kernel security and bug fix update


[2.6.9-] - fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) [orabug 5931647] - fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) [orabug 6845794] - fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128] - fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648] - backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) [orabug 6125546] - netrx/netpoll race avoidance (Tina Yang) [orabug 6143381] - fix guest spinning in xen (Herbert van den Bergh) [orabug 7004010] - fix serial port lock recursion (Herbert van den Bergh) [orabug 6761872] - [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928] - fix in nfs_attribute_timeout() (Trond Myklebust) [orabug 7378108] - use lfence instead of cpuid instruction to implement memory barriers (Herbert van den Bergh) [orabug 7452412] - add netpoll support to xen netfront (Tina Yang) [orabz 7261] - [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395] - port Red Hat bug 472572: HVM crash in net/core/dev.c during boot [orabug 7653948] The following Red Hat patches were ported from the source RPM at: http://people.redhat.com/vgoyal/rhel4/SRPMS.kernel/kernel-2.6.9-78.22.EL.src.rpm linux-2.6.9-xen-fix-netfront-mem-leak.patch linux-2.6.9-xen-xen-vnif-stops-working-on-reception-of-duplicat.patch linux-2.6.9-xen-guest-will-crash-if-rtl8139-nic-is-only-one-spe.patch - fix kernel null dereference in ap_suspend() during migration [orabug 7635625] Ported from the el5u2 xenpv-0.1-9.0.1.el5 patch ovs-bugz7262-fix-migration-hang-due-to-write-lock-starvation.patch. In el5u2, the fix is to the xenpv driver. For el4u7, the xenpv driver was moved into the kernel. - port el4u6 xenpv patch (orabug 7442030) for live migration hang [orabug 7458244] - [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit dom0 [orabug 7452107] - [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki, Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839] - [nfs] update fix for attribute caching when using actimeo=0 (Chuck Lever, John Sobecki) [ORABUG 7131141,7156607,7388056] [RHBZ 446083,476726] - [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) [orabug 6110605] [2.6.9-78.0.13] -net: fix unix socket panic patch missing hunk (Neil Horman) [473267 473268] {CVE-2008-5300} [2.6.9-78.0.12] -revert: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815] [2.6.9-78.0.11] -net: fix unix socket panic patch regression (Neil Horman) [470433 470434 473267 473268] {CVE-2008-5029 CVE-2008-5300} -net: fix race between poll_napi and net_rx_action (Andy Gospodarek) [475970 463815] -kernel: watchdog: fix buffer_underflow bug (Eugene Teo) [475738 475739] -xen: fix lost packets when live migrating (Don Dutile) [469891 460874] -xen: remove /proc/xen from fv and bare metal kernels (Don Dutile) [476534 460984] [2.6.9-78.0.10] -fix cpuspeed not working on intel based servers (Tony Camuso) [458156 440267] -fix regression in cpuspeed (Prarit Bhargava) [458156 440267] -cpuspeed: fix transition of p-states (Tony Camuso) [458156 440267] -net: fix unix socket panic (Neil Horman) [470433 470434] {CVE-2008-5029} -hfsplus: fix buffer overflow with a corrupted image (Anton Arapov) [469635 469636] {CVE-2008-4933} -hfsplus: check read_mapping_page return value (Anton Arapov) [469642 469643] {CVE-2008-4934} -hfs: fix namelength memory corruption (Anton Arapov) [470770 470771] {CVE-2008-5025} -add range_is_allowed check to mmap_mem (Eugene Teo) [460862 460859] -fix add range_is_allowed check regression (Vitaly Mayatskikh) [460862 460859] [2.6.9-78.0.9] -atkbd: cancel delayed work before freeing its structure (Jiri Pirko) [461239 461240] -atkbd: delay executing of led switching request (Jiri Pirko) [461239 461240] -kernel: fix copy_user on x86_64 for read of < 8 bytes (Larry Woodman) [471015 453053] -fix diskdump failure when numa is on (Takao Indoh) [470034 457736] -ipv4: fix byte value boundary check in ip_getsockopt (Jiri Pirko) [470196 462741] -fix linux kernel local filesystem dos (Eugene Teo) [457863 457864] {CVE-2008-3275} -netpoll: play nicely with bonding (Andy Gospodarek) [471391 248374] -sched: fix isolcpus vs balance bug (Peter Zijlstra) [471222 461156]