kernel security and bug fix update

[2.6.9-89.0.18.0.1.EL]

• fix skb alignment that was causing sendto() to fail with EFAULT
  (Olaf Kirch) [orabug 6845794]
• fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]
• backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)
  [orabug 6125546]
• netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]
• [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]
• use lfence instead of cpuid instruction to implement memory barriers
  (Herbert van den Bergh) [orabug 7452412]
• add netpoll support to xen netfront (Tina Yang) [orabz 7261]
• [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)
  [orabug 7175395]
• [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit
  dom0 [orabug 7452107] xenstore
• [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki,
  Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]
• [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki) [orabug 6110605]
• [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)
• port EL5U3 patch to adjust totalhigh_pages in the balloon driver [orabug 8300888]
• check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514]
• [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]
• [XEN] Extend physical mask to 40bit for machine above 64G [orabug 8312526]
• fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]
• [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 8425237]
  [2.6.9-89.0.18]
  -i8042: regression fix: disable and enable aux port at close (Mauro Carvalho Chehab) [537344 531192]
  -r8169: balance pci_map/unmap pair, use hw padding (Ivan Vecera) [529141 529142] {CVE-2009-3613}
  -forcedeth: add phy_power_down parameter, leave phy powered up by default (Ivan Vecera) [534112 532593]
  -fusion: mptctl module dereferences a userspace address, triggering a crash (Rob Evers) [533798 528066]
  -net: ipv4: make ip_append_data handle null routing table (Jiri Pirko) [537016 520299]
  -bnx2x: fix bnx2x failing when iptables is on (Stanislaw Gruszka) [537013 527656]
  -nlm: don’t try to reclaim locks on -o nolock mounts (Jeff Layton) [537017 176848]
  [2.6.9-89.0.17]
  -fix x86_64 32bit process register leak (Amerigo Wang) [526795 526796] {CVE-2009-2910}
  -drm r128: add test for initialisation to all ioctls that require it (Danny Feng) [529600 529601] {CVE-2009-3620}
  -net: af_unix: fix deadlock on connecting to shutdown socket (Jiri Pirko) [529628 529629] {CVE-2009-3621}
  -hid-input: fix divide by zero in hid-input.c (Pete Zaitcev) [532027 483783]
  -igb: add link check function to verify that link is present (Stefan Assmann) [534105 529037]
  -ipt_recent: do not accept a rule if hit count is great than ip_pkt_list_tot (Amerigo Wang) [529306 523983]
  -cciss: add bus attribute to support device mapper multipath target (Tomas Henzl) [529309 484415]