[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] XSA-254 SP2 for ARM (was Re: [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU)

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxxxxx>
Date: Thu, 18 Jan 2018 12:34:59 +0000
Cc: Lars Kurth <lars.kurth.xen@xxxxxxxxx>, "security@xxxxxxxxxxxxxx" <security@xxxxxxxxxxxxxx>, andre.przywara@xxxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Thu, 18 Jan 2018 12:35:18 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

(+ Security team)

Hi Stefano,

On 17/01/18 21:47, Stefano Stabellini wrote:

On Wed, 17 Jan 2018, Stefano Stabellini wrote:

On Wed, 17 Jan 2018, Lars Kurth wrote:

       Regarding README.source, this is covering file and contain the same 
mention as in the commit message. As this is a single function. Isn't the 
commit message
       enough?


 From a legal viewpoint it is enough.


If that is enough from a legal viewpoint, then it is enough for me.

However, from a legal viewpoint, I thought we needed to explicitly
mention all the original signed-off-bys because Julien is not actually
the copyright holder for that function, hence, we need to add the
signed-off-bys of all the missing copyright holders.


Actually, reading again the Developer’s Certificate of Origin, it
states:

"The contribution is based upon previous work that, to the best of my knowledge, is 
covered under an appropriate open source license and I have the right under that license 
to submit that work with modifications, whether created in whole or in part by me, under 
the same open source license (unless I am permitted to submit under a different license), 
as indicated in the file"

so I think Lars is right. In that case, there is no need to resubmit
this series, I'll commit to staging as is. If tests go well, I'll
backport it to the stable trees.

Thank you! I have created branches with patches backported up to Xen4.8. With minor changes:


   - Xen 4.10: No changes
   - Xen 4.9:
        * minor conflict in some files
        * compilation failure in cpuerrata.c (__virt_to_mfn does not exist)
   - Xen 4.8:

* conflict in some files (one medium as the number of "features" isdifferent)

        * compilation failure in cpuerrata.c (__virt_to_mfn does not exist)

The branches can be found on xenbits [1] : xsa-254-sp2-X.XX where X.XXis the version of Xen.

Xen 4.7 and earlier does not have cpufeature/cpuerrata infrastructureand will require backport. The only difficulty here should be findingthe list of commits required.

Also, we probably want to update the XSA pointing to the patches. So ifsomeone wants to backport to Xen 4.7 (or earlier) they can. Any opinions?


Cheers,

[1] https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] XSA-254 SP2 for ARM (was Re: [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU)
  - From: Stefano Stabellini
- Re: [Xen-devel] XSA-254 SP2 for ARM (was Re: [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU)
  - From: Stefano Stabellini

References:
- [Xen-devel] [PATCH 0/5] xen/arm64: Branch predictor hardening (XSA-254 variant 2)
  - From: Julien Grall
- [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Lars Kurth
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Julien Grall
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Lars Kurth
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
  - From: Stefano Stabellini

Prev by Date: Re: [Xen-devel] [PATCH v2 07/13] iommu: Make decision about needing IOMMU for hardware domains in advance
Next by Date: Re: [Xen-devel] [PATCH] x86/hvm: more sure APIC assist is aborted if guest EOIs APIC
Previous by thread: Re: [Xen-devel] [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU
Next by thread: Re: [Xen-devel] XSA-254 SP2 for ARM (was Re: [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU)
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.