[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] XSA-254 SP2 for ARM (was Re: [PATCH 1/5] xen/arm: Introduce enable callback to enable a capabilities on each online CPU)

(+ Security team)

Hi Stefano,

On 17/01/18 21:47, Stefano Stabellini wrote:
On Wed, 17 Jan 2018, Stefano Stabellini wrote:
On Wed, 17 Jan 2018, Lars Kurth wrote:
       Regarding README.source, this is covering file and contain the same 
mention as in the commit message. As this is a single function. Isn't the 
commit message

 From a legal viewpoint it is enough.

If that is enough from a legal viewpoint, then it is enough for me.

However, from a legal viewpoint, I thought we needed to explicitly
mention all the original signed-off-bys because Julien is not actually
the copyright holder for that function, hence, we need to add the
signed-off-bys of all the missing copyright holders.

Actually, reading again the Developer’s Certificate of Origin, it

"The contribution is based upon previous work that, to the best of my knowledge, is 
covered under an appropriate open source license and I have the right under that license 
to submit that work with modifications, whether created in whole or in part by me, under 
the same open source license (unless I am permitted to submit under a different license), 
as indicated in the file"

so I think Lars is right. In that case, there is no need to resubmit
this series, I'll commit to staging as is. If tests go well, I'll
backport it to the stable trees.
Thank you! I have created branches with patches backported up to Xen 4.8. With minor changes:

   - Xen 4.10: No changes
   - Xen 4.9:
        * minor conflict in some files
        * compilation failure in cpuerrata.c (__virt_to_mfn does not exist)
   - Xen 4.8:
* conflict in some files (one medium as the number of "features" is different)
        * compilation failure in cpuerrata.c (__virt_to_mfn does not exist)
The branches can be found on xenbits [1] : xsa-254-sp2-X.XX where X.XX is the version of Xen.

Xen 4.7 and earlier does not have cpufeature/cpuerrata infrastructure and will require backport. The only difficulty here should be finding the list of commits required.

Also, we probably want to update the XSA pointing to the patches. So if someone wants to backport to Xen 4.7 (or earlier) they can. Any opinions?


[1] https://xenbits.xen.org/git-http/people/julieng/xen-unstable.git

Julien Grall

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.