version 4.4.67-13

* qubesos/pr/7:
  Update to 4.4.67, implement more of KSPP's recommended settings, activate Intel preliminary hardware support by default for newer Intel graphic cards.
  Revert XSA 157 commits; empty files accidentally uploaded and is already patched in upstream
  Update to version 4.4.66
  Update to 4.4.65, disable Intel ME driver.
  Update to version 4.4.64, implement most of KSPP's recommended kernel settings (as of Apr 26, 2017)
  Add in relevant XSA 157 security patches
  update to version 4.4.63

Makefile

@@ -34,8 +34,8 @@ endif
 
 all: help
 
-MIRROR := ftp.kernel.org
-SRC_BASEURL := http://${MIRROR}/pub/linux/kernel/v$(shell echo $(VERSION) | sed 's/^\(2\.[0-9]*\).*/\1/;s/^3\..*/3.x/;s/^4\..*/4.x/')
+MIRROR := cdn.kernel.org
+SRC_BASEURL := https://${MIRROR}/pub/linux/kernel/v$(shell echo $(VERSION) | sed 's/^\(2\.[0-9]*\).*/\1/;s/^3\..*/3.x/;s/^4\..*/4.x/')
 SRC_FILE := linux-${VERSION}.tar.xz
 ifeq ($(BUILD_FLAVOR),pvops)
 SIGN_FILE := linux-${VERSION}.tar.sign

Makefile.builder

@@ -1,8 +1,14 @@
 ifeq ($(PACKAGE_SET),dom0)
 RPM_SPEC_FILES := kernel.spec
 else ifeq ($(PACKAGE_SET),vm)
+
 ifdef UPDATE_REPO
+# If DIST_DOM0 defined, copy kernel-devel from there
+ifneq ($(DIST_DOM0),)
 # Include kernel-devel packages in VM repo - dummy spec file
 RPM_SPEC_FILES := kernel-devel.spec
+OUTPUT_DIR = pkgs/$(DIST_DOM0)
 endif
 endif
+
+endif

config

@@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.4.8 Kernel Configuration
+# Linux/x86 4.4.67 Kernel Configuration
 #
 CONFIG_64BIT=y
 CONFIG_X86_64=y
@@ -393,11 +393,7 @@ CONFIG_SMP=y
 CONFIG_X86_FEATURE_NAMES=y
 CONFIG_X86_X2APIC=y
 CONFIG_X86_MPPARSE=y
-CONFIG_X86_EXTENDED_PLATFORM=y
-# CONFIG_X86_NUMACHIP is not set
-# CONFIG_X86_VSMP is not set
-CONFIG_X86_UV=y
-# CONFIG_X86_GOLDFISH is not set
+# CONFIG_X86_EXTENDED_PLATFORM is not set
 CONFIG_X86_INTEL_LPSS=y
 # CONFIG_X86_AMD_PLATFORM_DEVICE is not set
 CONFIG_IOSF_MBI=m
@@ -482,7 +478,6 @@ CONFIG_ARCH_SPARSEMEM_ENABLE=y
 CONFIG_ARCH_SPARSEMEM_DEFAULT=y
 CONFIG_ARCH_SELECT_MEMORY_MODEL=y
 # CONFIG_ARCH_MEMORY_PROBE is not set
-CONFIG_ARCH_PROC_KCORE_TEXT=y
 CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
 CONFIG_SELECT_MEMORY_MODEL=y
 CONFIG_SPARSEMEM_MANUAL=y
@@ -539,7 +534,7 @@ CONFIG_FRAME_VECTOR=y
 CONFIG_X86_PMEM_LEGACY_DEVICE=y
 CONFIG_X86_PMEM_LEGACY=y
 CONFIG_X86_CHECK_BIOS_CORRUPTION=y
-# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set
+CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y
 CONFIG_X86_RESERVE_LOW=64
 CONFIG_MTRR=y
 CONFIG_MTRR_SANITIZER=y
@@ -549,7 +544,7 @@ CONFIG_X86_PAT=y
 CONFIG_ARCH_USES_PG_UNCACHED=y
 CONFIG_ARCH_RANDOM=y
 CONFIG_X86_SMAP=y
-# CONFIG_X86_INTEL_MPX is not set
+CONFIG_X86_INTEL_MPX=y
 CONFIG_EFI=y
 CONFIG_EFI_STUB=y
 # CONFIG_EFI_MIXED is not set
@@ -560,14 +555,16 @@ CONFIG_SECCOMP=y
 CONFIG_HZ_1000=y
 CONFIG_HZ=1000
 CONFIG_SCHED_HRTICK=y
-CONFIG_KEXEC=y
+# CONFIG_KEXEC is not set
 CONFIG_KEXEC_FILE=y
 CONFIG_KEXEC_VERIFY_SIG=y
 CONFIG_KEXEC_BZIMAGE_VERIFY_SIG=y
 CONFIG_CRASH_DUMP=y
 CONFIG_PHYSICAL_START=0x1000000
 CONFIG_RELOCATABLE=y
-# CONFIG_RANDOMIZE_BASE is not set
+CONFIG_RANDOMIZE_BASE=y
+CONFIG_RANDOMIZE_BASE_MAX_OFFSET=0x40000000
+CONFIG_X86_NEED_RELOCS=y
 CONFIG_PHYSICAL_ALIGN=0x1000000
 CONFIG_HOTPLUG_CPU=y
 # CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set
@@ -638,7 +635,7 @@ CONFIG_ACPI_HOTPLUG_MEMORY=y
 CONFIG_ACPI_HOTPLUG_IOAPIC=y
 CONFIG_ACPI_SBS=m
 CONFIG_ACPI_HED=y
-CONFIG_ACPI_CUSTOM_METHOD=m
+# CONFIG_ACPI_CUSTOM_METHOD is not set
 CONFIG_ACPI_BGRT=y
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 CONFIG_ACPI_NFIT=m
@@ -714,7 +711,6 @@ CONFIG_PCI_MMCONFIG=y
 CONFIG_PCI_XEN=y
 CONFIG_PCI_DOMAINS=y
 CONFIG_PCIEPORTBUS=y
-# CONFIG_HOTPLUG_PCI_PCIE is not set
 CONFIG_PCIEAER=y
 CONFIG_PCIE_ECRC=y
 CONFIG_PCIEAER_INJECT=m
@@ -1387,7 +1383,6 @@ CONFIG_OPENVSWITCH_VXLAN=m
 CONFIG_OPENVSWITCH_GENEVE=m
 CONFIG_VSOCKETS=m
 CONFIG_VMWARE_VMCI_VSOCKETS=m
-CONFIG_NETLINK_MMAP=y
 CONFIG_NETLINK_DIAG=m
 CONFIG_MPLS=y
 CONFIG_NET_MPLS_GSO=m
@@ -1638,17 +1633,14 @@ CONFIG_NFC_SHDLC=y
 #
 CONFIG_NFC_PN533=m
 # CONFIG_NFC_WILINK is not set
-CONFIG_NFC_MEI_PHY=m
 CONFIG_NFC_SIM=m
 CONFIG_NFC_PORT100=m
 CONFIG_NFC_FDP=m
 CONFIG_NFC_FDP_I2C=m
 CONFIG_NFC_PN544=m
 CONFIG_NFC_PN544_I2C=m
-CONFIG_NFC_PN544_MEI=m
 CONFIG_NFC_MICROREAD=m
 CONFIG_NFC_MICROREAD_I2C=m
-CONFIG_NFC_MICROREAD_MEI=m
 CONFIG_NFC_MRVL=m
 CONFIG_NFC_MRVL_USB=m
 CONFIG_NFC_MRVL_UART=m
@@ -1844,10 +1836,7 @@ CONFIG_TIFM_CORE=m
 CONFIG_TIFM_7XX1=m
 CONFIG_ICS932S401=m
 CONFIG_ENCLOSURE_SERVICES=m
-CONFIG_SGI_XP=m
 CONFIG_HP_ILO=m
-CONFIG_SGI_GRU=m
-# CONFIG_SGI_GRU_DEBUG is not set
 CONFIG_APDS9802ALS=m
 CONFIG_ISL29003=m
 CONFIG_ISL29020=m
@@ -1885,9 +1874,9 @@ CONFIG_SENSORS_LIS3_I2C=m
 # Altera FPGA firmware download module
 #
 CONFIG_ALTERA_STAPL=m
-CONFIG_INTEL_MEI=m
-CONFIG_INTEL_MEI_ME=m
-CONFIG_INTEL_MEI_TXE=m
+# CONFIG_INTEL_MEI is not set
+# CONFIG_INTEL_MEI_ME is not set
+# CONFIG_INTEL_MEI_TXE is not set
 CONFIG_VMWARE_VMCI=m
 
 #
@@ -3054,6 +3043,7 @@ CONFIG_KEYBOARD_XTKBD=m
 CONFIG_INPUT_MOUSE=y
 CONFIG_MOUSE_PS2=m
 CONFIG_MOUSE_PS2_ALPS=y
+CONFIG_MOUSE_PS2_BYD=y
 CONFIG_MOUSE_PS2_LOGIPS2PP=y
 CONFIG_MOUSE_PS2_SYNAPTICS=y
 CONFIG_MOUSE_PS2_CYPRESS=y
@@ -3064,7 +3054,6 @@ CONFIG_MOUSE_PS2_SENTELIC=y
 # CONFIG_MOUSE_PS2_TOUCHKIT is not set
 CONFIG_MOUSE_PS2_FOCALTECH=y
 # CONFIG_MOUSE_PS2_VMMOUSE is not set
-CONFIG_MOUSE_PS2_BYD=y
 CONFIG_MOUSE_SERIAL=m
 CONFIG_MOUSE_APPLETOUCH=m
 CONFIG_MOUSE_BCM5974=m
@@ -3352,7 +3341,6 @@ CONFIG_MAX_RAW_DEVS=8192
 CONFIG_HPET=y
 # CONFIG_HPET_MMAP is not set
 CONFIG_HANGCHECK_TIMER=m
-CONFIG_UV_MMTIMER=m
 CONFIG_TCG_TPM=m
 CONFIG_TCG_TIS=m
 CONFIG_TCG_TIS_I2C_ATMEL=m
@@ -4625,7 +4613,7 @@ CONFIG_NOUVEAU_DEBUG_DEFAULT=3
 CONFIG_DRM_NOUVEAU_BACKLIGHT=y
 # CONFIG_DRM_I810 is not set
 CONFIG_DRM_I915=m
-# CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT is not set
+CONFIG_DRM_I915_PRELIMINARY_HW_SUPPORT=y
 # CONFIG_DRM_MGA is not set
 # CONFIG_DRM_SIS is not set
 CONFIG_DRM_VIA=m
@@ -4634,7 +4622,7 @@ CONFIG_DRM_VGEM=m
 CONFIG_DRM_VMWGFX=m
 CONFIG_DRM_VMWGFX_FBCON=y
 CONFIG_DRM_GMA500=m
-# CONFIG_DRM_GMA600 is not set
+CONFIG_DRM_GMA600=y
 CONFIG_DRM_GMA3600=y
 CONFIG_DRM_UDL=m
 CONFIG_DRM_AST=m
@@ -6446,13 +6434,15 @@ CONFIG_MSDOS_FS=m
 CONFIG_VFAT_FS=m
 CONFIG_FAT_DEFAULT_CODEPAGE=437
 CONFIG_FAT_DEFAULT_IOCHARSET="ascii"
-# CONFIG_NTFS_FS is not set
+CONFIG_NTFS_FS=m
+# CONFIG_NTFS_DEBUG is not set
+CONFIG_NTFS_RW=y
 
 #
 # Pseudo filesystems
 #
 CONFIG_PROC_FS=y
-CONFIG_PROC_KCORE=y
+# CONFIG_PROC_KCORE is not set
 CONFIG_PROC_VMCORE=y
 CONFIG_PROC_SYSCTL=y
 CONFIG_PROC_PAGE_MONITOR=y
@@ -6717,9 +6707,9 @@ CONFIG_BOOTPARAM_HARDLOCKUP_PANIC_VALUE=0
 # CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC is not set
 CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0
 # CONFIG_DETECT_HUNG_TASK is not set
-# CONFIG_PANIC_ON_OOPS is not set
-CONFIG_PANIC_ON_OOPS_VALUE=0
-CONFIG_PANIC_TIMEOUT=0
+CONFIG_PANIC_ON_OOPS=y
+CONFIG_PANIC_ON_OOPS_VALUE=1
+CONFIG_PANIC_TIMEOUT=-1
 CONFIG_SCHED_DEBUG=y
 CONFIG_SCHED_INFO=y
 CONFIG_SCHEDSTATS=y
@@ -6745,9 +6735,9 @@ CONFIG_STACKTRACE=y
 CONFIG_DEBUG_BUGVERBOSE=y
 CONFIG_DEBUG_LIST=y
 # CONFIG_DEBUG_PI_LIST is not set
-# CONFIG_DEBUG_SG is not set
-# CONFIG_DEBUG_NOTIFIERS is not set
-# CONFIG_DEBUG_CREDENTIALS is not set
+CONFIG_DEBUG_SG=y
+CONFIG_DEBUG_NOTIFIERS=y
+CONFIG_DEBUG_CREDENTIALS=y
 
 #
 # RCU Debugging
@@ -6920,7 +6910,7 @@ CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
 CONFIG_SECURITY_APPARMOR=y
 CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0
 CONFIG_SECURITY_APPARMOR_HASH=y
-# CONFIG_SECURITY_YAMA is not set
+CONFIG_SECURITY_YAMA=y
 # CONFIG_INTEGRITY is not set
 # CONFIG_DEFAULT_SECURITY_SELINUX is not set
 # CONFIG_DEFAULT_SECURITY_APPARMOR is not set

patches.xen/xsa216-linux-4.4.patch

@@ -0,0 +1,111 @@
+xen-blkback: don't leak stack data via response ring
+
+Rather than constructing a local structure instance on the stack, fill
+the fields directly on the shared ring, just like other backends do.
+Build on the fact that all response structure flavors are actually
+identical (the old code did make this assumption too).
+
+This is XSA-216.
+
+Signed-off-by: Jan Beulich <jbeulich@suse.com>
+Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+
+--- a/drivers/block/xen-blkback/blkback.c
++++ b/drivers/block/xen-blkback/blkback.c
+@@ -1410,33 +1410,34 @@ static int dispatch_rw_block_io(struct x
+ static void make_response(struct xen_blkif *blkif, u64 id,
+ 			  unsigned short op, int st)
+ {
+-	struct blkif_response  resp;
++	struct blkif_response *resp;
+ 	unsigned long     flags;
+ 	union blkif_back_rings *blk_rings = &blkif->blk_rings;
+ 	int notify;
+ 
+-	resp.id        = id;
+-	resp.operation = op;
+-	resp.status    = st;
+-
+ 	spin_lock_irqsave(&blkif->blk_ring_lock, flags);
+ 	/* Place on the response ring for the relevant domain. */
+ 	switch (blkif->blk_protocol) {
+ 	case BLKIF_PROTOCOL_NATIVE:
+-		memcpy(RING_GET_RESPONSE(&blk_rings->native, blk_rings->native.rsp_prod_pvt),
+-		       &resp, sizeof(resp));
++		resp = RING_GET_RESPONSE(&blk_rings->native,
++					 blk_rings->native.rsp_prod_pvt);
+ 		break;
+ 	case BLKIF_PROTOCOL_X86_32:
+-		memcpy(RING_GET_RESPONSE(&blk_rings->x86_32, blk_rings->x86_32.rsp_prod_pvt),
+-		       &resp, sizeof(resp));
++		resp = RING_GET_RESPONSE(&blk_rings->x86_32,
++					 blk_rings->x86_32.rsp_prod_pvt);
+ 		break;
+ 	case BLKIF_PROTOCOL_X86_64:
+-		memcpy(RING_GET_RESPONSE(&blk_rings->x86_64, blk_rings->x86_64.rsp_prod_pvt),
+-		       &resp, sizeof(resp));
++		resp = RING_GET_RESPONSE(&blk_rings->x86_64,
++					 blk_rings->x86_64.rsp_prod_pvt);
+ 		break;
+ 	default:
+ 		BUG();
+ 	}
++
++	resp->id        = id;
++	resp->operation = op;
++	resp->status    = st;
++
+ 	blk_rings->common.rsp_prod_pvt++;
+ 	RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blk_rings->common, notify);
+ 	spin_unlock_irqrestore(&blkif->blk_ring_lock, flags);
+--- a/drivers/block/xen-blkback/common.h
++++ b/drivers/block/xen-blkback/common.h
+@@ -74,9 +74,8 @@ extern unsigned int xen_blkif_max_ring_o
+ struct blkif_common_request {
+ 	char dummy;
+ };
+-struct blkif_common_response {
+-	char dummy;
+-};
++
++/* i386 protocol version */
+ 
+ struct blkif_x86_32_request_rw {
+ 	uint8_t        nr_segments;  /* number of segments                   */
+@@ -128,14 +127,6 @@ struct blkif_x86_32_request {
+ 	} u;
+ } __attribute__((__packed__));
+ 
+-/* i386 protocol version */
+-#pragma pack(push, 4)
+-struct blkif_x86_32_response {
+-	uint64_t        id;              /* copied from request */
+-	uint8_t         operation;       /* copied from request */
+-	int16_t         status;          /* BLKIF_RSP_???       */
+-};
+-#pragma pack(pop)
+ /* x86_64 protocol version */
+ 
+ struct blkif_x86_64_request_rw {
+@@ -192,18 +183,12 @@ struct blkif_x86_64_request {
+ 	} u;
+ } __attribute__((__packed__));
+ 
+-struct blkif_x86_64_response {
+-	uint64_t       __attribute__((__aligned__(8))) id;
+-	uint8_t         operation;       /* copied from request */
+-	int16_t         status;          /* BLKIF_RSP_???       */
+-};
+-
+ DEFINE_RING_TYPES(blkif_common, struct blkif_common_request,
+-		  struct blkif_common_response);
++		  struct blkif_response);
+ DEFINE_RING_TYPES(blkif_x86_32, struct blkif_x86_32_request,
+-		  struct blkif_x86_32_response);
++		  struct blkif_response __packed);
+ DEFINE_RING_TYPES(blkif_x86_64, struct blkif_x86_64_request,
+-		  struct blkif_x86_64_response);
++		  struct blkif_response);
+ 
+ union blkif_back_rings {
+ 	struct blkif_back_ring        native;

rel

@@ -1 +1 @@
-11
+13

series.conf

@@ -28,6 +28,7 @@ patches.xen/xsa155-linux44-0010-xen-netfront-do-not-use-data-already-exposed-to-
 patches.xen/xsa155-linux-0011-xen-netfront-add-range-check-for-Tx-response-id.patch
 patches.xen/xsa155-linux312-0012-xen-blkfront-make-local-copy-of-response-before-usin.patch
 patches.xen/xsa155-linux44-0013-xen-blkfront-prepare-request-locally-only-then-put-i.patch
+patches.xen/xsa216-linux-4.4.patch
 
 # MSI-X enabled device passthrough fix (#1734)
 patches.xen/0003-xen-pcifront-Report-the-errors-better.patch

version

@@ -1 +1 @@
-4.4.31
+4.4.67