kernel security and bug fix update


[2.6.9-] - [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson) - fix entropy flag in bnx2 driver to generate entropy pool (John Sobecki) [orabug 5931647] - fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch) [orabug 6845794] - fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128] - fix per_cpu() api bug_on with rds (Zach Brown) [orabug 5760648] - backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane) [orabug 6125546] - netrx/netpoll race avoidance (Tina Yang) [orabug 6143381] - fix guest spinning in xen (Herbert van den Bergh) [orabug 7004010] - fix serial port lock recursion (Herbert van den Bergh) [orabug 6761872] - [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928] - fix in nfs_attribute_timeout() (Trond Myklebust) [orabug 7378108] - use lfence instead of cpuid instruction to implement memory barriers (Herbert van den Bergh) [orabug 7452412] - add netpoll support to xen netfront (Tina Yang) [orabz 7261] - [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395] - port Red Hat bug 472572: HVM crash in net/core/dev.c during boot [orabug 7653948] The following Red Hat patches were ported from the source RPM at: http://people.redhat.com/vgoyal/rhel4/SRPMS.kernel/kernel-2.6.9-78.22.EL.src.rpm linux-2.6.9-xen-fix-netfront-mem-leak.patch linux-2.6.9-xen-xen-vnif-stops-working-on-reception-of-duplicat.patch - fix kernel null dereference in ap_suspend() during migration [orabug 7635625] Ported from the el5u2 xenpv-0.1-9.0.1.el5 patch ovs-bugz7262-fix-migration-hang-due-to-write-lock-starvation.patch. In el5u2, the fix is to the xenpv driver. For el4u7, the xenpv driver was moved into the kernel. - port el4u6 xenpv patch (orabug 7442030) for live migration hang [orabug 7458244] - [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit dom0 [orabug 7452107] - [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki, Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839] - [nfs] update fix for attribute caching when using actimeo=0 (Chuck Lever, John Sobecki) [ORABUG 7131141,7156607,7388056] [RHBZ 446083,476726] - [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) [orabug 6110605] - port EL5U3 patch to adjust totalhigh_pages in the balloon driver [orabug 8300888] - check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514] - [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329] - [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526] - fix oops in show_partition using RCU (Wen gang Wang) [orabug 8423936] [2.6.9-78.0.22] -nmi watchdog: fix LAPIC mode detection on cpus with supported performance counters (John Villalovos) [497330 491338] [2.6.9-78.0.21] -igb: prevent deadlock while executing netdump (Andy Gospodarek) [480579 435886] [2.6.9-78.0.20] -mce: do not clear status registers in fatal conditions (Aristeu Rozanski) [494915 489695] [2.6.9-78.0.19] -xen: guest will crash if rtl8139 nic is only one specified (Don Dutile) [477146 472572] -fix CLONE_PARENT and parent_exec_id interaction (Don Howard) [479961 479962] {CVE-2009-0028} -x86_64: syscall_audit: fix 32/64 syscall hole (Jerome Marchand) [487999 488000] {CVE-2009-0834} -x86_64: backport is_compat_task (Jerome Marchand) [487999 488000] {CVE-2009-0834} -megaraid: fix a bug in reset handler (Tomas Henzl) [493420 481662] -ext3: ext3_symlink should use gfp_nofs allocations inside (Flavio Leitner) [493422 489768] [2.6.9-78.0.18] -igb: prevent deadlock while executing netdump (Andy Gospodarek) [480579 435886] -nfs: fix pages of a memory mapped nfs file get corrupted (Peter Staubach) [490119 432974] -aio: fix race in aio_complete that leads to a process hang (Jeff Moyer) [489935 456686] -mptfusion: remove check for type disk (Tomas Henzl) [487399 465514] -kernel: fix kernel memory disclosure in getsockopt() with option SO_BSDCOMPAT (Don Howard) [486515 486516] {CVE-2009-0676} -ia64: fix deadlock in ia64 sys_ptrace (Jerome Marchand) [484904 442816] -nfs: remove bogus lock if signalled case (Bryn M. Reeves) [456284 456285] {CVE-2008-4307} -nmi watchdog: generate load on all cpus while testing if the watchdog works (Aristeu Rozanski) [479184 488018] -nmi watchdog: move check_nmi_watchdog to later in boot time (Aristeu Rozanski) [479184 458859]