xenbits.xenproject.org/xsa may just work Lars On 17/07/2017, 10:01, "Wei Liu" <wei.liu2@citrix.com> wrote: >On Thu, Jul 06, 2017 at 01:17:02AM -0600, Jan Beulich wrote: >> All, >> >> with the goal of releasing in the first half of August (once I'm back >> from vacation and had time to sync back up, and the tree has got >> the necessary push), please point out backport candidates you >> find missing from the respective staging branches, but which you >> consider relevant. Note that commit 2ff229643b ("livepatch: Don't >> crash on encountering STN_UNDEF relocations") is already on my >> list; I'm not fully decided on bd53b85156 ("livepatch: Use zeroed >> memory allocations for arrays") yet, but I tend towards taking it as >> long as it applies reasonably cleanly (which I expect it will do). >> >> Thanks, Jan >> > >xen-RELEASE-4.8.2 tagged in mini-os.git. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-17 8:17 ` Lars Kurth @ 2017-07-17 10:40 ` Wei Liu 2017-07-17 13:08 ` Lars Kurth 2017-07-18 11:21 ` Lars Kurth 0 siblings, 2 replies; 12+ messages in thread From: Wei Liu @ 2017-07-17 10:40 UTC (permalink / raw) To: Lars Kurth Cc: xen-devel, Stefano Stabellini, Wei Liu, Jan Beulich, Ian Jackson On Mon, Jul 17, 2017 at 09:17:23AM +0100, Lars Kurth wrote: > Folks, > > I didn't run the XSA script. Maybe someone can have a go and test out the > instructions in > https://xenbits.xenproject.org/gitweb/?p=people/larsk/xen-release-scripts.g > it;a=summary > The scripts does requireS XSA.GIT to be checked out, but can be changed > easily to fetch XSAs from xenbits: line 26, and then follow $XSADIR > > In fact --xsadir http://xenbits.xenproject.org/xsa may just work > > Lars > I tried to follow the instructions in README for match-xsa. I believe the xsa-list-send script in step 3 depends on xsa.git, which I don't have access to. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-17 10:40 ` Wei Liu @ 2017-07-17 13:08 ` Lars Kurth 2017-07-18 11:21 ` Lars Kurth 1 sibling, 0 replies; 12+ messages in thread From: Lars Kurth @ 2017-07-17 13:08 UTC (permalink / raw) To: Wei Liu; +Cc: xen-devel, Stefano Stabellini, Jan Beulich, Ian Jackson > I tried to follow the instructions in README for match-xsa. I believe > the xsa-list-send script in step 3 depends on xsa.git, which I don't > have access to. That is unfortunately correct: we ought to fix this. Lars On 17/07/2017, 12:40, "Wei Liu" <wei.liu2@citrix.com> wrote: >On Mon, Jul 17, 2017 at 09:17:23AM +0100, Lars Kurth wrote: >> Folks, >> >> I didn't run the XSA script. Maybe someone can have a go and test out >>the >> instructions in >> >>https://xenbits.xenproject.org/gitweb/?p=people/larsk/xen-release-scripts >>.g >> it;a=summary >> The scripts does requireS XSA.GIT to be checked out, but can be changed >> easily to fetch XSAs from xenbits: line 26, and then follow $XSADIR >> >> In fact --xsadir http://xenbits.xenproject.org/xsa may just work >> >> Lars >> > >I tried to follow the instructions in README for match-xsa. I believe >the xsa-list-send script in step 3 depends on xsa.git, which I don't >have access to. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-17 10:40 ` Wei Liu 2017-07-17 13:08 ` Lars Kurth @ 2017-07-18 11:21 ` Lars Kurth 2017-07-18 13:53 ` Wei Liu 1 sibling, 1 reply; 12+ messages in thread From: Lars Kurth @ 2017-07-18 11:21 UTC (permalink / raw) To: Wei Liu; +Cc: xen-devel, Stefano Stabellini, Jan Beulich, Ian Jackson [-- Attachment #1: Type: text/plain, Size: 975 bytes --] Wei, I attached the list output from xsa-list-send starting from 206 If you look at https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-481 .html, you may want to start using from 213+ Lars On 17/07/2017, 12:40, "Wei Liu" <wei.liu2@citrix.com> wrote: >On Mon, Jul 17, 2017 at 09:17:23AM +0100, Lars Kurth wrote: >> Folks, >> >> I didn't run the XSA script. Maybe someone can have a go and test out >>the >> instructions in >> >>https://xenbits.xenproject.org/gitweb/?p=people/larsk/xen-release-scripts >>.g >> it;a=summary >> The scripts does requireS XSA.GIT to be checked out, but can be changed >> easily to fetch XSAs from xenbits: line 26, and then follow $XSADIR >> >> In fact --xsadir http://xenbits.xenproject.org/xsa may just work >> >> Lars >> > >I tried to follow the instructions in README for match-xsa. I believe >the xsa-list-send script in step 3 depends on xsa.git, which I don't >have access to. [-- Attachment #2: xsa-206-225.txt --] [-- Type: text/plain, Size: 24865 bytes --] 206 xsa206-unstable/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-unstable/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-unstable/0003-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-unstable/0004-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-unstable/0005-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-unstable/0006-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-unstable/0007-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-unstable/0008-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-unstable/0009-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-unstable/0010-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-unstable/0011-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-unstable/0012-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-unstable/0013-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-unstable/0014-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-unstable/0015-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-unstable/0016-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 206 xsa206-4.4/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-4.4/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-4.4/0003-oxenstored-exempt-dom0-from-domU-node-quotas.patch oxenstored: exempt dom0 from domU node quotas 206 xsa206-4.4/0004-oxenstored-perform-a-3-way-merge-of-the-quota-after-.patch oxenstored: perform a 3-way merge of the quota after a transaction 206 xsa206-4.4/0005-oxenstored-catch-the-error-when-a-connection-is-alre.patch oxenstored: catch the error when a connection is already deleted 206 xsa206-4.4/0006-oxenstored-use-hash-table-to-store-socket-connection.patch oxenstored: use hash table to store socket connections 206 xsa206-4.4/0007-oxenstored-enable-domain-connection-indexing-based-o.patch oxenstored: enable domain connection indexing based on eventchn port 206 xsa206-4.4/0008-oxenstored-only-process-domain-connections-that-noti.patch oxenstored: only process domain connections that notify us by events 206 xsa206-4.4/0009-oxenstored-add-a-safe-net-mechanism-for-existing-ill.patch oxenstored: add a safe net mechanism for existing ill-behaved clients 206 xsa206-4.4/0010-oxenstored-refactor-putting-response-on-wire.patch oxenstored: refactor putting response on wire 206 xsa206-4.4/0011-oxenstored-remove-some-unused-parameters.patch oxenstored: remove some unused parameters 206 xsa206-4.4/0012-oxenstored-refactor-request-processing.patch oxenstored: refactor request processing 206 xsa206-4.4/0013-oxenstored-keep-track-of-each-transaction-s-operatio.patch oxenstored: keep track of each transaction's operations 206 xsa206-4.4/0014-oxenstored-move-functions-that-process-simple-operat.patch oxenstored: move functions that process simple operations 206 xsa206-4.4/0015-oxenstored-replay-transaction-upon-conflict.patch oxenstored: replay transaction upon conflict 206 xsa206-4.4/0016-oxenstored-log-request-and-response-during-transacti.patch oxenstored: log request and response during transaction replay 206 xsa206-4.4/0017-oxenstored-allow-compilation-prior-to-OCaml-3.12.0.patch oxenstored: allow compilation prior to OCaml 3.12.0 206 xsa206-4.4/0018-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-4.4/0019-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-4.4/0020-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-4.4/0021-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-4.4/0022-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-4.4/0023-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-4.4/0024-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-4.4/0025-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-4.4/0026-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-4.4/0027-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-4.4/0028-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-4.4/0029-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-4.4/0030-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-4.4/0031-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 206 xsa206-4.5/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-4.5/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-4.5/0003-oxenstored-refactor-putting-response-on-wire.patch oxenstored: refactor putting response on wire 206 xsa206-4.5/0004-oxenstored-remove-some-unused-parameters.patch oxenstored: remove some unused parameters 206 xsa206-4.5/0005-oxenstored-refactor-request-processing.patch oxenstored: refactor request processing 206 xsa206-4.5/0006-oxenstored-keep-track-of-each-transaction-s-operatio.patch oxenstored: keep track of each transaction's operations 206 xsa206-4.5/0007-oxenstored-move-functions-that-process-simple-operat.patch oxenstored: move functions that process simple operations 206 xsa206-4.5/0008-oxenstored-replay-transaction-upon-conflict.patch oxenstored: replay transaction upon conflict 206 xsa206-4.5/0009-oxenstored-log-request-and-response-during-transacti.patch oxenstored: log request and response during transaction replay 206 xsa206-4.5/0010-oxenstored-allow-compilation-prior-to-OCaml-3.12.0.patch oxenstored: allow compilation prior to OCaml 3.12.0 206 xsa206-4.5/0011-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-4.5/0012-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-4.5/0013-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-4.5/0014-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-4.5/0015-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-4.5/0016-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-4.5/0017-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-4.5/0018-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-4.5/0019-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-4.5/0020-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-4.5/0021-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-4.5/0022-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-4.5/0023-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-4.5/0024-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 206 xsa206-4.6/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-4.6/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-4.6/0003-oxenstored-refactor-putting-response-on-wire.patch oxenstored: refactor putting response on wire 206 xsa206-4.6/0004-oxenstored-remove-some-unused-parameters.patch oxenstored: remove some unused parameters 206 xsa206-4.6/0005-oxenstored-refactor-request-processing.patch oxenstored: refactor request processing 206 xsa206-4.6/0006-oxenstored-keep-track-of-each-transaction-s-operatio.patch oxenstored: keep track of each transaction's operations 206 xsa206-4.6/0007-oxenstored-move-functions-that-process-simple-operat.patch oxenstored: move functions that process simple operations 206 xsa206-4.6/0008-oxenstored-replay-transaction-upon-conflict.patch oxenstored: replay transaction upon conflict 206 xsa206-4.6/0009-oxenstored-log-request-and-response-during-transacti.patch oxenstored: log request and response during transaction replay 206 xsa206-4.6/0010-oxenstored-allow-compilation-prior-to-OCaml-3.12.0.patch oxenstored: allow compilation prior to OCaml 3.12.0 206 xsa206-4.6/0011-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-4.6/0012-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-4.6/0013-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-4.6/0014-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-4.6/0015-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-4.6/0016-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-4.6/0017-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-4.6/0018-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-4.6/0019-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-4.6/0020-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-4.6/0021-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-4.6/0022-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-4.6/0023-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-4.6/0024-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 206 xsa206-4.7/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-4.7/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-4.7/0003-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-4.7/0004-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-4.7/0005-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-4.7/0006-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-4.7/0007-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-4.7/0008-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-4.7/0009-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-4.7/0010-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-4.7/0011-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-4.7/0012-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-4.7/0013-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-4.7/0014-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-4.7/0015-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-4.7/0016-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 206 xsa206-4.8/0001-xenstored-apply-a-write-transaction-rate-limit.patch xenstored: apply a write transaction rate limit 206 xsa206-4.8/0002-xenstored-Log-when-the-write-transaction-rate-limit-.patch xenstored: Log when the write transaction rate limit bites 206 xsa206-4.8/0003-oxenstored-comments-explaining-some-variables.patch oxenstored: comments explaining some variables 206 xsa206-4.8/0004-oxenstored-handling-of-domain-conflict-credit.patch oxenstored: handling of domain conflict-credit 206 xsa206-4.8/0005-oxenstored-ignore-domains-with-no-conflict-credit.patch oxenstored: ignore domains with no conflict-credit 206 xsa206-4.8/0006-oxenstored-add-transaction-info-relevant-to-history-.patch oxenstored: add transaction info relevant to history-tracking 206 xsa206-4.8/0007-oxenstored-support-commit-history-tracking.patch oxenstored: support commit history tracking 206 xsa206-4.8/0008-oxenstored-only-record-operations-with-side-effects-.patch oxenstored: only record operations with side-effects in history 206 xsa206-4.8/0009-oxenstored-discard-old-commit-history-on-txn-end.patch oxenstored: discard old commit-history on txn end 206 xsa206-4.8/0010-oxenstored-track-commit-history.patch oxenstored: track commit history 206 xsa206-4.8/0011-oxenstored-blame-the-connection-that-caused-a-transa.patch oxenstored: blame the connection that caused a transaction conflict 206 xsa206-4.8/0012-oxenstored-allow-self-conflicts.patch oxenstored: allow self-conflicts 206 xsa206-4.8/0013-oxenstored-do-not-commit-read-only-transactions.patch oxenstored: do not commit read-only transactions 206 xsa206-4.8/0014-oxenstored-don-t-wake-to-issue-no-conflict-credit.patch oxenstored: don't wake to issue no conflict-credit 206 xsa206-4.8/0015-oxenstored-transaction-conflicts-improve-logging.patch oxenstored transaction conflicts: improve logging 206 xsa206-4.8/0016-oxenstored-trim-history-in-the-frequent_ops-function.patch oxenstored: trim history in the frequent_ops function 207 xsa207.patch IOMMU: always call teardown callback 207 xsa207-4.4.patch IOMMU: always call teardown callback 208 xsa208-qemut.patch cirrus: fix oob access issue (CVE-2017-2615) 208 xsa208-qemuu.patch cirrus: fix oob access issue (CVE-2017-2615) 208 xsa208-qemuu-4.7.patch cirrus: fix oob access issue (CVE-2017-2615) 209 xsa209-qemut.patch cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo 209 xsa209-qemuu/0001-display-cirrus-ignore-source-pitch-value-as-needed-i.patch display: cirrus: ignore source pitch value as needed in blit_is_unsafe 209 xsa209-qemuu/0002-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo 210 xsa210.patch arm/p2m: remove the page from p2m->pages list before freeing it 211 xsa211-qemut.patch cirrus/vnc: zap drop bitblit support from console code. 211 xsa211-qemut-4.5.patch cirrus/vnc: zap drop bitblit support from console code. 211 xsa211-qemuu.patch cirrus/vnc: zap bitblit support from console code. 211 xsa211-qemuu-4.4.patch cirrus/vnc: zap bitblit support from console code. 211 xsa211-qemuu-4.6.patch cirrus/vnc: zap bitblit support from console code. 211 xsa211-qemuu-4.7.patch cirrus/vnc: zap bitblit support from console code. 211 xsa211-qemuu-4.8.patch cirrus/vnc: zap bitblit support from console code. 212 xsa212.patch memory: properly check guest memory ranges in XENMEM_exchange handling 213 xsa213.patch multicall: deal with early exit conditions 213 xsa213-4.5.patch multicall: deal with early exit conditions 213 xsa213-4.6.patch multicall: deal with early exit conditions 213 xsa213-4.7.patch multicall: deal with early exit conditions 213 xsa213-4.8.patch multicall: deal with early exit conditions 214 xsa214.patch x86: discard type information when stealing pages 215 xsa215.patch x86: correct create_bounce_frame 216 xsa216-linux-2.6.18-xen.patch blkback/blktap: don't leak stack data via response ring 216 xsa216-linux-4.4.patch xen-blkback: don't leak stack data via response ring 216 xsa216-linux-4.11.patch xen-blkback: don't leak stack data via response ring 216 xsa216-qemuu.patch xen/disk: don't leak stack data via response ring 216 xsa216-qemuu-4.5.patch xen/disk: don't leak stack data via response ring 216 xsa216-qemuu-4.7.patch xen/disk: don't leak stack data via response ring 217 xsa217.patch x86/mm: disallow page stealing from HVM domains 217 xsa217-4.5.patch x86/mm: disallow page stealing from HVM domains 218 xsa218-unstable/0001-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-unstable/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-unstable/0003-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.5/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.5/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.5/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.5/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.6/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.6/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.6/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.6/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.7/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.7/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.7/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.7/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.8/0001-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.8/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.8/0003-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 219 xsa219.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.5.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.6.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.8.patch x86/shadow: Hold references for the duration of emulated writes 220 xsa220.patch x86: avoid leaking PKRU and BND* between vCPU-s 220 xsa220-4.5.patch x86: avoid leaking BND* between vCPU-s 220 xsa220-4.6.patch x86: avoid leaking BND* between vCPU-s 220 xsa220-4.7.patch x86: avoid leaking PKRU and BND* between vCPU-s 220 xsa220-4.8.patch x86: avoid leaking PKRU and BND* between vCPU-s 221 xsa221.patch evtchn: avoid NULL derefs 222 xsa222-1.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-1-4.6.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-1-4.7.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-2.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.5.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.6.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.7.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.8.patch guest_physmap_remove_page() needs its return value checked 223 xsa223.patch arm: vgic: Don't update the LR when the IRQ is not enabled 224 xsa224-unstable/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-unstable/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-unstable/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-unstable/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.5/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.5/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.5/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.5/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.6/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.6/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.6/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.6/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.7/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.7/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.7/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.7/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.8/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.8/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.8/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.8/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 225 xsa225.patch xen/arm: vgic: Sanitize target mask used to send SGI [-- Attachment #3: Type: text/plain, Size: 127 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-18 11:21 ` Lars Kurth @ 2017-07-18 13:53 ` Wei Liu 2017-07-18 13:59 ` Lars Kurth 2017-07-18 17:43 ` Lars Kurth 0 siblings, 2 replies; 12+ messages in thread From: Wei Liu @ 2017-07-18 13:53 UTC (permalink / raw) To: Lars Kurth Cc: xen-devel, Stefano Stabellini, Wei Liu, Jan Beulich, Ian Jackson On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote: > Wei, > I attached the list output from xsa-list-send starting from 206 > If you look at > https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-481 > .html, you may want to start using from 213+ [$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225 Can't locate Text/Diff.pm in @INC (you may need to install the Text::Diff module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at ./match-xsa line 14. BEGIN failed--compilation aborted at ./match-xsa line 14. Would be useful to give a list of perl modules required. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-18 13:53 ` Wei Liu @ 2017-07-18 13:59 ` Lars Kurth 2017-07-18 17:43 ` Lars Kurth 1 sibling, 0 replies; 12+ messages in thread From: Lars Kurth @ 2017-07-18 13:59 UTC (permalink / raw) To: Wei Liu; +Cc: xen-devel, Stefano Stabellini, Jan Beulich, Ian Jackson On 18/07/2017, 14:53, "Wei Liu" <wei.liu2@citrix.com> wrote: >On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote: >> Wei, >> I attached the list output from xsa-list-send starting from 206 >> If you look at >> >>https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-4 >>81 >> .html, you may want to start using from 213+ > >[$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225 >Can't locate Text/Diff.pm in @INC (you may need to install the >Text::Diff module) (@INC contains: /etc/perl >/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 >/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 >/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 >/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at >./match-xsa line 14. >BEGIN failed--compilation aborted at ./match-xsa line 14. > >Would be useful to give a list of perl modules required. These are at the top of the file: Getopt::Long qw(GetOptions), Cwd, File::Slurp, Text::Diff, File::Spec; Text::Diff may be obsolete - I used the diff function and then removed it later because system ('diff ...') worked better for me. I can check and remove the "use" Lars > _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-18 13:53 ` Wei Liu 2017-07-18 13:59 ` Lars Kurth @ 2017-07-18 17:43 ` Lars Kurth 2017-07-27 18:34 ` Lars Kurth 1 sibling, 1 reply; 12+ messages in thread From: Lars Kurth @ 2017-07-18 17:43 UTC (permalink / raw) To: Wei Liu, Jan Beulich; +Cc: xen-devel, Stefano Stabellini, Ian Jackson [-- Attachment #1: Type: text/plain, Size: 3166 bytes --] Hi all, @Jan: you may want to check the note on XSA-218 and XSA-224 I removed Text::Diff module, which should fix the dependency problem. I also fixed the script such that it will fetch patches from http://xenbits.xenproject.org/xsa if the xsa.git has not been checked out in the location in The script still depends on: Getopt, Cwd, File packages, which I hope are standard. Crude check =========== I first ran the scripts using ./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --getlogs --html > xsamatch.html Which checks name signatures only. Note that https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-481 .html tells us that XSA 212 was applied last. The output shows that XSA-215 has not been applied. Not a problem, because XSA-215 applies to 64-bit Xen versions of 4.6 and earlier only. All the other ones have patches with matching names that have been applied. Detailed check ============== I then ran using ./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html --smart > xsamatchsmart.html which requires that xsa.git is checked out, which has restricted access (security team members only). The output shows some problems, for which I used ./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html --smart --debug > xsamatchsmartdebug.html This then tells me that there are a few real differences between 4.8.2 and the XSA database XSA-218: line 32 in the log shows a real difference: see XSA-218-32.png XSA-224: line 72 in the log shows a real difference: see XSA-224-72a.png & XSA-224-72b.png XSA-222: line 51 in the log shows a real difference: this is a known bug in the tool where the diff file chunks are in a different order Script Improvements =================== I can't use --xsadir https://xenbits.xenproject.org/xsa as I can't read files from a website. I can, fetch the file from https://xenbits.xenproject.org/xsa via the LWP:Simple package, which I don't think is installed on Linux distros by default. Alternatively I could use wget, which may be better. I will play with this and see whether I can add it. Cheers Lars On 18/07/2017, 14:53, "Wei Liu" <wei.liu2@citrix.com> wrote: >On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote: >> Wei, >> I attached the list output from xsa-list-send starting from 206 >> If you look at >> >>https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-4 >>81 >> .html, you may want to start using from 213+ > >[$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225 >Can't locate Text/Diff.pm in @INC (you may need to install the >Text::Diff module) (@INC contains: /etc/perl >/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 >/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 >/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 >/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at >./match-xsa line 14. >BEGIN failed--compilation aborted at ./match-xsa line 14. > >Would be useful to give a list of perl modules required. [-- Attachment #2: xsa-213-225 --] [-- Type: application/octet-stream, Size: 7377 bytes --] 213 xsa213.patch multicall: deal with early exit conditions 213 xsa213-4.5.patch multicall: deal with early exit conditions 213 xsa213-4.6.patch multicall: deal with early exit conditions 213 xsa213-4.7.patch multicall: deal with early exit conditions 213 xsa213-4.8.patch multicall: deal with early exit conditions 214 xsa214.patch x86: discard type information when stealing pages 215 xsa215.patch x86: correct create_bounce_frame 216 xsa216-linux-2.6.18-xen.patch blkback/blktap: don't leak stack data via response ring 216 xsa216-linux-4.4.patch xen-blkback: don't leak stack data via response ring 216 xsa216-linux-4.11.patch xen-blkback: don't leak stack data via response ring 216 xsa216-qemuu.patch xen/disk: don't leak stack data via response ring 216 xsa216-qemuu-4.5.patch xen/disk: don't leak stack data via response ring 216 xsa216-qemuu-4.7.patch xen/disk: don't leak stack data via response ring 217 xsa217.patch x86/mm: disallow page stealing from HVM domains 217 xsa217-4.5.patch x86/mm: disallow page stealing from HVM domains 218 xsa218-unstable/0001-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-unstable/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-unstable/0003-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.5/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.5/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.5/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.5/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.6/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.6/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.6/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.6/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.7/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures.patch IOMMU: handle IOMMU mapping and unmapping failures 218 xsa218-4.7/0002-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.7/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.7/0004-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 218 xsa218-4.8/0001-gnttab-fix-unmap-pin-accounting-race.patch gnttab: fix unmap pin accounting race 218 xsa218-4.8/0002-gnttab-Avoid-potential-double-put-of-maptrack-entry.patch gnttab: Avoid potential double-put of maptrack entry 218 xsa218-4.8/0003-gnttab-correct-maptrack-table-accesses.patch gnttab: correct maptrack table accesses 219 xsa219.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.5.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.6.patch x86/shadow: Hold references for the duration of emulated writes 219 xsa219-4.8.patch x86/shadow: Hold references for the duration of emulated writes 220 xsa220.patch x86: avoid leaking PKRU and BND* between vCPU-s 220 xsa220-4.5.patch x86: avoid leaking BND* between vCPU-s 220 xsa220-4.6.patch x86: avoid leaking BND* between vCPU-s 220 xsa220-4.7.patch x86: avoid leaking PKRU and BND* between vCPU-s 220 xsa220-4.8.patch x86: avoid leaking PKRU and BND* between vCPU-s 221 xsa221.patch evtchn: avoid NULL derefs 222 xsa222-1.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-1-4.6.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-1-4.7.patch xen/memory: Fix return value handing of guest_remove_page() 222 xsa222-2.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.5.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.6.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.7.patch guest_physmap_remove_page() needs its return value checked 222 xsa222-2-4.8.patch guest_physmap_remove_page() needs its return value checked 223 xsa223.patch arm: vgic: Don't update the LR when the IRQ is not enabled 224 xsa224-unstable/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-unstable/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-unstable/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-unstable/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.5/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.5/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.5/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.5/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.6/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.6/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.6/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.6/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.7/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.7/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.7/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.7/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 224 xsa224-4.8/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap.patch gnttab: Fix handling of dev_bus_addr during unmap 224 xsa224-4.8/0002-gnttab-never-create-host-mapping-unless-asked-to.patch gnttab: never create host mapping unless asked to 224 xsa224-4.8/0003-gnttab-correct-logic-to-get-page-references-during-m.patch gnttab: correct logic to get page references during map requests 224 xsa224-4.8/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth.patch gnttab: __gnttab_unmap_common_complete() is all-or-nothing 225 xsa225.patch xen/arm: vgic: Sanitize target mask used to send SGI [-- Attachment #3: xsamatch.html --] [-- Type: text/html, Size: 22344 bytes --] [-- Attachment #4: xsamatchsmart.html --] [-- Type: text/html, Size: 22364 bytes --] [-- Attachment #5: XSA-218-32.png --] [-- Type: image/png, Size: 395173 bytes --] [-- Attachment #6: XSA-224-72a.png --] [-- Type: image/png, Size: 372529 bytes --] [-- Attachment #7: XSA-224-72b.png --] [-- Type: image/png, Size: 251588 bytes --] [-- Attachment #8: Type: text/plain, Size: 127 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-18 17:43 ` Lars Kurth @ 2017-07-27 18:34 ` Lars Kurth 2017-08-17 14:37 ` Lars Kurth 0 siblings, 1 reply; 12+ messages in thread From: Lars Kurth @ 2017-07-27 18:34 UTC (permalink / raw) To: Wei Liu, Jan Beulich; +Cc: xen-devel, Stefano Stabellini, Ian Jackson Quick info/update: > XSA-222: line 51 in the log shows a real difference: this is a known bug > in the tool where the diff file chunks are in a different order This is now fixed in the last version of the scripts and the script correctly handles this case Lars On 18/07/2017, 18:43, "Lars Kurth" <lars.kurth@citrix.com> wrote: >Hi all, > >@Jan: you may want to check the note on XSA-218 and XSA-224 > >I removed Text::Diff module, which should fix the dependency problem. > >I also fixed the script such that it will fetch patches from >http://xenbits.xenproject.org/xsa if the xsa.git has not been checked out >in the location in > >The script still depends on: Getopt, Cwd, File packages, which I hope are >standard. > >Crude check >=========== >I first ran the scripts using > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --getlogs >--html > xsamatch.html > >Which checks name signatures only. >Note that >https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-48 >1 >.html tells us that XSA 212 was applied last. > >The output shows that XSA-215 has not been applied. Not a problem, because >XSA-215 applies to 64-bit Xen versions of 4.6 and earlier only. > >All the other ones have patches with matching names that have been >applied. > >Detailed check >============== >I then ran using > > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html >--smart > xsamatchsmart.html > > >which requires that xsa.git is checked out, which has restricted access >(security team members only). > >The output shows some problems, for which I used > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html >--smart --debug > xsamatchsmartdebug.html > > >This then tells me that there are a few real differences between 4.8.2 and >the XSA database > >XSA-218: line 32 in the log shows a real difference: see XSA-218-32.png >XSA-224: line 72 in the log shows a real difference: see XSA-224-72a.png & >XSA-224-72b.png > > >XSA-222: line 51 in the log shows a real difference: this is a known bug >in the tool where the diff file chunks are in a different order > >Script Improvements >=================== >I can't use --xsadir https://xenbits.xenproject.org/xsa as I can't read >files from a website. I can, fetch the file from >https://xenbits.xenproject.org/xsa via the LWP:Simple package, which I >don't think is installed on Linux distros by default. Alternatively I >could use wget, which may be better. > > >I will play with this and see whether I can add it. > >Cheers >Lars > > >On 18/07/2017, 14:53, "Wei Liu" <wei.liu2@citrix.com> wrote: > >>On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote: >>> Wei, >>> I attached the list output from xsa-list-send starting from 206 >>> If you look at >>> >>>https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen- >>>4 >>>81 >>> .html, you may want to start using from 213+ >> >>[$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225 >>Can't locate Text/Diff.pm in @INC (you may need to install the >>Text::Diff module) (@INC contains: /etc/perl >>/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 >>/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 >>/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 >>/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at >>./match-xsa line 14. >>BEGIN failed--compilation aborted at ./match-xsa line 14. >> >>Would be useful to give a list of perl modules required. > _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-07-27 18:34 ` Lars Kurth @ 2017-08-17 14:37 ` Lars Kurth 2017-08-17 14:57 ` Jan Beulich 0 siblings, 1 reply; 12+ messages in thread From: Lars Kurth @ 2017-08-17 14:37 UTC (permalink / raw) To: Wei Liu, Jan Beulich; +Cc: xen-devel, Stefano Stabellini, Ian Jackson Jan, it’s been a while. Did you want to pick this up at some point again? I guess the check we have done so far is by now out-of-date. Not sure whether anyone tagged anything It would also be a good opportunity for you guys to test run my script (Wei ran it and it worked fine, but he didn’t comb through any results) Lars On 27/07/2017, 19:34, "Lars Kurth" <lars.kurth@citrix.com> wrote: Quick info/update: > XSA-222: line 51 in the log shows a real difference: this is a known bug > in the tool where the diff file chunks are in a different order This is now fixed in the last version of the scripts and the script correctly handles this case Lars On 18/07/2017, 18:43, "Lars Kurth" <lars.kurth@citrix.com> wrote: >Hi all, > >@Jan: you may want to check the note on XSA-218 and XSA-224 > >I removed Text::Diff module, which should fix the dependency problem. > >I also fixed the script such that it will fetch patches from >http://xenbits.xenproject.org/xsa if the xsa.git has not been checked out >in the location in > >The script still depends on: Getopt, Cwd, File packages, which I hope are >standard. > >Crude check >=========== >I first ran the scripts using > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --getlogs >--html > xsamatch.html > >Which checks name signatures only. >Note that >https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen-48 >1 >.html tells us that XSA 212 was applied last. > >The output shows that XSA-215 has not been applied. Not a problem, because >XSA-215 applies to 64-bit Xen versions of 4.6 and earlier only. > >All the other ones have patches with matching names that have been >applied. > >Detailed check >============== >I then ran using > > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html >--smart > xsamatchsmart.html > > >which requires that xsa.git is checked out, which has restricted access >(security team members only). > >The output shows some problems, for which I used > >./match-xsa --version 4 --major 8 --since 1 --xsa xsa-213-225 --html >--smart --debug > xsamatchsmartdebug.html > > >This then tells me that there are a few real differences between 4.8.2 and >the XSA database > >XSA-218: line 32 in the log shows a real difference: see XSA-218-32.png >XSA-224: line 72 in the log shows a real difference: see XSA-224-72a.png & >XSA-224-72b.png > > >XSA-222: line 51 in the log shows a real difference: this is a known bug >in the tool where the diff file chunks are in a different order > >Script Improvements >=================== >I can't use --xsadir https://xenbits.xenproject.org/xsa as I can't read >files from a website. I can, fetch the file from >https://xenbits.xenproject.org/xsa via the LWP:Simple package, which I >don't think is installed on Linux distros by default. Alternatively I >could use wget, which may be better. > > >I will play with this and see whether I can add it. > >Cheers >Lars > > >On 18/07/2017, 14:53, "Wei Liu" <wei.liu2@citrix.com> wrote: > >>On Tue, Jul 18, 2017 at 12:21:42PM +0100, Lars Kurth wrote: >>> Wei, >>> I attached the list output from xsa-list-send starting from 206 >>> If you look at >>> >>>https://xenproject.org/downloads/xen-archives/xen-project-48-series/xen- >>>4 >>>81 >>> .html, you may want to start using from 213+ >> >>[$]> ./match-xsa --version 4 --major 8 --since 2 --getlogs --xsa xsa-225 >>Can't locate Text/Diff.pm in @INC (you may need to install the >>Text::Diff module) (@INC contains: /etc/perl >>/usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 >>/usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 >>/usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 >>/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at >>./match-xsa line 14. >>BEGIN failed--compilation aborted at ./match-xsa line 14. >> >>Would be useful to give a list of perl modules required. > _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: preparations for 4.8.2 2017-08-17 14:37 ` Lars Kurth @ 2017-08-17 14:57 ` Jan Beulich 0 siblings, 0 replies; 12+ messages in thread From: Jan Beulich @ 2017-08-17 14:57 UTC (permalink / raw) To: Lars Kurth; +Cc: Ian Jackson, Stefano Stabellini, Wei Liu, xen-devel >>> On 17.08.17 at 16:37, <lars.kurth@citrix.com> wrote: > it’s been a while. Did you want to pick this up at some point again? Yes, once Ian is back from vacation (and has sufficiently recovered from mail and other backlog). > I guess the check we have done so far is by now out-of-date. Yes, with the recent XSAs and in particular with 226 not having had its patches pushed right away. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2017-08-17 14:57 UTC | newest] Thread overview: 12+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-07-06 7:17 preparations for 4.8.2 Jan Beulich 2017-07-17 8:01 ` Wei Liu 2017-07-17 8:17 ` Lars Kurth 2017-07-17 10:40 ` Wei Liu 2017-07-17 13:08 ` Lars Kurth 2017-07-18 11:21 ` Lars Kurth 2017-07-18 13:53 ` Wei Liu 2017-07-18 13:59 ` Lars Kurth 2017-07-18 17:43 ` Lars Kurth 2017-07-27 18:34 ` Lars Kurth 2017-08-17 14:37 ` Lars Kurth 2017-08-17 14:57 ` Jan Beulich
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).
![[-- Attachment #5: XSA-218-32.png --] [-- Type: image/png, Size: 395173 bytes --]](../../D593F7B9.390A0%25lars.kurth@citrix.com/5-XSA-218-32.png){kind=link}
![[-- Attachment #6: XSA-224-72a.png --] [-- Type: image/png, Size: 372529 bytes --]](../../D593F7B9.390A0%25lars.kurth@citrix.com/6-XSA-224-72a.png){kind=link}
![[-- Attachment #7: XSA-224-72b.png --] [-- Type: image/png, Size: 251588 bytes --]](../../D593F7B9.390A0%25lars.kurth@citrix.com/7-XSA-224-72b.png){kind=link}