Bug#687731: marked as done (Stable update for xen)
Your message dated Sat, 19 Jan 2013 15:17:32 +0100 with message-id <20130119141732.gk5...@radis.cristau.org> and subject line Re: Bug#687731: Stable update for xen has caused the Debian Bug report #687731, regarding Stable update for xen to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 687731: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687731 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu squeeze Control: submitter -1 Bastian Blank On Sat, 2012-06-30 at 13:24 +0200, Julien Cristau wrote: > On Thu, Jun 14, 2012 at 21:09:48 +0200, Bastian Blank wrote: > > > On Thu, Jun 14, 2012 at 07:55:21PM +0100, Adam D. Barratt wrote: > > > On Thu, 2012-06-14 at 20:51 +0200, Bastian Blank wrote: > > > > I'd like to fix an boot error of Xen on several newer machines in > > > > stable. > > > I'm assuming this is fixed in at least unstable already, given the dates > > > of the commits referenced in the bug report? > > > > It is included in 4.1.0. > > > > > Please could we have a full source debdiff for the proposed package, > > > against the package currently in stable? > > > > Sure. > > > This should probably be rebased on top of -5.2. Filing as a bug to improve the chances of it not getting missed (again). Regards, Adam --- End Message --- --- Begin Message --- On Sat, Sep 15, 2012 at 14:35:44 +0100, Adam D. Barratt wrote: > Filing as a bug to improve the chances of it not getting missed (again). > 14:09 < jcristau> should #687731 be closed? 14:18 < adsb> if no-one cares about it getting fixed, maybe. istr the diff not really being reviewable 14:28 < jcristau> aiui waldi doesn't... 15:15 < waldi> jcristau: no, i don't. i stopped careing after the security debacle Closing. Cheers, Julien signature.asc Description: Digital signature --- End Message ---
Processed: Re: Stable update for xen
Processing control commands: > submitter -1 Bastian Blank Bug #687731 [release.debian.org] Stable update for xen Changed Bug submitter to 'Bastian Blank ' from '"Adam D. Barratt" ' -- 687731: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687731 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b.134771623827904.transcr...@bugs.debian.org
Bug#687731: Stable update for xen
Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu squeeze Control: submitter -1 Bastian Blank On Sat, 2012-06-30 at 13:24 +0200, Julien Cristau wrote: > On Thu, Jun 14, 2012 at 21:09:48 +0200, Bastian Blank wrote: > > > On Thu, Jun 14, 2012 at 07:55:21PM +0100, Adam D. Barratt wrote: > > > On Thu, 2012-06-14 at 20:51 +0200, Bastian Blank wrote: > > > > I'd like to fix an boot error of Xen on several newer machines in > > > > stable. > > > I'm assuming this is fixed in at least unstable already, given the dates > > > of the commits referenced in the bug report? > > > > It is included in 4.1.0. > > > > > Please could we have a full source debdiff for the proposed package, > > > against the package currently in stable? > > > > Sure. > > > This should probably be rebased on top of -5.2. Filing as a bug to improve the chances of it not getting missed (again). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1347716144.28617.51.ca...@jacala.jungle.funky-badger.org
Re: Stable update for xen
On Thu, Jun 14, 2012 at 21:09:48 +0200, Bastian Blank wrote: > On Thu, Jun 14, 2012 at 07:55:21PM +0100, Adam D. Barratt wrote: > > On Thu, 2012-06-14 at 20:51 +0200, Bastian Blank wrote: > > > I'd like to fix an boot error of Xen on several newer machines in > > > stable. > > I'm assuming this is fixed in at least unstable already, given the dates > > of the commits referenced in the bug report? > > It is included in 4.1.0. > > > Please could we have a full source debdiff for the proposed package, > > against the package currently in stable? > > Sure. > This should probably be rebased on top of -5.2. Cheers, Julien signature.asc Description: Digital signature
Re: Stable update for xen
On Thu, Jun 14, 2012 at 07:55:21PM +0100, Adam D. Barratt wrote: > On Thu, 2012-06-14 at 20:51 +0200, Bastian Blank wrote: > > I'd like to fix an boot error of Xen on several newer machines in > > stable. > I'm assuming this is fixed in at least unstable already, given the dates > of the commits referenced in the bug report? It is included in 4.1.0. > Please could we have a full source debdiff for the proposed package, > against the package currently in stable? Sure. Bastian -- The idea of male and female are universal constants. -- Kirk, "Metamorphosis", stardate 3219.8 diff -Nru xen-4.0.1/debian/changelog xen-4.0.1/debian/changelog --- xen-4.0.1/debian/changelog 2011-06-09 20:35:07.0 +0200 +++ xen-4.0.1/debian/changelog 2012-06-14 20:27:57.0 +0200 @@ -1,3 +1,23 @@ +xen (4.0.1-6) UNRELEASED; urgency=low + + [ Ian Campbell ] + * Backport fix to remove lowmem 1:1 mapping that fixes boot on some +classes of machines. (Closes: #649923) + + -- Bastian Blank Thu, 14 Jun 2012 20:27:03 +0200 + +xen (4.0.1-5) stable-security; urgency=low + + * Fix privilege escalation and syscall/sysenter DoS while using +non-canonical addresses by untrusted PV guests. +CVE-2012-0217 +CVE-2012-0218 + * Disable Xen on CPUs affected by AMD Erratum #121. PV guests can +cause a DoS of the host. +CVE-2012-2934 + + -- Bastian Blank Mon, 11 Jun 2012 18:12:37 + + xen (4.0.1-4) stable-security; urgency=low * Fix overflows and missing error checks in PV kernel loader. diff -Nru xen-4.0.1/debian/control.md5sum xen-4.0.1/debian/control.md5sum --- xen-4.0.1/debian/control.md5sum 2011-06-09 20:36:05.0 +0200 +++ xen-4.0.1/debian/control.md5sum 2012-06-14 20:31:20.0 +0200 @@ -1,4 +1,4 @@ -3207088ea024aa07513e3c44b7d3e1af debian/changelog +6a070480a54a79a74d6623a07ff8beb7 debian/changelog 24f2598a23e30264aea4a983d5d19eec debian/bin/gencontrol.py ee1ccd7bf0932a81ca221cab08347614 debian/templates/control.hypervisor.in e4335ab10e217a12328cdf123473ed37 debian/templates/control.main.in diff -Nru xen-4.0.1/debian/patches/CVE-2012-0217+2012-0218 xen-4.0.1/debian/patches/CVE-2012-0217+2012-0218 --- xen-4.0.1/debian/patches/CVE-2012-0217+2012-02181970-01-01 01:00:00.0 +0100 +++ xen-4.0.1/debian/patches/CVE-2012-0217+2012-02182012-06-14 20:24:30.0 +0200 @@ -0,0 +1,96 @@ +diff -r d8fd425b60d3 xen/arch/x86/x86_64/asm-offsets.c +--- a/xen/arch/x86/x86_64/asm-offsets.cTue May 01 14:18:46 2012 +0100 b/xen/arch/x86/x86_64/asm-offsets.cThu May 24 11:18:47 2012 +0100 +@@ -89,6 +89,8 @@ void __dummy__(void) +arch.guest_context.trap_ctxt[TRAP_gp_fault].address); + OFFSET(VCPU_gp_fault_sel, struct vcpu, +arch.guest_context.trap_ctxt[TRAP_gp_fault].cs); ++OFFSET(VCPU_gp_fault_flags, struct vcpu, ++ arch.guest_context.trap_ctxt[TRAP_gp_fault].flags); + OFFSET(VCPU_kernel_sp, struct vcpu, arch.guest_context.kernel_sp); + OFFSET(VCPU_kernel_ss, struct vcpu, arch.guest_context.kernel_ss); + OFFSET(VCPU_guest_context_flags, struct vcpu, arch.guest_context.flags); +diff -r d8fd425b60d3 xen/arch/x86/x86_64/compat/entry.S +--- a/xen/arch/x86/x86_64/compat/entry.S Tue May 01 14:18:46 2012 +0100 b/xen/arch/x86/x86_64/compat/entry.S Thu May 24 11:18:47 2012 +0100 +@@ -227,6 +227,7 @@ 1: call compat_create_bounce_frame + ENTRY(compat_post_handle_exception) + testb $TBF_EXCEPTION,TRAPBOUNCE_flags(%rdx) + jzcompat_test_all_events ++.Lcompat_bounce_exception: + call compat_create_bounce_frame + movb $0,TRAPBOUNCE_flags(%rdx) + jmp compat_test_all_events +@@ -243,14 +244,15 @@ ENTRY(compat_syscall) + 1: movq %rax,TRAPBOUNCE_eip(%rdx) + movw %si,TRAPBOUNCE_cs(%rdx) + movb %cl,TRAPBOUNCE_flags(%rdx) +-call compat_create_bounce_frame +-jmp compat_test_all_events ++jmp .Lcompat_bounce_exception + 2: movl $TRAP_gp_fault,UREGS_entry_vector(%rsp) + subl $2,UREGS_rip(%rsp) + movq VCPU_gp_fault_addr(%rbx),%rax + movzwl VCPU_gp_fault_sel(%rbx),%esi +-movb $(TBF_EXCEPTION|TBF_EXCEPTION_ERRCODE|TBF_INTERRUPT),%cl + movl $0,TRAPBOUNCE_error_code(%rdx) ++testb $4,VCPU_gp_fault_flags(%rbx) ++setnz %cl ++leal TBF_EXCEPTION|TBF_EXCEPTION_ERRCODE(,%rcx,TBF_INTERRUPT),%ecx + jmp 1b + + ENTRY(compat_sysenter) +diff -r d8fd425b60d3 xen/arch/x86/x86_64/entry.S +--- a/xen/arch/x86/x86_64/entry.S Tue May 01 14:18:46 2012 +0100 b/xen/arch/x86/x86_64/entry.S Thu May 24 11:18:47 2012 +0100 +@@ -51,6 +51,13 @@ restore_all_guest: + testw $TRAP_syscall,4(%rsp) + jziret_exit_to_guest + ++/* Don't use SYSRET path if the return address is not canonical. */ ++movq 8(%rsp),%rcx ++sarq $47,%rcx ++incl %ecx ++cmpl $1,%ecx ++
Re: Stable update for xen
On Thu, 2012-06-14 at 20:51 +0200, Bastian Blank wrote: > I'd like to fix an boot error of Xen on several newer machines in > stable. I'm assuming this is fixed in at least unstable already, given the dates of the commits referenced in the bug report? > xen (4.0.1-6) UNRELEASED; urgency=low > > [ Ian Campbell ] > * Backport fix to remove lowmem 1:1 mapping that fixes boot on some > classes of machines. (Closes: #649923) Please could we have a full source debdiff for the proposed package, against the package currently in stable? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1339700121.19699.6.ca...@jacala.jungle.funky-badger.org
Stable update for xen
Hi
I'd like to fix an boot error of Xen on several newer machines in
stable.
xen (4.0.1-6) UNRELEASED; urgency=low
[ Ian Campbell ]
* Backport fix to remove lowmem 1:1 mapping that fixes boot on some
classes of machines. (Closes: #649923)
-- Bastian Blank Thu, 14 Jun 2012 20:27:03 +0200
Bastian
--
Even historians fail to learn from history -- they repeat the same mistakes.
-- John Gill, "Patterns of Force", stardate 2534.7
diff -Nru xen-4.0.1/debian/changelog xen-4.0.1/debian/changelog
--- xen-4.0.1/debian/changelog 2012-06-12 11:37:47.0 +0200
+++ xen-4.0.1/debian/changelog 2012-06-14 20:27:57.0 +0200
@@ -1,3 +1,11 @@
+xen (4.0.1-6) UNRELEASED; urgency=low
+
+ [ Ian Campbell ]
+ * Backport fix to remove lowmem 1:1 mapping that fixes boot on some
+classes of machines. (Closes: #649923)
+
+ -- Bastian Blank Thu, 14 Jun 2012 20:27:03 +0200
+
xen (4.0.1-5) stable-security; urgency=low
* Fix privilege escalation and syscall/sysenter DoS while using
diff -Nru xen-4.0.1/debian/control.md5sum xen-4.0.1/debian/control.md5sum
--- xen-4.0.1/debian/control.md5sum 2012-06-12 11:40:53.0 +0200
+++ xen-4.0.1/debian/control.md5sum 2012-06-14 20:31:20.0 +0200
@@ -1,4 +1,4 @@
-e4419cdb21f9d69ca0ba7c65513b4315 debian/changelog
+6a070480a54a79a74d6623a07ff8beb7 debian/changelog
24f2598a23e30264aea4a983d5d19eec debian/bin/gencontrol.py
ee1ccd7bf0932a81ca221cab08347614 debian/templates/control.hypervisor.in
e4335ab10e217a12328cdf123473ed37 debian/templates/control.main.in
diff -Nru xen-4.0.1/debian/patches/series xen-4.0.1/debian/patches/series
--- xen-4.0.1/debian/patches/series 2012-06-12 10:02:17.0 +0200
+++ xen-4.0.1/debian/patches/series 2012-06-14 20:26:44.0 +0200
@@ -71,5 +71,6 @@
upstream-21461:ee088a0b5cb8-CVE-2011-1166
upstream-21482:c2adc059e931-CVE-2011-1583
upstream-21485:b85a9e58ec3a-CVE-2011-1898
+upstream-22375:426f3a265784
CVE-2012-0217+2012-0218
CVE-2012-2934
diff -Nru xen-4.0.1/debian/patches/upstream-22375:426f3a265784
xen-4.0.1/debian/patches/upstream-22375:426f3a265784
--- xen-4.0.1/debian/patches/upstream-22375:426f3a2657841970-01-01
01:00:00.0 +0100
+++ xen-4.0.1/debian/patches/upstream-22375:426f3a2657842012-06-14
20:26:16.0 +0200
@@ -0,0 +1,1094 @@
+# HG changeset patch
+# User Keir Fraser
+# Date 1289303389 0
+# Node ID 426f3a2657844cec77ce0043b0408b0887fafa41
+# Parent 9997a1418633c92286189b33f701ecbac2a98ccd
+x86: do away with the boot time low-memory 1:1 mapping
+
+By doing so, we're no longer restricted to be able to place all boot
+loader modules into the low 1Gb/4Gb (32-/64-bit) of memory, nor is
+there a dependency anymore on where the boot loader places the
+modules.
+
+We're also no longer restricted to copy the modules into a place below
+4Gb, nor to put them all together into a single piece of memory.
+
+Further it allows even the 32-bit Dom0 kernel to be loaded anywhere in
+physical memory (except if it doesn't support PAE-above-4G).
+
+Signed-off-by: Jan Beulich
+
+Index: xen-4.0.1/xen/arch/x86/boot/Makefile
+===
+--- xen-4.0.1.orig/xen/arch/x86/boot/Makefile 2010-08-29 17:13:22.0
+0200
xen-4.0.1/xen/arch/x86/boot/Makefile 2011-11-25 16:24:33.0
+0100
+@@ -4,6 +4,6 @@
+
+ BOOT_TRAMPOLINE := $(shell sed -n
's,^\#define[[:space:]]\{1\,\}BOOT_TRAMPOLINE[[:space:]]\{1\,\},,p'
$(BASEDIR)/include/asm-x86/config.h)
+ %.S: %.c
+- RELOC=$(BOOT_TRAMPOLINE) XEN_BITSPERLONG=$(patsubst
x86_%,%,$(TARGET_SUBARCH)) $(MAKE) -f build32.mk $@
++ RELOC=$(BOOT_TRAMPOLINE) $(MAKE) -f build32.mk $@
+
+ reloc.S: $(BASEDIR)/include/asm-x86/config.h
+Index: xen-4.0.1/xen/arch/x86/boot/build32.mk
+===
+--- xen-4.0.1.orig/xen/arch/x86/boot/build32.mk2010-08-29
17:13:22.0 +0200
xen-4.0.1/xen/arch/x86/boot/build32.mk 2011-11-25 16:24:33.0
+0100
+@@ -19,6 +19,6 @@
+ $(LD) $(LDFLAGS_DIRECT) -N -Ttext $(RELOC) -o $@ $<
+
+ %.o: %.c
+- $(CC) $(CFLAGS) -DXEN_BITSPERLONG=$(XEN_BITSPERLONG) -c $< -o $@
++ $(CC) $(CFLAGS) -c $< -o $@
+
+ reloc.o: $(BASEDIR)/include/asm-x86/config.h
+Index: xen-4.0.1/xen/arch/x86/boot/head.S
+===
+--- xen-4.0.1.orig/xen/arch/x86/boot/head.S2010-08-29 17:13:22.0
+0200
xen-4.0.1/xen/arch/x86/boot/head.S 2011-11-25 16:24:33.0 +0100
+@@ -110,12 +110,15 @@
+ /* Initialise L2 identity-map and xen page table entries (16MB). */
+ mov $sym_phys(l2_identmap),%edi
+ mov $sym_phys(l2_xenmap),%esi
++mov $sym_phys(l2_bootmap),%edx
+ mov $0x1e3,%eax /* PRESENT+RW+A+D+2MB+GLOBAL */
+ mov $8,%ecx
+ 1: mov %eax,(%edi)
+ add $8,%edi
+
