lp:ubuntu/trusty/xen
- Get this branch:
- bzr branch lp:ubuntu/trusty/xen
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 43. By Stefan Bader
-
* Applying Xen Security Advisories:
- CVE-2013-2194, CVE-2013-2195, CVE-2013-2196 / XSA55
* libelf: abolish libelf-relocate.c
* libxc: introduce xc_dom_seg_to_ ptr_pages
* libxc: Fix range checking in xc_dom_pfn_to_ptr etc.
* libelf: add `struct elf_binary*' parameter to elf_load_image
* libelf: abolish elf_sval and elf_access_signed
* libelf: move include of <asm/guest_access. h> to top of file
* libelf/xc_dom_ load_elf_ symtab: Do not use "syms" uninitialised
* libelf: introduce macros for memory access and pointer handling
* tools/xcutils/readnotes: adjust print_l1_ mfn_valid_ note
* libelf: check nul-terminated strings properly
* libelf: check all pointer accesses
* libelf: Check pointer references in elf_is_elfbinary
* libelf: Make all callers call elf_check_broken
* libelf: use C99 bool for booleans
* libelf: use only unsigned integers
* libelf: check loops for running away
* libelf: abolish obsolete macros
* libxc: Add range checking to xc_dom_binloader
* libxc: check failure of xc_dom_*_to_ptr, xc_map_foreign_ range
* libxc: check return values from malloc
* libxc: range checks in xc_dom_p2m_host and _guest
* libxc: check blob size before proceeding in xc_dom_check_gzip
* libxc: Better range check in xc_dom_alloc_segment
- CVE-XXXX-XXXX / XSA57
* libxl: Restrict permissions on PV console device xenstore nodes - 42. By Stefan Bader
-
* Merge with Debian unstable. Dropping the following patches in favour
of Debian ones:
- xsa33-4.2-unstable. patch
- xsa36-4.2.patch
- xsa44-4.2.patch
- xsa45-4.2-01-vcpu- destroy- pagetables- preemptible. patch
- xsa45-4.2-02-new- guest-cr3- preemptible. patch
- xsa45-4.2-03-new- user-base- preemptible. patch
- xsa45-4.2-04-vcpu- reset-preemptib le.patch
- xsa45-4.2-05-set- info-guest- preemptible. patch
- xsa45-4.2-06-unpin- preemptible. patch
- xsa45-4.2-07-mm- error-paths- preemptible. patch
- xsa46-4.2.patch
- xsa47-4.2-unstable. patch
- xsa49-4.2.patch
* Remaining changes:
- debian/control: Depend on libssl-dev
- Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
This will again use the Ubuntu specific LDFLAGS (using some
hardening options). Older releases would always pass those options
in the environment but that changed.
- Ressurrect qemu-dm for now (upstream qemu would not support
migration, yet). Forward-port some patches from the old Debian
package which still included qemu-dm:
- qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
- qemu-disable-blktap (this is not present in upstream)
- ubuntu-qemu-disable- qemu-upstream (breaks build and also should
be provided by qemu/kvm package)
* Remaining additional patches:
- qemu-cve-2012-6075- 1.patch / qemu-cve- 2012-6075- 2.patch
- xsa34-4.2.patch
- xsa35-4.2-with- xsa34.patch
- xsa38.patch
- xsa52-4.2-unstable. patch
- xsa53-4.2.patch
- xsa54.patch
- xsa56.patch
- qemu-fix-librt-test. patch
Fix build regression caused by glibc not requiring to link against
librt for the clock_gettime function. Patch picked from xen-devel
mailing list.
- tools-gdbsx-fix-build- failure- with-glibc- 2.17.patch
Add direct include to sys/types.h for xg_main.c which likely was
indirectly done before. Needed to get ulong type definition.
- tools-ocaml-fix-build: refresh and reenable (and fix the description
of) this patch. Without it the ocam native libraries (*.cmxa)
build in /build local paths rather than appropriatly versioned
library references.
- APIC Register Virtualization (backported from Xen 4.3)
- 0001-xen-enable- APIC-Register- Virtualization. patch
- 0002-xen-enable- Virtual- interrupt- delivery. patch
- 0003-xen-add-virtual- x2apic- support- for-apicv. patch
- TSC Adjust Support (backported from Xen 4.3)
- 0004-x86-Implement- TSC-adjust- feature- for-HVM- guest.patch
- 0005-x86-Save-restore- TSC-adjust- during- HVM-guest- migrati. patch
- 0006-x86-Expose- TSC-adjust- to-HVM- guest.patch
- Fix FTBS on i386
- 0007-x86-Fix-i386- virtual- apic.patch
- Fix HVM regression when host supports SMEP
- 0008-vmx-Simplify- cr0-update- handling- by-deferring- cr4-ch. patch
- 0009-VMX-disable- SMEP-feature- when-guest- is-in-non- paging. patch
- 0010-VMX-Always- disable- SMEP-when- guest-is- in-non- paging- .patch
- silence-gcc-warnings. patch: Silence gcc warnings.
- gcc48-ftbfs.patch
- gcc48-ftbfs-2.patch - 41. By Marc Deslauriers
-
[ Stefan Bader ]
* Applying Xen Security Advisories:
- CVE-2013-1918 / XSA-45
* x86: make vcpu_destroy_pagetables( ) preemptible
* x86: make new_guest_cr3() preemptible
* x86: make MMUEXT_NEW_USER_ BASEPTR preemptible
* x86: make vcpu_reset() preemptible
* x86: make arch_set_info_guest( ) preemptible
* x86: make page table unpinning preemptible
* x86: make page table handling error paths preemptible
- CVE-2013-1952 / XSA-49
* VT-d: don't permit SVT_NO_VERIFY entries for known device types
- CVE-2013-2076 / XSA-52
* x86/xsave: fix information leak on AMD CPUs
- CVE-2013-2077 / XSA-53
* x86/xsave: recover from faults on XRSTOR
- CVE-2013-2078 / XSA-54
* x86/xsave: properly check guest input to XSETBV
- CVE-2013-2072 / XSA-56
* libxc: limit cpu values when setting vcpu affinity[ Marc Deslauriers ]
* debian/patches/ gcc48-ftbfs. patch: Add -Wno-unused- local-typedefs to
CFLAGS.
* debian/patches/ gcc48-ftbfs- 2.patch: fix memset( &p,0,sizeof( p)) idiom in
several places. - 40. By Stefan Bader
-
* Applying Xen Security Advisories:
- CVE-2013-1917 / XSA-44
x86: clear EFLAGS.NT in SYSENTER entry path
- CVE-2013-1919 / XSA-46
x86: fix various issues with handling guest IRQs
- CVE-2013-1920 / XSA-47
defer event channel bucket pointer store until after XSM checks - 39. By Stefan Bader
-
* Fix FTBS on i386
- 0007-x86-Fix-i386- virtual- apic.patch
* Fix HVM VCPUs getting stuck on boot when host supports SMEP (LP: #1157757)
- 0008-vmx-Simplify- cr0-update- handling- by-deferring- cr4-ch. patch
- 0009-VMX-disable- SMEP-feature- when-guest- is-in-non- paging. patch
- 0010-VMX-Always- disable- SMEP-when- guest-is- in-non- paging- .patch - 38. By Stefan Bader
-
* Backporting support for Intel APIC virtualization (LP: #1160373)
- 0001-xen-enable- APIC-Register- Virtualization. patch
- 0002-xen-enable- Virtual- interrupt- delivery. patch
- 0003-xen-add-virtual- x2apic- support- for-apicv. patch
* Backporting support for Intel TSC adjust (LP: #1160378)
- 0004-x86-Implement- TSC-adjust- feature- for-HVM- guest.patch
- 0005-x86-Save-restore- TSC-adjust- during- HVM-guest- migrati. patch
- 0006-x86-Expose- TSC-adjust- to-HVM- guest.patch - 37. By Stefan Bader
-
* New upstream stable release. Remaining changes:
- Fix to qemu for CVE-2012-6075
- Patches for XSA33-36 and 38
- qemu-fix-librt-test. patch
Fix build regression caused by glibc not requiring to link against
librt for the clock_gettime function. Patch picked from xen-devel
mailing list.
- tools-gdbsx-fix-build- failure- with-glibc- 2.17.patch
Add direct include to sys/types.h for xg_main.c which likely was
indirectly done before. Needed to get ulong type definition.
- tools-ocaml-fix-build: refresh and reenable (and fix the description
of) this patch. Without it the ocam native libraries (*.cmxa)
build in /build local paths rather than appropriatly versioned
library references.
- Use dpkg-buildflags and strip the gcc prefix for getting LDFLAGS.
This will again use the Ubuntu specific LDFLAGS (using some
hardening options). Older releases would always pass those options
in the environment but that changed.
- Ressurrect qemu-dm for now (upstream qemu would not support
migration, yet). Forward-port some patches from the old Debian
package which still included qemu-dm:
- qemu-prefix (modify LDFLAGS to point to lib dir for qemu-dm)
- qemu-disable-blktap (this is not present in upstream)
- ubuntu-qemu-disable- qemu-upstream (breaks build and also should
be provided by qemu/kvm package)
- Build depend on kvm-ipxe (instead of ipxe) as it is smaller and fix
up hvmloader build. kvm-ipxe contains a subset of the rom files from
which the Xen build only uses two to be embedded in the hvmloader.
- debian/patches/ silence- gcc-warnings. patch: Silence gcc warnings. - 36. By Stefan Bader
-
* Applying Xen Security Advisory:
- VT-d: fix interrupt remapping source validation for devices behind
legacy bridges
CVE-2012-5634 / XSA-33
- x86_32: don't allow use of nested HVM
CVE-2013-0151 / XSA-34
- xen: Do not allow guests to enable nested HVM on themselves
CVE-2013-0152 / XSA-35
- ACPI: acpi_table_parse() should return handler's error code
CVE-2013-0153 / XSA-36
- oxenstored incorrect handling of certain Xenbus ring states
CVE-2013-0215 / XSA-38
* Applying qemu security fixes:
- e1000: Discard packets that are too long if !SBP and !LPE
CVE-2012-6075 / XSA-41
- Discard packets longer than 16384 when !SBP to match the hardware
behavior.
CVE-2012-6075 / XSA-41
* qemu-fix-librt-test. patch
Fix build regression caused by glibc not requiring to link against
librt for the clock_gettime function. Patch picked from xen-devel
mailing list.
* tools-gdbsx-fix-build- failure- with-glibc- 2.17.patch
Add direct include to sys/types.h for xg_main.c which likely was
indirectly done before. Needed to get ulong type definition. - 34. By Stefan Bader
-
* Applying Xen Security fixes (LP: #1086875)
- gnttab: fix releasing of memory upon switches between versions
CVE-2012-5510
- hvm: Limit the size of large HVM op batches
CVE-2012-5511
- xen: add missing guest address range checks to XENMEM_exchange handlers
CVE-2012-5513
- xen: fix error handling of guest_physmap_mark_populate_ on_demand( )
CVE-2012-5514
- memop: limit guest specified extent order
CVE-2012-5515
- x86: get_page_from_gfn() must return NULL for invalid GFNs
CVE-2012-5525
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/xen