kernel security and bug fix update

[2.6.9-89.0.3.0.1.EL]

• fix skb alignment that was causing sendto() to fail with EFAULT (Olaf Kirch)
  [orabug 6845794]
  fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]
• backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
  [orabug 6125546]
• netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
• [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
• use lfence instead of cpuid instruction to implement memory barriers
  (Herbert van den Bergh) [orabug 7452412]
• add netpoll support to xen netfront (Tina Yang) [orabz 7261]
• [xen] execshield: fix endless GPF fault loop (Stephen Tweedie) [orabug 7175395]
• [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
  dom0 [orabug 7452107] xenstore
• [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki,
  Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
• [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)
  [orabug 6110605]
• [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
• port EL5U3 patch to adjust totalhigh_pages in the balloon driver [orabug 8300888]
• check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514]
• [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
• [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526]
• fix oops in show_partition using RCU (Wen gang Wang) [orabug 8423936]
  [2.6.9-89.0.3]
  -agp: zero pages before sending to userspace (Jiri Olsa) [497023 497024] {CVE-2009-1192}
  -agp: fix boot issue with agp zero pages patch (Jiri Olsa) [497023 497024] {CVE-2009-1192}
  -e1000: fix skb_over_panic (Neil Horman) [502982 502983] {CVE-2009-1385}
  -kernel: proc: avoid information leaks to non privileged processes (Amerigo Wang) [499549 499548]
  -netpoll: bust poll_lock when doing netdump (Neil Horman) [504565 494688]
  [2.6.9-89.0.2]
  -xen: local denial of service [500948 500949] {CVE-2009-1758}
  -nfs: fix client handling of MAY_EXEC in nfs_permission [500299 500300] {CVE-2009-1630}
  [2.6.9-89.0.1]
  -Reapply: fix race condition in input.c (Vivek Goyal) [501804 501064]
  -nfs: inode of the overwritten file will remain in the icache (Flavio Leitner) [501802 494015]
  -fix timespec off by one errors (Jason Baron) [501800 496201]
  -add some long missing capabilities to cap_fs_mask (Eric Paris) [499073 499074] [497269 497270] {CVE-2009-1072}
  -net: tcp: clear probes_out more aggressively in tcp_ack (Jiri Pirko) [501754 494428]