From xen-announce-bounces@lists.xen.org Wed Apr 02 11:50:15 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 02 Apr 2014 11:50:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJet-0007BW-3C; Wed, 02 Apr 2014 11:48:43 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJep-0007BB-Kx; Wed, 02 Apr 2014 11:48:39 +0000 Received: from [85.158.143.35:51001] by server-1.bemta-4.messagelabs.com id 94/85-09853-619FB335; Wed, 02 Apr 2014 11:48:38 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-5.tower-21.messagelabs.com!1396439316!6447488!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8384 invoked from network); 2 Apr 2014 11:48:37 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 2 Apr 2014 11:48:37 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJeh-0005zk-SP; Wed, 02 Apr 2014 11:48:31 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WVJeh-00063L-MQ; Wed, 02 Apr 2014 11:48:31 +0000 Date: Wed, 02 Apr 2014 11:48:31 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 89 (CVE-2014-2599) - HVMOP_set_mem_access is not preemptible X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2599 / XSA-89 version 3 HVMOP_set_mem_access is not preemptible UPDATES IN VERSION 3 ==================== This issue has been assigned CVE-2014-2599. ISSUE DESCRIPTION ================= Processing of the HVMOP_set_mem_access HVM control operations does not check the size of its input and can tie up a physical CPU for extended periods of time. IMPACT ====== In a configuration where device models run with limited privilege (for example, stubdom device models), a guest attacker who successfully finds and exploits an unfixed security flaw in qemu-dm could leverage the other flaw into a Denial of Service affecting the whole host. In the more general case, in more abstract terms: a malicious administrator of a domain privileged with regard to an HVM guest can cause Xen to become unresponsive leading to a Denial of Service. VULNERABLE SYSTEMS ================== All Xen versions from 4.1 onwards are vulnerable. In 4.2 only 64-bit versions of the hypervisor are vulnerable (HVMOP_set_mem_access is not available in 32-bit hypervisors). The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). In the case of HVM guests whose device model is running in an unrestricted dom0 process, qemu-dm already has the ability to cause problems for the whole system. So in that case the vulnerability is not applicable. The situation is more subtle for an HVM guest with a stub qemu-dm. That is, where the device model runs in a separate domain (in the case of xl, as requested by "device_model_stubdomain_override=1" in the xl domain configuration file). The same applies with a qemu-dm in a dom0 process subjected to some kind kernel-based process privilege limitation (eg the chroot technique as found in some versions of XCP/XenServer). In those latter situations this issue means that the extra isolation does not provide as good a defence (against denial of service) as intended. That is the essence of this vulnerability. However, the security is still better than with a qemu-dm running as an unrestricted dom0 process. Therefore users with these configurations should not switch to an unrestricted dom0 qemu-dm. Finally, in a radically disaggregated system: where the HVM service domain software (probably, the device model domain image) is not always supplied by the host administrator, a malicious service domain administrator can excercise this vulnerability. MITIGATION ========== Running only PV guests will avoid this vulnerability. In a radically disaggregated system, restricting HVM service domains to software images approved by the host administrator will avoid the vulnerability. CREDITS ======= This issue was discovered by Jan Beulich. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa89.patch xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x xsa89-4.1.patch Xen 4.1.x $ sha256sum xsa89*.patch 741c8fbbfa8e425d8debba17135d4c2e1e962d15717769bc93d68a65b5dc5ea6 xsa89.patch 7d965e9bf1894b7d909bfaddbc6b7bdcee0ba91b86942ce85e0ae80464f2463e xsa89-4.1.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTO+8wAAoJEIP+FMlX6CvZ5esH/3T+ajm7vltauel3SR3+wQAw nmxJR+CIaIRhIdjER/EPJ8HRqCl8DvY1yY8MM9qo70RIGu9eHSxkKbPQzNa1ye8/ sdqLT+TIVXElukse1CxSPnHkw0NYOjysdTxDs9XGFzTA2qzYj9cLu6qKbh8wKOqa 4UhqMzU5zXnRi+53Ljn3dBximU2Fch7ibN5Ea5C2e4uPJHR8aNn31lCESnsUfwbK /ZrxoP89VRiSZq0GiGrSouF6FjU6fWyP3pTfvrFtQ0/K7a+HuA3ZgT35iGVdVW2C dV35iNqIn+yC8vUrcEZkdfp/KapRP3WqCetoW63MT1tACToCf8ObT3RMTuAgfa0= =vHm/ -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa89.patch" Content-Disposition: attachment; filename="xsa89.patch" Content-Transfer-Encoding: base64 eDg2OiBlbmZvcmNlIHByZWVtcHRpb24gaW4gSFZNX3NldF9tZW1fYWNjZXNz IC8gcDJtX3NldF9tZW1fYWNjZXNzKCkKClByb2Nlc3NpbmcgdXAgdG8gNEcg UEZOcyBtYXkgdGFrZSBhbG1vc3QgYXJiaXRyYXJpbHkgbG9uZywgc28KcHJl ZW1wdGlvbiBpcyBuZWVkZWQgaGVyZS4KClRoaXMgaXMgWFNBLTg5LgoKU2ln bmVkLW9mZi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpS ZXZpZXdlZC1ieTogVGltIERlZWdhbiA8dGltQHhlbi5vcmc+CgotLS0gYS94 ZW4vYXJjaC94ODYvaHZtL2h2bS5jCisrKyBiL3hlbi9hcmNoL3g4Ni9odm0v aHZtLmMKQEAgLTQ1OTMsNiArNDU5MywxNSBAQCBsb25nIGRvX2h2bV9vcCh1 bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAgICAgICBnb3RvIHBh cmFtX2ZhaWw1OwogICAgICAgICAgICAgCiAgICAgICAgIHJjID0gcDJtX3Nl dF9tZW1fYWNjZXNzKGQsIGEuZmlyc3RfcGZuLCBhLm5yLCBhLmh2bW1lbV9h Y2Nlc3MpOworICAgICAgICBpZiAoIHJjID4gMCApCisgICAgICAgIHsKKyAg ICAgICAgICAgIGEuZmlyc3RfcGZuICs9IGEubnIgLSByYzsKKyAgICAgICAg ICAgIGEubnIgPSByYzsKKyAgICAgICAgICAgIGlmICggX19jb3B5X3RvX2d1 ZXN0KGFyZywgJmEsIDEpICkKKyAgICAgICAgICAgICAgICByYyA9IC1FRkFV TFQ7CisgICAgICAgICAgICBlbHNlCisgICAgICAgICAgICAgICAgcmMgPSAt RUFHQUlOOworICAgICAgICB9CiAKICAgICBwYXJhbV9mYWlsNToKICAgICAg ICAgcmN1X3VubG9ja19kb21haW4oZCk7Ci0tLSBhL3hlbi9hcmNoL3g4Ni9t bS9wMm0uYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLmMKQEAgLTEzMzMs MTUgKzEzMzMsMTQgQEAgdm9pZCBwMm1fbWVtX2FjY2Vzc19yZXN1bWUoc3Ry dWN0IGRvbWFpbgogCiAvKiBTZXQgYWNjZXNzIHR5cGUgZm9yIGEgcmVnaW9u IG9mIHBmbnMuCiAgKiBJZiBzdGFydF9wZm4gPT0gLTF1bCwgc2V0cyB0aGUg ZGVmYXVsdCBhY2Nlc3MgdHlwZSAqLwotaW50IHAybV9zZXRfbWVtX2FjY2Vz cyhzdHJ1Y3QgZG9tYWluICpkLCB1bnNpZ25lZCBsb25nIHN0YXJ0X3Bmbiwg Ci0gICAgICAgICAgICAgICAgICAgICAgIHVpbnQzMl90IG5yLCBodm1tZW1f YWNjZXNzX3QgYWNjZXNzKSAKK2xvbmcgcDJtX3NldF9tZW1fYWNjZXNzKHN0 cnVjdCBkb21haW4gKmQsIHVuc2lnbmVkIGxvbmcgcGZuLCB1aW50MzJfdCBu ciwKKyAgICAgICAgICAgICAgICAgICAgICAgIGh2bW1lbV9hY2Nlc3NfdCBh Y2Nlc3MpCiB7CiAgICAgc3RydWN0IHAybV9kb21haW4gKnAybSA9IHAybV9n ZXRfaG9zdHAybShkKTsKLSAgICB1bnNpZ25lZCBsb25nIHBmbjsKICAgICBw Mm1fYWNjZXNzX3QgYSwgX2E7CiAgICAgcDJtX3R5cGVfdCB0OwogICAgIG1m bl90IG1mbjsKLSAgICBpbnQgcmMgPSAwOworICAgIGxvbmcgcmM7CiAKICAg ICAvKiBOLkIuIF9ub3RfIHN0YXRpYzogaW5pdGlhbGl6ZXIgZGVwZW5kcyBv biBwMm0tPmRlZmF1bHRfYWNjZXNzICovCiAgICAgcDJtX2FjY2Vzc190IG1l bWFjY2Vzc1tdID0gewpAQCAtMTM2NCwxNCArMTM2MywxNyBAQCBpbnQgcDJt X3NldF9tZW1fYWNjZXNzKHN0cnVjdCBkb21haW4gKmQsCiAgICAgYSA9IG1l bWFjY2Vzc1thY2Nlc3NdOwogCiAgICAgLyogSWYgcmVxdWVzdCB0byBzZXQg ZGVmYXVsdCBhY2Nlc3MgKi8KLSAgICBpZiAoIHN0YXJ0X3BmbiA9PSB+MHVs bCApIAorICAgIGlmICggcGZuID09IH4wdWwgKQogICAgIHsKICAgICAgICAg cDJtLT5kZWZhdWx0X2FjY2VzcyA9IGE7CiAgICAgICAgIHJldHVybiAwOwog ICAgIH0KIAorICAgIGlmICggIW5yICkKKyAgICAgICAgcmV0dXJuIDA7CisK ICAgICBwMm1fbG9jayhwMm0pOwotICAgIGZvciAoIHBmbiA9IHN0YXJ0X3Bm bjsgcGZuIDwgc3RhcnRfcGZuICsgbnI7IHBmbisrICkKKyAgICBmb3IgKCA7 IDsgKytwZm4gKQogICAgIHsKICAgICAgICAgbWZuID0gcDJtLT5nZXRfZW50 cnkocDJtLCBwZm4sICZ0LCAmX2EsIDAsIE5VTEwpOwogICAgICAgICBpZiAo IHAybS0+c2V0X2VudHJ5KHAybSwgcGZuLCBtZm4sIFBBR0VfT1JERVJfNEss IHQsIGEpID09IDAgKQpAQCAtMTM3OSw2ICsxMzgxLDEzIEBAIGludCBwMm1f c2V0X21lbV9hY2Nlc3Moc3RydWN0IGRvbWFpbiAqZCwKICAgICAgICAgICAg IHJjID0gLUVOT01FTTsKICAgICAgICAgICAgIGJyZWFrOwogICAgICAgICB9 CisKKyAgICAgICAgLyogQ2hlY2sgZm9yIGNvbnRpbnVhdGlvbiBpZiBpdCdz IG5vdCB0aGUgbGFzdCBpbnRlcmF0aW9uLiAqLworICAgICAgICBpZiAoICEt LW5yIHx8IGh5cGVyY2FsbF9wcmVlbXB0X2NoZWNrKCkgKQorICAgICAgICB7 CisgICAgICAgICAgICByYyA9IG5yOworICAgICAgICAgICAgYnJlYWs7Cisg ICAgICAgIH0KICAgICB9CiAgICAgcDJtX3VubG9jayhwMm0pOwogICAgIHJl dHVybiByYzsKLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9wMm0uaAorKysg Yi94ZW4vaW5jbHVkZS9hc20teDg2L3AybS5oCkBAIC01NzYsOCArNTc2LDgg QEAgdm9pZCBwMm1fbWVtX2FjY2Vzc19yZXN1bWUoc3RydWN0IGRvbWFpbgog CiAvKiBTZXQgYWNjZXNzIHR5cGUgZm9yIGEgcmVnaW9uIG9mIHBmbnMuCiAg KiBJZiBzdGFydF9wZm4gPT0gLTF1bCwgc2V0cyB0aGUgZGVmYXVsdCBhY2Nl c3MgdHlwZSAqLwotaW50IHAybV9zZXRfbWVtX2FjY2VzcyhzdHJ1Y3QgZG9t YWluICpkLCB1bnNpZ25lZCBsb25nIHN0YXJ0X3BmbiwgCi0gICAgICAgICAg ICAgICAgICAgICAgIHVpbnQzMl90IG5yLCBodm1tZW1fYWNjZXNzX3QgYWNj ZXNzKTsKK2xvbmcgcDJtX3NldF9tZW1fYWNjZXNzKHN0cnVjdCBkb21haW4g KmQsIHVuc2lnbmVkIGxvbmcgc3RhcnRfcGZuLAorICAgICAgICAgICAgICAg ICAgICAgICAgdWludDMyX3QgbnIsIGh2bW1lbV9hY2Nlc3NfdCBhY2Nlc3Mp OwogCiAvKiBHZXQgYWNjZXNzIHR5cGUgZm9yIGEgcGZuCiAgKiBJZiBwZm4g PT0gLTF1bCwgZ2V0cyB0aGUgZGVmYXVsdCBhY2Nlc3MgdHlwZSAqLwo= --=separator Content-Type: application/octet-stream; name="xsa89-4.1.patch" Content-Disposition: attachment; filename="xsa89-4.1.patch" Content-Transfer-Encoding: base64 eDg2OiBlbmZvcmNlIHByZWVtcHRpb24gaW4gSFZNX3NldF9tZW1fYWNjZXNz IC8gcDJtX3NldF9tZW1fYWNjZXNzKCkKClByb2Nlc3NpbmcgdXAgdG8gNEcg UEZOcyBtYXkgdGFrZSBhbG1vc3QgYXJiaXRyYXJpbHkgbG9uZywgc28KcHJl ZW1wdGlvbiBpcyBuZWVkZWQgaGVyZS4KClRoaXMgaXMgWFNBLTg5LgoKU2ln bmVkLW9mZi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpS ZXZpZXdlZC1ieTogVGltIERlZWdhbiA8dGltQHhlbi5vcmc+CgotLS0gYS94 ZW4vYXJjaC94ODYvaHZtL2h2bS5jCisrKyBiL3hlbi9hcmNoL3g4Ni9odm0v aHZtLmMKQEAgLTM3NTUsNyArMzc1NSw3IEBAIGxvbmcgZG9faHZtX29wKHVu c2lnbmVkIGxvbmcgb3AsIFhFTl9HVUUKICAgICAgICAgICAgICAoKGEuZmly c3RfcGZuICsgYS5uciAtIDEpID4gZG9tYWluX2dldF9tYXhpbXVtX2dwZm4o ZCkpICkKICAgICAgICAgICAgIGdvdG8gcGFyYW1fZmFpbDU7CiAgICAgICAg ICAgICAKLSAgICAgICAgZm9yICggcGZuID0gYS5maXJzdF9wZm47IHBmbiA8 IGEuZmlyc3RfcGZuICsgYS5ucjsgcGZuKysgKQorICAgICAgICBmb3IgKCBw Zm4gPSBhLmZpcnN0X3BmbjsgYS5ucjsgKytwZm4gKQogICAgICAgICB7CiAg ICAgICAgICAgICBwMm1fdHlwZV90IHQ7CiAgICAgICAgICAgICBtZm5fdCBt Zm47CkBAIC0zNzY4LDYgKzM3NjgsMTcgQEAgbG9uZyBkb19odm1fb3AodW5z aWduZWQgbG9uZyBvcCwgWEVOX0dVRQogICAgICAgICAgICAgcDJtX3VubG9j ayhwMm0pOwogICAgICAgICAgICAgaWYgKCAhc3VjY2VzcyApCiAgICAgICAg ICAgICAgICAgZ290byBwYXJhbV9mYWlsNTsKKworICAgICAgICAgICAgLyog Q2hlY2sgZm9yIGNvbnRpbnVhdGlvbiBpZiBpdCdzIG5vdCB0aGUgbGFzdCBp bnRlcmF0aW9uLiAqLworICAgICAgICAgICAgaWYgKCAtLWEubnIgJiYgaHlw ZXJjYWxsX3ByZWVtcHRfY2hlY2soKSApCisgICAgICAgICAgICB7CisgICAg ICAgICAgICAgICAgYS5maXJzdF9wZm4gPSBwZm4gKyAxOworICAgICAgICAg ICAgICAgIGlmICggY29weV90b19ndWVzdChhcmcsICZhLCAxKSApCisgICAg ICAgICAgICAgICAgICAgIHJjID0gLUVGQVVMVDsKKyAgICAgICAgICAgICAg ICBlbHNlCisgICAgICAgICAgICAgICAgICAgIHJjID0gLUVBR0FJTjsKKyAg ICAgICAgICAgICAgICBnb3RvIHBhcmFtX2ZhaWw1OworICAgICAgICAgICAg fQogICAgICAgICB9CiAKICAgICAgICAgcmMgPSAwOwo= --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 02 11:50:15 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 02 Apr 2014 11:50:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJet-0007BW-3C; Wed, 02 Apr 2014 11:48:43 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJep-0007BB-Kx; Wed, 02 Apr 2014 11:48:39 +0000 Received: from [85.158.143.35:51001] by server-1.bemta-4.messagelabs.com id 94/85-09853-619FB335; Wed, 02 Apr 2014 11:48:38 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-5.tower-21.messagelabs.com!1396439316!6447488!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8384 invoked from network); 2 Apr 2014 11:48:37 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 2 Apr 2014 11:48:37 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJeh-0005zk-SP; Wed, 02 Apr 2014 11:48:31 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WVJeh-00063L-MQ; Wed, 02 Apr 2014 11:48:31 +0000 Date: Wed, 02 Apr 2014 11:48:31 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 89 (CVE-2014-2599) - HVMOP_set_mem_access is not preemptible X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2599 / XSA-89 version 3 HVMOP_set_mem_access is not preemptible UPDATES IN VERSION 3 ==================== This issue has been assigned CVE-2014-2599. ISSUE DESCRIPTION ================= Processing of the HVMOP_set_mem_access HVM control operations does not check the size of its input and can tie up a physical CPU for extended periods of time. IMPACT ====== In a configuration where device models run with limited privilege (for example, stubdom device models), a guest attacker who successfully finds and exploits an unfixed security flaw in qemu-dm could leverage the other flaw into a Denial of Service affecting the whole host. In the more general case, in more abstract terms: a malicious administrator of a domain privileged with regard to an HVM guest can cause Xen to become unresponsive leading to a Denial of Service. VULNERABLE SYSTEMS ================== All Xen versions from 4.1 onwards are vulnerable. In 4.2 only 64-bit versions of the hypervisor are vulnerable (HVMOP_set_mem_access is not available in 32-bit hypervisors). The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). In the case of HVM guests whose device model is running in an unrestricted dom0 process, qemu-dm already has the ability to cause problems for the whole system. So in that case the vulnerability is not applicable. The situation is more subtle for an HVM guest with a stub qemu-dm. That is, where the device model runs in a separate domain (in the case of xl, as requested by "device_model_stubdomain_override=1" in the xl domain configuration file). The same applies with a qemu-dm in a dom0 process subjected to some kind kernel-based process privilege limitation (eg the chroot technique as found in some versions of XCP/XenServer). In those latter situations this issue means that the extra isolation does not provide as good a defence (against denial of service) as intended. That is the essence of this vulnerability. However, the security is still better than with a qemu-dm running as an unrestricted dom0 process. Therefore users with these configurations should not switch to an unrestricted dom0 qemu-dm. Finally, in a radically disaggregated system: where the HVM service domain software (probably, the device model domain image) is not always supplied by the host administrator, a malicious service domain administrator can excercise this vulnerability. MITIGATION ========== Running only PV guests will avoid this vulnerability. In a radically disaggregated system, restricting HVM service domains to software images approved by the host administrator will avoid the vulnerability. CREDITS ======= This issue was discovered by Jan Beulich. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa89.patch xen-unstable, Xen 4.4.x, Xen 4.3.x, Xen 4.2.x xsa89-4.1.patch Xen 4.1.x $ sha256sum xsa89*.patch 741c8fbbfa8e425d8debba17135d4c2e1e962d15717769bc93d68a65b5dc5ea6 xsa89.patch 7d965e9bf1894b7d909bfaddbc6b7bdcee0ba91b86942ce85e0ae80464f2463e xsa89-4.1.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTO+8wAAoJEIP+FMlX6CvZ5esH/3T+ajm7vltauel3SR3+wQAw nmxJR+CIaIRhIdjER/EPJ8HRqCl8DvY1yY8MM9qo70RIGu9eHSxkKbPQzNa1ye8/ sdqLT+TIVXElukse1CxSPnHkw0NYOjysdTxDs9XGFzTA2qzYj9cLu6qKbh8wKOqa 4UhqMzU5zXnRi+53Ljn3dBximU2Fch7ibN5Ea5C2e4uPJHR8aNn31lCESnsUfwbK /ZrxoP89VRiSZq0GiGrSouF6FjU6fWyP3pTfvrFtQ0/K7a+HuA3ZgT35iGVdVW2C dV35iNqIn+yC8vUrcEZkdfp/KapRP3WqCetoW63MT1tACToCf8ObT3RMTuAgfa0= =vHm/ -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa89.patch" Content-Disposition: attachment; filename="xsa89.patch" Content-Transfer-Encoding: base64 eDg2OiBlbmZvcmNlIHByZWVtcHRpb24gaW4gSFZNX3NldF9tZW1fYWNjZXNz IC8gcDJtX3NldF9tZW1fYWNjZXNzKCkKClByb2Nlc3NpbmcgdXAgdG8gNEcg UEZOcyBtYXkgdGFrZSBhbG1vc3QgYXJiaXRyYXJpbHkgbG9uZywgc28KcHJl ZW1wdGlvbiBpcyBuZWVkZWQgaGVyZS4KClRoaXMgaXMgWFNBLTg5LgoKU2ln bmVkLW9mZi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpS ZXZpZXdlZC1ieTogVGltIERlZWdhbiA8dGltQHhlbi5vcmc+CgotLS0gYS94 ZW4vYXJjaC94ODYvaHZtL2h2bS5jCisrKyBiL3hlbi9hcmNoL3g4Ni9odm0v aHZtLmMKQEAgLTQ1OTMsNiArNDU5MywxNSBAQCBsb25nIGRvX2h2bV9vcCh1 bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAgICAgICBnb3RvIHBh cmFtX2ZhaWw1OwogICAgICAgICAgICAgCiAgICAgICAgIHJjID0gcDJtX3Nl dF9tZW1fYWNjZXNzKGQsIGEuZmlyc3RfcGZuLCBhLm5yLCBhLmh2bW1lbV9h Y2Nlc3MpOworICAgICAgICBpZiAoIHJjID4gMCApCisgICAgICAgIHsKKyAg ICAgICAgICAgIGEuZmlyc3RfcGZuICs9IGEubnIgLSByYzsKKyAgICAgICAg ICAgIGEubnIgPSByYzsKKyAgICAgICAgICAgIGlmICggX19jb3B5X3RvX2d1 ZXN0KGFyZywgJmEsIDEpICkKKyAgICAgICAgICAgICAgICByYyA9IC1FRkFV TFQ7CisgICAgICAgICAgICBlbHNlCisgICAgICAgICAgICAgICAgcmMgPSAt RUFHQUlOOworICAgICAgICB9CiAKICAgICBwYXJhbV9mYWlsNToKICAgICAg ICAgcmN1X3VubG9ja19kb21haW4oZCk7Ci0tLSBhL3hlbi9hcmNoL3g4Ni9t bS9wMm0uYworKysgYi94ZW4vYXJjaC94ODYvbW0vcDJtLmMKQEAgLTEzMzMs MTUgKzEzMzMsMTQgQEAgdm9pZCBwMm1fbWVtX2FjY2Vzc19yZXN1bWUoc3Ry dWN0IGRvbWFpbgogCiAvKiBTZXQgYWNjZXNzIHR5cGUgZm9yIGEgcmVnaW9u IG9mIHBmbnMuCiAgKiBJZiBzdGFydF9wZm4gPT0gLTF1bCwgc2V0cyB0aGUg ZGVmYXVsdCBhY2Nlc3MgdHlwZSAqLwotaW50IHAybV9zZXRfbWVtX2FjY2Vz cyhzdHJ1Y3QgZG9tYWluICpkLCB1bnNpZ25lZCBsb25nIHN0YXJ0X3Bmbiwg Ci0gICAgICAgICAgICAgICAgICAgICAgIHVpbnQzMl90IG5yLCBodm1tZW1f YWNjZXNzX3QgYWNjZXNzKSAKK2xvbmcgcDJtX3NldF9tZW1fYWNjZXNzKHN0 cnVjdCBkb21haW4gKmQsIHVuc2lnbmVkIGxvbmcgcGZuLCB1aW50MzJfdCBu ciwKKyAgICAgICAgICAgICAgICAgICAgICAgIGh2bW1lbV9hY2Nlc3NfdCBh Y2Nlc3MpCiB7CiAgICAgc3RydWN0IHAybV9kb21haW4gKnAybSA9IHAybV9n ZXRfaG9zdHAybShkKTsKLSAgICB1bnNpZ25lZCBsb25nIHBmbjsKICAgICBw Mm1fYWNjZXNzX3QgYSwgX2E7CiAgICAgcDJtX3R5cGVfdCB0OwogICAgIG1m bl90IG1mbjsKLSAgICBpbnQgcmMgPSAwOworICAgIGxvbmcgcmM7CiAKICAg ICAvKiBOLkIuIF9ub3RfIHN0YXRpYzogaW5pdGlhbGl6ZXIgZGVwZW5kcyBv biBwMm0tPmRlZmF1bHRfYWNjZXNzICovCiAgICAgcDJtX2FjY2Vzc190IG1l bWFjY2Vzc1tdID0gewpAQCAtMTM2NCwxNCArMTM2MywxNyBAQCBpbnQgcDJt X3NldF9tZW1fYWNjZXNzKHN0cnVjdCBkb21haW4gKmQsCiAgICAgYSA9IG1l bWFjY2Vzc1thY2Nlc3NdOwogCiAgICAgLyogSWYgcmVxdWVzdCB0byBzZXQg ZGVmYXVsdCBhY2Nlc3MgKi8KLSAgICBpZiAoIHN0YXJ0X3BmbiA9PSB+MHVs bCApIAorICAgIGlmICggcGZuID09IH4wdWwgKQogICAgIHsKICAgICAgICAg cDJtLT5kZWZhdWx0X2FjY2VzcyA9IGE7CiAgICAgICAgIHJldHVybiAwOwog ICAgIH0KIAorICAgIGlmICggIW5yICkKKyAgICAgICAgcmV0dXJuIDA7CisK ICAgICBwMm1fbG9jayhwMm0pOwotICAgIGZvciAoIHBmbiA9IHN0YXJ0X3Bm bjsgcGZuIDwgc3RhcnRfcGZuICsgbnI7IHBmbisrICkKKyAgICBmb3IgKCA7 IDsgKytwZm4gKQogICAgIHsKICAgICAgICAgbWZuID0gcDJtLT5nZXRfZW50 cnkocDJtLCBwZm4sICZ0LCAmX2EsIDAsIE5VTEwpOwogICAgICAgICBpZiAo IHAybS0+c2V0X2VudHJ5KHAybSwgcGZuLCBtZm4sIFBBR0VfT1JERVJfNEss IHQsIGEpID09IDAgKQpAQCAtMTM3OSw2ICsxMzgxLDEzIEBAIGludCBwMm1f c2V0X21lbV9hY2Nlc3Moc3RydWN0IGRvbWFpbiAqZCwKICAgICAgICAgICAg IHJjID0gLUVOT01FTTsKICAgICAgICAgICAgIGJyZWFrOwogICAgICAgICB9 CisKKyAgICAgICAgLyogQ2hlY2sgZm9yIGNvbnRpbnVhdGlvbiBpZiBpdCdz IG5vdCB0aGUgbGFzdCBpbnRlcmF0aW9uLiAqLworICAgICAgICBpZiAoICEt LW5yIHx8IGh5cGVyY2FsbF9wcmVlbXB0X2NoZWNrKCkgKQorICAgICAgICB7 CisgICAgICAgICAgICByYyA9IG5yOworICAgICAgICAgICAgYnJlYWs7Cisg ICAgICAgIH0KICAgICB9CiAgICAgcDJtX3VubG9jayhwMm0pOwogICAgIHJl dHVybiByYzsKLS0tIGEveGVuL2luY2x1ZGUvYXNtLXg4Ni9wMm0uaAorKysg Yi94ZW4vaW5jbHVkZS9hc20teDg2L3AybS5oCkBAIC01NzYsOCArNTc2LDgg QEAgdm9pZCBwMm1fbWVtX2FjY2Vzc19yZXN1bWUoc3RydWN0IGRvbWFpbgog CiAvKiBTZXQgYWNjZXNzIHR5cGUgZm9yIGEgcmVnaW9uIG9mIHBmbnMuCiAg KiBJZiBzdGFydF9wZm4gPT0gLTF1bCwgc2V0cyB0aGUgZGVmYXVsdCBhY2Nl c3MgdHlwZSAqLwotaW50IHAybV9zZXRfbWVtX2FjY2VzcyhzdHJ1Y3QgZG9t YWluICpkLCB1bnNpZ25lZCBsb25nIHN0YXJ0X3BmbiwgCi0gICAgICAgICAg ICAgICAgICAgICAgIHVpbnQzMl90IG5yLCBodm1tZW1fYWNjZXNzX3QgYWNj ZXNzKTsKK2xvbmcgcDJtX3NldF9tZW1fYWNjZXNzKHN0cnVjdCBkb21haW4g KmQsIHVuc2lnbmVkIGxvbmcgc3RhcnRfcGZuLAorICAgICAgICAgICAgICAg ICAgICAgICAgdWludDMyX3QgbnIsIGh2bW1lbV9hY2Nlc3NfdCBhY2Nlc3Mp OwogCiAvKiBHZXQgYWNjZXNzIHR5cGUgZm9yIGEgcGZuCiAgKiBJZiBwZm4g PT0gLTF1bCwgZ2V0cyB0aGUgZGVmYXVsdCBhY2Nlc3MgdHlwZSAqLwo= --=separator Content-Type: application/octet-stream; name="xsa89-4.1.patch" Content-Disposition: attachment; filename="xsa89-4.1.patch" Content-Transfer-Encoding: base64 eDg2OiBlbmZvcmNlIHByZWVtcHRpb24gaW4gSFZNX3NldF9tZW1fYWNjZXNz IC8gcDJtX3NldF9tZW1fYWNjZXNzKCkKClByb2Nlc3NpbmcgdXAgdG8gNEcg UEZOcyBtYXkgdGFrZSBhbG1vc3QgYXJiaXRyYXJpbHkgbG9uZywgc28KcHJl ZW1wdGlvbiBpcyBuZWVkZWQgaGVyZS4KClRoaXMgaXMgWFNBLTg5LgoKU2ln bmVkLW9mZi1ieTogSmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPgpS ZXZpZXdlZC1ieTogVGltIERlZWdhbiA8dGltQHhlbi5vcmc+CgotLS0gYS94 ZW4vYXJjaC94ODYvaHZtL2h2bS5jCisrKyBiL3hlbi9hcmNoL3g4Ni9odm0v aHZtLmMKQEAgLTM3NTUsNyArMzc1NSw3IEBAIGxvbmcgZG9faHZtX29wKHVu c2lnbmVkIGxvbmcgb3AsIFhFTl9HVUUKICAgICAgICAgICAgICAoKGEuZmly c3RfcGZuICsgYS5uciAtIDEpID4gZG9tYWluX2dldF9tYXhpbXVtX2dwZm4o ZCkpICkKICAgICAgICAgICAgIGdvdG8gcGFyYW1fZmFpbDU7CiAgICAgICAg ICAgICAKLSAgICAgICAgZm9yICggcGZuID0gYS5maXJzdF9wZm47IHBmbiA8 IGEuZmlyc3RfcGZuICsgYS5ucjsgcGZuKysgKQorICAgICAgICBmb3IgKCBw Zm4gPSBhLmZpcnN0X3BmbjsgYS5ucjsgKytwZm4gKQogICAgICAgICB7CiAg ICAgICAgICAgICBwMm1fdHlwZV90IHQ7CiAgICAgICAgICAgICBtZm5fdCBt Zm47CkBAIC0zNzY4LDYgKzM3NjgsMTcgQEAgbG9uZyBkb19odm1fb3AodW5z aWduZWQgbG9uZyBvcCwgWEVOX0dVRQogICAgICAgICAgICAgcDJtX3VubG9j ayhwMm0pOwogICAgICAgICAgICAgaWYgKCAhc3VjY2VzcyApCiAgICAgICAg ICAgICAgICAgZ290byBwYXJhbV9mYWlsNTsKKworICAgICAgICAgICAgLyog Q2hlY2sgZm9yIGNvbnRpbnVhdGlvbiBpZiBpdCdzIG5vdCB0aGUgbGFzdCBp bnRlcmF0aW9uLiAqLworICAgICAgICAgICAgaWYgKCAtLWEubnIgJiYgaHlw ZXJjYWxsX3ByZWVtcHRfY2hlY2soKSApCisgICAgICAgICAgICB7CisgICAg ICAgICAgICAgICAgYS5maXJzdF9wZm4gPSBwZm4gKyAxOworICAgICAgICAg ICAgICAgIGlmICggY29weV90b19ndWVzdChhcmcsICZhLCAxKSApCisgICAg ICAgICAgICAgICAgICAgIHJjID0gLUVGQVVMVDsKKyAgICAgICAgICAgICAg ICBlbHNlCisgICAgICAgICAgICAgICAgICAgIHJjID0gLUVBR0FJTjsKKyAg ICAgICAgICAgICAgICBnb3RvIHBhcmFtX2ZhaWw1OworICAgICAgICAgICAg fQogICAgICAgICB9CiAKICAgICAgICAgcmMgPSAwOwo= --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 02 11:51:36 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 02 Apr 2014 11:51:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgU-0007Zg-7M; Wed, 02 Apr 2014 11:50:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgS-0007Z1-0r; Wed, 02 Apr 2014 11:50:20 +0000 Received: from [85.158.143.35:9878] by server-1.bemta-4.messagelabs.com id 9E/D8-09853-B79FB335; Wed, 02 Apr 2014 11:50:19 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1396439417!6476970!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22099 invoked from network); 2 Apr 2014 11:50:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 2 Apr 2014 11:50:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgK-00061B-Ph; Wed, 02 Apr 2014 11:50:12 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WVJg9-0006Ma-A2; Wed, 02 Apr 2014 11:50:02 +0000 Date: Wed, 02 Apr 2014 11:50:01 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 90 (CVE-2014-2580) - Linux netback crash trying to disable due to malformed packet X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2580 / XSA-90 version 2 Linux netback crash trying to disable due to malformed packet UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2580. A fix has been accepted into the Linux network subsystem maintainer's tree. The final fix differs substantially from the initial patch, which calls xenvif_carrier_off from an invalid context resulting in a kernel panic in the backend. The updated patch defers this work to kthread context and ensures that no traffic is processed in the meantime. The attached patches have been updated accordingly. Since the patch in v1 of the advisory does not eliminate the vulnerability, users are strongly encouraged to update to the latest patch. ISSUE DESCRIPTION ================= When Linux's netback sees a malformed packet, it tries to disable the interface which serves the misbehaving frontend. This involves taking a mutex, which might sleep. But in recent versions of Linux the guest transmit path is handled by NAPI in softirq context, where sleeping is not allowed. The end result is that the backend domain (often, Dom0) crashes with "scheduling while atomic". IMPACT ====== Malicious guest administrators can cause denial of service. If driver domains are not in use, the impact is a host crash. VULNERABLE SYSTEMS ================== This bug affects systems using Linux as the driver domain, including non-disaggregated systems using Linux as dom0. Only versions of Linux whose netback uses NAPI are affected. In Linux mainline this is all versions of Linux containing git changeset b3f980bd82, which was introduced between Linux 3.11 and 3.12-rc1. Systems using a different OS as dom0 (eg, NetBSD, Solaris) are not vulnerable. Both x86 and ARM systems are affected. MITIGATION ========== Using driver domains may limit the scope of the denial of service, and may make it possible to resume service without restarting guests (by restarting the driver domain). Advice on reconfiguring a system to use driver domains is beyond the reasonable scope of this advisory. In the case of an x86 HVM guest, the exploit can be prevented by disabling the PV IO paths; normally this would come with a substantial performance cost, and it may involve reconfiguring the guest as well as the host. This is not recommended. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread nevertheless contains information strongly suggestive of a security bug, and a different security bug (with CVE) is suggested as seeming "similar". For these reasons we (the Xen Project Security Team) have concluded that the presence of this bug, as a security problem, is not (any longer) a secret. CREDITS ======= This issue was discovered as a bug by Török Edwin and analysed by Wei Liu of Citrix. RESOLUTION ========== Applying the attached patch resolves this issue. $ sha256sum xsa90*.patch 364d94db6dc2b151eb1bb359dc90c71cbb8c5e3dc99b73fc01d981c018777ff4 xsa90.patch $ This patch has also been applied to the network subsystem maintainer's git tree: https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=e9d8b2c2968499c1f96563e6522c56958d5a1d0d -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTO/lVAAoJEIP+FMlX6CvZkYAH/1DY0nKcCsG718IFOdtuu1LA tWhoEACOkqCrqfg/L/6/Tljd0okBlOa15v9amBAJvy7amxAIzlGHDgD3BgQ1w5Te Rc+GDVIoHhYq/LdqSj2Jr4TFXCuekOxTER3idvg+E1RrCOoEqNEFbIKey16vo/ll tn7qKs+qZ7LlQHhjLmwFuDfSromYzOoSiS43nqy4vFHgFXC1Zmk/K8p8DLHxz92y gt6EvMdoDIdgk9hZdLkRIPlqvprV6wQ69pX3MVB6WKIWwW6OYDxbMLfICbubESST 7af33QABFimadkalnN+4+xGblS1WRC5wz2XpSfNNe1bbaKkbPhXe7o9j0+mLX8g= =FL5w -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa90.patch" Content-Disposition: attachment; filename="xsa90.patch" Content-Transfer-Encoding: base64 RnJvbSBlOWQ4YjJjMjk2ODQ5OWMxZjk2NTYzZTY1MjJjNTY5NThkNWExZDBk IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBXZWkgTGl1IDx3ZWku bGl1MkBjaXRyaXguY29tPgpEYXRlOiBUdWUsIDEgQXByIDIwMTQgMTI6NDY6 MTIgKzAxMDAKU3ViamVjdDogW1BBVENIXSB4ZW4tbmV0YmFjazogZGlzYWJs ZSByb2d1ZSB2aWYgaW4ga3RocmVhZCBjb250ZXh0Ck1JTUUtVmVyc2lvbjog MS4wCkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbjsgY2hhcnNldD1VVEYtOApD b250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA4Yml0CgpXaGVuIG5ldGJhY2sg ZGlzY292ZXJzIGZyb250ZW5kIGlzIHNlbmRpbmcgbWFsZm9ybWVkIHBhY2tl dCBpdCB3aWxsCmRpc2FibGVzIHRoZSBpbnRlcmZhY2Ugd2hpY2ggc2VydmVz IHRoYXQgZnJvbnRlbmQuCgpIb3dldmVyIGRpc2FibGluZyBhIG5ldHdvcmsg aW50ZXJmYWNlIGludm9sdmluZyB0YWtpbmcgYSBtdXRleCB3aGljaApjYW5u b3QgYmUgZG9uZSBpbiBzb2Z0aXJxIGNvbnRleHQsIHNvIHdlIG5lZWQgdG8g ZGVmZXIgdGhpcyBwcm9jZXNzIHRvCmt0aHJlYWQgY29udGV4dC4KClRoaXMg cGF0Y2ggZG9lcyB0aGUgZm9sbG93aW5nOgoxLiBpbnRyb2R1Y2UgYSBmbGFn IHRvIGluZGljYXRlIHRoZSBpbnRlcmZhY2UgaXMgZGlzYWJsZWQuCjIuIGNo ZWNrIHRoYXQgZmxhZyBpbiBUWCBwYXRoLCBkb24ndCBkbyBhbnkgd29yayBp ZiBpdCdzIHRydWUuCjMuIGNoZWNrIHRoYXQgZmxhZyBpbiBSWCBwYXRoLCB0 dXJuIG9mZiB0aGF0IGludGVyZmFjZSBpZiBpdCdzIHRydWUuCgpUaGUgcmVh c29uIHRvIGRpc2FibGUgaXQgaW4gUlggcGF0aCBpcyBiZWNhdXNlIFJYIHVz ZXMga3RocmVhZC4gQWZ0ZXIKdGhpcyBjaGFuZ2UgdGhlIGJlaGF2aW9yIG9m IG5ldGJhY2sgaXMgc3RpbGwgY29uc2lzdGVudCAtLSBpdCB3b24ndCBkbwph bnkgVFggd29yayBmb3IgYSByb2d1ZSBmcm9udGVuZCwgYW5kIHRoZSBpbnRl cmZhY2Ugd2lsbCBiZSBldmVudHVhbGx5CnR1cm5lZCBvZmYuCgpBbHNvIGNo YW5nZSBhICJjb250aW51ZSIgdG8gImJyZWFrIiBhZnRlciB4ZW52aWZfZmF0 YWxfdHhfZXJyLCBhcyBpdApkb2Vzbid0IG1ha2Ugc2Vuc2UgdG8gY29udGlu dWUgcHJvY2Vzc2luZyBwYWNrZXRzIGlmIGZyb250ZW5kIGlzIHJvZ3VlLgoK VGhpcyBpcyBhIGZpeCBmb3IgWFNBLTkwLgoKUmVwb3J0ZWQtYnk6IFTDtnLD tmsgRWR3aW4gPGVkd2luQGV0b3Jvay5uZXQ+ClNpZ25lZC1vZmYtYnk6IFdl aSBMaXUgPHdlaS5saXUyQGNpdHJpeC5jb20+CkNjOiBJYW4gQ2FtcGJlbGwg PGlhbi5jYW1wYmVsbEBjaXRyaXguY29tPgpSZXZpZXdlZC1ieTogRGF2aWQg VnJhYmVsIDxkYXZpZC52cmFiZWxAY2l0cml4LmNvbT4KQWNrZWQtYnk6IElh biBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ClNpZ25lZC1v ZmYtYnk6IERhdmlkIFMuIE1pbGxlciA8ZGF2ZW1AZGF2ZW1sb2Z0Lm5ldD4K LS0tCiBkcml2ZXJzL25ldC94ZW4tbmV0YmFjay9jb21tb24uaCAgICB8ICAg IDUgKysrKysKIGRyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2ludGVyZmFjZS5j IHwgICAxMSArKysrKysrKysrKwogZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv bmV0YmFjay5jICAgfCAgIDE2ICsrKysrKysrKysrKysrLS0KIDMgZmlsZXMg Y2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMiBkZWxldGlvbnMoLSkKCmRp ZmYgLS1naXQgYS9kcml2ZXJzL25ldC94ZW4tbmV0YmFjay9jb21tb24uaCBi L2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2NvbW1vbi5oCmluZGV4IDg5YjJk NDIuLjg5ZDFkMDUgMTAwNjQ0Ci0tLSBhL2RyaXZlcnMvbmV0L3hlbi1uZXRi YWNrL2NvbW1vbi5oCisrKyBiL2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2Nv bW1vbi5oCkBAIC0xMDQsNiArMTA0LDExIEBAIHN0cnVjdCB4ZW52aWYgewog CWRvbWlkX3QgICAgICAgICAgZG9taWQ7CiAJdW5zaWduZWQgaW50ICAgICBo YW5kbGU7CiAKKwkvKiBJcyB0aGlzIGludGVyZmFjZSBkaXNhYmxlZD8gVHJ1 ZSB3aGVuIGJhY2tlbmQgZGlzY292ZXJzCisJICogZnJvbnRlbmQgaXMgcm9n dWUuCisJICovCisJYm9vbCBkaXNhYmxlZDsKKwogCS8qIFVzZSBOQVBJIGZv ciBndWVzdCBUWCAqLwogCXN0cnVjdCBuYXBpX3N0cnVjdCBuYXBpOwogCS8q IFdoZW4gZmVhdHVyZS1zcGxpdC1ldmVudC1jaGFubmVscyA9IDAsIHR4X2ly cSA9IHJ4X2lycS4gKi8KZGlmZiAtLWdpdCBhL2RyaXZlcnMvbmV0L3hlbi1u ZXRiYWNrL2ludGVyZmFjZS5jIGIvZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv aW50ZXJmYWNlLmMKaW5kZXggY2RjMjk4ZS4uZWYwNWM1YyAxMDA2NDQKLS0t IGEvZHJpdmVycy9uZXQveGVuLW5ldGJhY2svaW50ZXJmYWNlLmMKKysrIGIv ZHJpdmVycy9uZXQveGVuLW5ldGJhY2svaW50ZXJmYWNlLmMKQEAgLTYzLDYg KzYzLDE1IEBAIHN0YXRpYyBpbnQgeGVudmlmX3BvbGwoc3RydWN0IG5hcGlf c3RydWN0ICpuYXBpLCBpbnQgYnVkZ2V0KQogCXN0cnVjdCB4ZW52aWYgKnZp ZiA9IGNvbnRhaW5lcl9vZihuYXBpLCBzdHJ1Y3QgeGVudmlmLCBuYXBpKTsK IAlpbnQgd29ya19kb25lOwogCisJLyogVGhpcyB2aWYgaXMgcm9ndWUsIHdl IHByZXRlbmQgd2UndmUgdGhlcmUgaXMgbm90aGluZyB0byBkbworCSAqIGZv ciB0aGlzIHZpZiB0byBkZXNjaGVkdWxlIGl0IGZyb20gTkFQSS4gQnV0IHRo aXMgaW50ZXJmYWNlCisJICogd2lsbCBiZSB0dXJuZWQgb2ZmIGluIHRocmVh ZCBjb250ZXh0IGxhdGVyLgorCSAqLworCWlmICh1bmxpa2VseSh2aWYtPmRp c2FibGVkKSkgeworCQluYXBpX2NvbXBsZXRlKG5hcGkpOworCQlyZXR1cm4g MDsKKwl9CisKIAl3b3JrX2RvbmUgPSB4ZW52aWZfdHhfYWN0aW9uKHZpZiwg YnVkZ2V0KTsKIAogCWlmICh3b3JrX2RvbmUgPCBidWRnZXQpIHsKQEAgLTM2 Myw2ICszNzIsOCBAQCBzdHJ1Y3QgeGVudmlmICp4ZW52aWZfYWxsb2Moc3Ry dWN0IGRldmljZSAqcGFyZW50LCBkb21pZF90IGRvbWlkLAogCXZpZi0+aXBf Y3N1bSA9IDE7CiAJdmlmLT5kZXYgPSBkZXY7CiAKKwl2aWYtPmRpc2FibGVk ID0gZmFsc2U7CisKIAl2aWYtPmNyZWRpdF9ieXRlcyA9IHZpZi0+cmVtYWlu aW5nX2NyZWRpdCA9IH4wVUw7CiAJdmlmLT5jcmVkaXRfdXNlYyAgPSAwVUw7 CiAJaW5pdF90aW1lcigmdmlmLT5jcmVkaXRfdGltZW91dCk7CmRpZmYgLS1n aXQgYS9kcml2ZXJzL25ldC94ZW4tbmV0YmFjay9uZXRiYWNrLmMgYi9kcml2 ZXJzL25ldC94ZW4tbmV0YmFjay9uZXRiYWNrLmMKaW5kZXggYWUzNGY1Zi4u M2YwMjFlMCAxMDA2NDQKLS0tIGEvZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv bmV0YmFjay5jCisrKyBiL2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL25ldGJh Y2suYwpAQCAtNzExLDcgKzcxMSw4IEBAIHN0YXRpYyB2b2lkIHhlbnZpZl90 eF9lcnIoc3RydWN0IHhlbnZpZiAqdmlmLAogc3RhdGljIHZvaWQgeGVudmlm X2ZhdGFsX3R4X2VycihzdHJ1Y3QgeGVudmlmICp2aWYpCiB7CiAJbmV0ZGV2 X2Vycih2aWYtPmRldiwgImZhdGFsIGVycm9yOyBkaXNhYmxpbmcgZGV2aWNl XG4iKTsKLQl4ZW52aWZfY2Fycmllcl9vZmYodmlmKTsKKwl2aWYtPmRpc2Fi bGVkID0gdHJ1ZTsKKwl4ZW52aWZfa2lja190aHJlYWQodmlmKTsKIH0KIAog c3RhdGljIGludCB4ZW52aWZfY291bnRfcmVxdWVzdHMoc3RydWN0IHhlbnZp ZiAqdmlmLApAQCAtMTIxMiw3ICsxMjEzLDcgQEAgc3RhdGljIHVuc2lnbmVk IHhlbnZpZl90eF9idWlsZF9nb3BzKHN0cnVjdCB4ZW52aWYgKnZpZiwgaW50 IGJ1ZGdldCkKIAkJCQkgICB2aWYtPnR4LnNyaW5nLT5yZXFfcHJvZCwgdmlm LT50eC5yZXFfY29ucywKIAkJCQkgICBYRU5fTkVUSUZfVFhfUklOR19TSVpF KTsKIAkJCXhlbnZpZl9mYXRhbF90eF9lcnIodmlmKTsKLQkJCWNvbnRpbnVl OworCQkJYnJlYWs7CiAJCX0KIAogCQl3b3JrX3RvX2RvID0gUklOR19IQVNf VU5DT05TVU1FRF9SRVFVRVNUUygmdmlmLT50eCk7CkBAIC0xODA4LDcgKzE4 MDksMTggQEAgaW50IHhlbnZpZl9rdGhyZWFkX2d1ZXN0X3J4KHZvaWQgKmRh dGEpCiAJd2hpbGUgKCFrdGhyZWFkX3Nob3VsZF9zdG9wKCkpIHsKIAkJd2Fp dF9ldmVudF9pbnRlcnJ1cHRpYmxlKHZpZi0+d3EsCiAJCQkJCSByeF93b3Jr X3RvZG8odmlmKSB8fAorCQkJCQkgdmlmLT5kaXNhYmxlZCB8fAogCQkJCQkg a3RocmVhZF9zaG91bGRfc3RvcCgpKTsKKworCQkvKiBUaGlzIGZyb250ZW5k IGlzIGZvdW5kIHRvIGJlIHJvZ3VlLCBkaXNhYmxlIGl0IGluCisJCSAqIGt0 aHJlYWQgY29udGV4dC4gQ3VycmVudGx5IHRoaXMgaXMgb25seSBzZXQgd2hl bgorCQkgKiBuZXRiYWNrIGZpbmRzIG91dCBmcm9udGVuZCBzZW5kcyBtYWxm b3JtZWQgcGFja2V0LAorCQkgKiBidXQgd2UgY2Fubm90IGRpc2FibGUgdGhl IGludGVyZmFjZSBpbiBzb2Z0aXJxCisJCSAqIGNvbnRleHQgc28gd2UgZGVm ZXIgaXQgaGVyZS4KKwkJICovCisJCWlmICh1bmxpa2VseSh2aWYtPmRpc2Fi bGVkICYmIG5ldGlmX2NhcnJpZXJfb2sodmlmLT5kZXYpKSkKKwkJCXhlbnZp Zl9jYXJyaWVyX29mZih2aWYpOworCiAJCWlmIChrdGhyZWFkX3Nob3VsZF9z dG9wKCkpCiAJCQlicmVhazsKIAotLSAKMS43LjEwLjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 02 11:51:36 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 02 Apr 2014 11:51:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgU-0007Zg-7M; Wed, 02 Apr 2014 11:50:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgS-0007Z1-0r; Wed, 02 Apr 2014 11:50:20 +0000 Received: from [85.158.143.35:9878] by server-1.bemta-4.messagelabs.com id 9E/D8-09853-B79FB335; Wed, 02 Apr 2014 11:50:19 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1396439417!6476970!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22099 invoked from network); 2 Apr 2014 11:50:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 2 Apr 2014 11:50:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WVJgK-00061B-Ph; Wed, 02 Apr 2014 11:50:12 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WVJg9-0006Ma-A2; Wed, 02 Apr 2014 11:50:02 +0000 Date: Wed, 02 Apr 2014 11:50:01 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 90 (CVE-2014-2580) - Linux netback crash trying to disable due to malformed packet X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2580 / XSA-90 version 2 Linux netback crash trying to disable due to malformed packet UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2580. A fix has been accepted into the Linux network subsystem maintainer's tree. The final fix differs substantially from the initial patch, which calls xenvif_carrier_off from an invalid context resulting in a kernel panic in the backend. The updated patch defers this work to kthread context and ensures that no traffic is processed in the meantime. The attached patches have been updated accordingly. Since the patch in v1 of the advisory does not eliminate the vulnerability, users are strongly encouraged to update to the latest patch. ISSUE DESCRIPTION ================= When Linux's netback sees a malformed packet, it tries to disable the interface which serves the misbehaving frontend. This involves taking a mutex, which might sleep. But in recent versions of Linux the guest transmit path is handled by NAPI in softirq context, where sleeping is not allowed. The end result is that the backend domain (often, Dom0) crashes with "scheduling while atomic". IMPACT ====== Malicious guest administrators can cause denial of service. If driver domains are not in use, the impact is a host crash. VULNERABLE SYSTEMS ================== This bug affects systems using Linux as the driver domain, including non-disaggregated systems using Linux as dom0. Only versions of Linux whose netback uses NAPI are affected. In Linux mainline this is all versions of Linux containing git changeset b3f980bd82, which was introduced between Linux 3.11 and 3.12-rc1. Systems using a different OS as dom0 (eg, NetBSD, Solaris) are not vulnerable. Both x86 and ARM systems are affected. MITIGATION ========== Using driver domains may limit the scope of the denial of service, and may make it possible to resume service without restarting guests (by restarting the driver domain). Advice on reconfiguring a system to use driver domains is beyond the reasonable scope of this advisory. In the case of an x86 HVM guest, the exploit can be prevented by disabling the PV IO paths; normally this would come with a substantial performance cost, and it may involve reconfiguring the guest as well as the host. This is not recommended. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread nevertheless contains information strongly suggestive of a security bug, and a different security bug (with CVE) is suggested as seeming "similar". For these reasons we (the Xen Project Security Team) have concluded that the presence of this bug, as a security problem, is not (any longer) a secret. CREDITS ======= This issue was discovered as a bug by Török Edwin and analysed by Wei Liu of Citrix. RESOLUTION ========== Applying the attached patch resolves this issue. $ sha256sum xsa90*.patch 364d94db6dc2b151eb1bb359dc90c71cbb8c5e3dc99b73fc01d981c018777ff4 xsa90.patch $ This patch has also been applied to the network subsystem maintainer's git tree: https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=e9d8b2c2968499c1f96563e6522c56958d5a1d0d -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTO/lVAAoJEIP+FMlX6CvZkYAH/1DY0nKcCsG718IFOdtuu1LA tWhoEACOkqCrqfg/L/6/Tljd0okBlOa15v9amBAJvy7amxAIzlGHDgD3BgQ1w5Te Rc+GDVIoHhYq/LdqSj2Jr4TFXCuekOxTER3idvg+E1RrCOoEqNEFbIKey16vo/ll tn7qKs+qZ7LlQHhjLmwFuDfSromYzOoSiS43nqy4vFHgFXC1Zmk/K8p8DLHxz92y gt6EvMdoDIdgk9hZdLkRIPlqvprV6wQ69pX3MVB6WKIWwW6OYDxbMLfICbubESST 7af33QABFimadkalnN+4+xGblS1WRC5wz2XpSfNNe1bbaKkbPhXe7o9j0+mLX8g= =FL5w -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa90.patch" Content-Disposition: attachment; filename="xsa90.patch" Content-Transfer-Encoding: base64 RnJvbSBlOWQ4YjJjMjk2ODQ5OWMxZjk2NTYzZTY1MjJjNTY5NThkNWExZDBk IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBXZWkgTGl1IDx3ZWku bGl1MkBjaXRyaXguY29tPgpEYXRlOiBUdWUsIDEgQXByIDIwMTQgMTI6NDY6 MTIgKzAxMDAKU3ViamVjdDogW1BBVENIXSB4ZW4tbmV0YmFjazogZGlzYWJs ZSByb2d1ZSB2aWYgaW4ga3RocmVhZCBjb250ZXh0Ck1JTUUtVmVyc2lvbjog MS4wCkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbjsgY2hhcnNldD1VVEYtOApD b250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA4Yml0CgpXaGVuIG5ldGJhY2sg ZGlzY292ZXJzIGZyb250ZW5kIGlzIHNlbmRpbmcgbWFsZm9ybWVkIHBhY2tl dCBpdCB3aWxsCmRpc2FibGVzIHRoZSBpbnRlcmZhY2Ugd2hpY2ggc2VydmVz IHRoYXQgZnJvbnRlbmQuCgpIb3dldmVyIGRpc2FibGluZyBhIG5ldHdvcmsg aW50ZXJmYWNlIGludm9sdmluZyB0YWtpbmcgYSBtdXRleCB3aGljaApjYW5u b3QgYmUgZG9uZSBpbiBzb2Z0aXJxIGNvbnRleHQsIHNvIHdlIG5lZWQgdG8g ZGVmZXIgdGhpcyBwcm9jZXNzIHRvCmt0aHJlYWQgY29udGV4dC4KClRoaXMg cGF0Y2ggZG9lcyB0aGUgZm9sbG93aW5nOgoxLiBpbnRyb2R1Y2UgYSBmbGFn IHRvIGluZGljYXRlIHRoZSBpbnRlcmZhY2UgaXMgZGlzYWJsZWQuCjIuIGNo ZWNrIHRoYXQgZmxhZyBpbiBUWCBwYXRoLCBkb24ndCBkbyBhbnkgd29yayBp ZiBpdCdzIHRydWUuCjMuIGNoZWNrIHRoYXQgZmxhZyBpbiBSWCBwYXRoLCB0 dXJuIG9mZiB0aGF0IGludGVyZmFjZSBpZiBpdCdzIHRydWUuCgpUaGUgcmVh c29uIHRvIGRpc2FibGUgaXQgaW4gUlggcGF0aCBpcyBiZWNhdXNlIFJYIHVz ZXMga3RocmVhZC4gQWZ0ZXIKdGhpcyBjaGFuZ2UgdGhlIGJlaGF2aW9yIG9m IG5ldGJhY2sgaXMgc3RpbGwgY29uc2lzdGVudCAtLSBpdCB3b24ndCBkbwph bnkgVFggd29yayBmb3IgYSByb2d1ZSBmcm9udGVuZCwgYW5kIHRoZSBpbnRl cmZhY2Ugd2lsbCBiZSBldmVudHVhbGx5CnR1cm5lZCBvZmYuCgpBbHNvIGNo YW5nZSBhICJjb250aW51ZSIgdG8gImJyZWFrIiBhZnRlciB4ZW52aWZfZmF0 YWxfdHhfZXJyLCBhcyBpdApkb2Vzbid0IG1ha2Ugc2Vuc2UgdG8gY29udGlu dWUgcHJvY2Vzc2luZyBwYWNrZXRzIGlmIGZyb250ZW5kIGlzIHJvZ3VlLgoK VGhpcyBpcyBhIGZpeCBmb3IgWFNBLTkwLgoKUmVwb3J0ZWQtYnk6IFTDtnLD tmsgRWR3aW4gPGVkd2luQGV0b3Jvay5uZXQ+ClNpZ25lZC1vZmYtYnk6IFdl aSBMaXUgPHdlaS5saXUyQGNpdHJpeC5jb20+CkNjOiBJYW4gQ2FtcGJlbGwg PGlhbi5jYW1wYmVsbEBjaXRyaXguY29tPgpSZXZpZXdlZC1ieTogRGF2aWQg VnJhYmVsIDxkYXZpZC52cmFiZWxAY2l0cml4LmNvbT4KQWNrZWQtYnk6IElh biBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ClNpZ25lZC1v ZmYtYnk6IERhdmlkIFMuIE1pbGxlciA8ZGF2ZW1AZGF2ZW1sb2Z0Lm5ldD4K LS0tCiBkcml2ZXJzL25ldC94ZW4tbmV0YmFjay9jb21tb24uaCAgICB8ICAg IDUgKysrKysKIGRyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2ludGVyZmFjZS5j IHwgICAxMSArKysrKysrKysrKwogZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv bmV0YmFjay5jICAgfCAgIDE2ICsrKysrKysrKysrKysrLS0KIDMgZmlsZXMg Y2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMiBkZWxldGlvbnMoLSkKCmRp ZmYgLS1naXQgYS9kcml2ZXJzL25ldC94ZW4tbmV0YmFjay9jb21tb24uaCBi L2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2NvbW1vbi5oCmluZGV4IDg5YjJk NDIuLjg5ZDFkMDUgMTAwNjQ0Ci0tLSBhL2RyaXZlcnMvbmV0L3hlbi1uZXRi YWNrL2NvbW1vbi5oCisrKyBiL2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL2Nv bW1vbi5oCkBAIC0xMDQsNiArMTA0LDExIEBAIHN0cnVjdCB4ZW52aWYgewog CWRvbWlkX3QgICAgICAgICAgZG9taWQ7CiAJdW5zaWduZWQgaW50ICAgICBo YW5kbGU7CiAKKwkvKiBJcyB0aGlzIGludGVyZmFjZSBkaXNhYmxlZD8gVHJ1 ZSB3aGVuIGJhY2tlbmQgZGlzY292ZXJzCisJICogZnJvbnRlbmQgaXMgcm9n dWUuCisJICovCisJYm9vbCBkaXNhYmxlZDsKKwogCS8qIFVzZSBOQVBJIGZv ciBndWVzdCBUWCAqLwogCXN0cnVjdCBuYXBpX3N0cnVjdCBuYXBpOwogCS8q IFdoZW4gZmVhdHVyZS1zcGxpdC1ldmVudC1jaGFubmVscyA9IDAsIHR4X2ly cSA9IHJ4X2lycS4gKi8KZGlmZiAtLWdpdCBhL2RyaXZlcnMvbmV0L3hlbi1u ZXRiYWNrL2ludGVyZmFjZS5jIGIvZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv aW50ZXJmYWNlLmMKaW5kZXggY2RjMjk4ZS4uZWYwNWM1YyAxMDA2NDQKLS0t IGEvZHJpdmVycy9uZXQveGVuLW5ldGJhY2svaW50ZXJmYWNlLmMKKysrIGIv ZHJpdmVycy9uZXQveGVuLW5ldGJhY2svaW50ZXJmYWNlLmMKQEAgLTYzLDYg KzYzLDE1IEBAIHN0YXRpYyBpbnQgeGVudmlmX3BvbGwoc3RydWN0IG5hcGlf c3RydWN0ICpuYXBpLCBpbnQgYnVkZ2V0KQogCXN0cnVjdCB4ZW52aWYgKnZp ZiA9IGNvbnRhaW5lcl9vZihuYXBpLCBzdHJ1Y3QgeGVudmlmLCBuYXBpKTsK IAlpbnQgd29ya19kb25lOwogCisJLyogVGhpcyB2aWYgaXMgcm9ndWUsIHdl IHByZXRlbmQgd2UndmUgdGhlcmUgaXMgbm90aGluZyB0byBkbworCSAqIGZv ciB0aGlzIHZpZiB0byBkZXNjaGVkdWxlIGl0IGZyb20gTkFQSS4gQnV0IHRo aXMgaW50ZXJmYWNlCisJICogd2lsbCBiZSB0dXJuZWQgb2ZmIGluIHRocmVh ZCBjb250ZXh0IGxhdGVyLgorCSAqLworCWlmICh1bmxpa2VseSh2aWYtPmRp c2FibGVkKSkgeworCQluYXBpX2NvbXBsZXRlKG5hcGkpOworCQlyZXR1cm4g MDsKKwl9CisKIAl3b3JrX2RvbmUgPSB4ZW52aWZfdHhfYWN0aW9uKHZpZiwg YnVkZ2V0KTsKIAogCWlmICh3b3JrX2RvbmUgPCBidWRnZXQpIHsKQEAgLTM2 Myw2ICszNzIsOCBAQCBzdHJ1Y3QgeGVudmlmICp4ZW52aWZfYWxsb2Moc3Ry dWN0IGRldmljZSAqcGFyZW50LCBkb21pZF90IGRvbWlkLAogCXZpZi0+aXBf Y3N1bSA9IDE7CiAJdmlmLT5kZXYgPSBkZXY7CiAKKwl2aWYtPmRpc2FibGVk ID0gZmFsc2U7CisKIAl2aWYtPmNyZWRpdF9ieXRlcyA9IHZpZi0+cmVtYWlu aW5nX2NyZWRpdCA9IH4wVUw7CiAJdmlmLT5jcmVkaXRfdXNlYyAgPSAwVUw7 CiAJaW5pdF90aW1lcigmdmlmLT5jcmVkaXRfdGltZW91dCk7CmRpZmYgLS1n aXQgYS9kcml2ZXJzL25ldC94ZW4tbmV0YmFjay9uZXRiYWNrLmMgYi9kcml2 ZXJzL25ldC94ZW4tbmV0YmFjay9uZXRiYWNrLmMKaW5kZXggYWUzNGY1Zi4u M2YwMjFlMCAxMDA2NDQKLS0tIGEvZHJpdmVycy9uZXQveGVuLW5ldGJhY2sv bmV0YmFjay5jCisrKyBiL2RyaXZlcnMvbmV0L3hlbi1uZXRiYWNrL25ldGJh Y2suYwpAQCAtNzExLDcgKzcxMSw4IEBAIHN0YXRpYyB2b2lkIHhlbnZpZl90 eF9lcnIoc3RydWN0IHhlbnZpZiAqdmlmLAogc3RhdGljIHZvaWQgeGVudmlm X2ZhdGFsX3R4X2VycihzdHJ1Y3QgeGVudmlmICp2aWYpCiB7CiAJbmV0ZGV2 X2Vycih2aWYtPmRldiwgImZhdGFsIGVycm9yOyBkaXNhYmxpbmcgZGV2aWNl XG4iKTsKLQl4ZW52aWZfY2Fycmllcl9vZmYodmlmKTsKKwl2aWYtPmRpc2Fi bGVkID0gdHJ1ZTsKKwl4ZW52aWZfa2lja190aHJlYWQodmlmKTsKIH0KIAog c3RhdGljIGludCB4ZW52aWZfY291bnRfcmVxdWVzdHMoc3RydWN0IHhlbnZp ZiAqdmlmLApAQCAtMTIxMiw3ICsxMjEzLDcgQEAgc3RhdGljIHVuc2lnbmVk IHhlbnZpZl90eF9idWlsZF9nb3BzKHN0cnVjdCB4ZW52aWYgKnZpZiwgaW50 IGJ1ZGdldCkKIAkJCQkgICB2aWYtPnR4LnNyaW5nLT5yZXFfcHJvZCwgdmlm LT50eC5yZXFfY29ucywKIAkJCQkgICBYRU5fTkVUSUZfVFhfUklOR19TSVpF KTsKIAkJCXhlbnZpZl9mYXRhbF90eF9lcnIodmlmKTsKLQkJCWNvbnRpbnVl OworCQkJYnJlYWs7CiAJCX0KIAogCQl3b3JrX3RvX2RvID0gUklOR19IQVNf VU5DT05TVU1FRF9SRVFVRVNUUygmdmlmLT50eCk7CkBAIC0xODA4LDcgKzE4 MDksMTggQEAgaW50IHhlbnZpZl9rdGhyZWFkX2d1ZXN0X3J4KHZvaWQgKmRh dGEpCiAJd2hpbGUgKCFrdGhyZWFkX3Nob3VsZF9zdG9wKCkpIHsKIAkJd2Fp dF9ldmVudF9pbnRlcnJ1cHRpYmxlKHZpZi0+d3EsCiAJCQkJCSByeF93b3Jr X3RvZG8odmlmKSB8fAorCQkJCQkgdmlmLT5kaXNhYmxlZCB8fAogCQkJCQkg a3RocmVhZF9zaG91bGRfc3RvcCgpKTsKKworCQkvKiBUaGlzIGZyb250ZW5k IGlzIGZvdW5kIHRvIGJlIHJvZ3VlLCBkaXNhYmxlIGl0IGluCisJCSAqIGt0 aHJlYWQgY29udGV4dC4gQ3VycmVudGx5IHRoaXMgaXMgb25seSBzZXQgd2hl bgorCQkgKiBuZXRiYWNrIGZpbmRzIG91dCBmcm9udGVuZCBzZW5kcyBtYWxm b3JtZWQgcGFja2V0LAorCQkgKiBidXQgd2UgY2Fubm90IGRpc2FibGUgdGhl IGludGVyZmFjZSBpbiBzb2Z0aXJxCisJCSAqIGNvbnRleHQgc28gd2UgZGVm ZXIgaXQgaGVyZS4KKwkJICovCisJCWlmICh1bmxpa2VseSh2aWYtPmRpc2Fi bGVkICYmIG5ldGlmX2NhcnJpZXJfb2sodmlmLT5kZXYpKSkKKwkJCXhlbnZp Zl9jYXJyaWVyX29mZih2aWYpOworCiAJCWlmIChrdGhyZWFkX3Nob3VsZF9z dG9wKCkpCiAJCQlicmVhazsKIAotLSAKMS43LjEwLjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Tue Apr 22 15:07:52 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Apr 2014 15:07:52 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccHB-0004DW-90; Tue, 22 Apr 2014 15:06:25 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccH9-0004D4-47; Tue, 22 Apr 2014 15:06:23 +0000 Received: from [85.158.139.211:30912] by server-8.bemta-5.messagelabs.com id 9E/1E-11310-E6586535; Tue, 22 Apr 2014 15:06:22 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1398179179!8764090!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12464 invoked from network); 22 Apr 2014 15:06:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 22 Apr 2014 15:06:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccGx-0002cL-6S; Tue, 22 Apr 2014 15:06:11 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WccGv-0002Uj-Kr; Tue, 22 Apr 2014 15:06:10 +0000 Date: Tue, 22 Apr 2014 15:06:09 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-93 Hardware features unintentionally exposed to guests on ARM ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not correctly configuring the hardware virtualisation platform and therefore did not prevent guests from accessing various hardware features including cache control, coprocessors, debug registers and various processor specific registers. IMPACT ====== By accessing these hardware facilities a malicious or buggy guest may be able to cause various issues, including crashing the host, crashing other guests (including control domains) and data corruption. Privilege escalation is not thought to be possible but has not been ruled out. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread contains information strongly suggestive of a security bug and included example code which can crash the host. CREDITS ======= The initial bug was discovered by Thomas Leonard and further followup issues were discovered by Julien Grall. RESOLUTION ========== Applying the attached patches resolves this issue. xsa93-unstable-{01..06}.patch xen-unstable xsa93-4.4-{01..06}.patch Xen 4.4.x $ sha256sum xsa93*.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-4.4-01.patch 68ec2bdb48dd232dbabefbe7c971546b52d7001a128471226a41f36e27a806f2 xsa93-4.4-02.patch 541d2d57ee85a9603ae4bf00bb321f6f491354df9e15eb09ddb5ccba68333ecc xsa93-4.4-03.patch 6a3736e5dea1d45df6b979f02e06e058d8dffdbcf128d2d0984db404a87ebb62 xsa93-4.4-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-4.4-05.patch e212ad288eaeccf6a33cab27ecc6515a889365b0c56b5010e91a603ce239a38b xsa93-4.4-06.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-unstable-01.patch 9b472975087dee1d22db8e5f3e55b1589910d84de86b2cad218bfd540fbbd92e xsa93-unstable-02.patch f921ba7c1b216dd425035f94ac9eef9374ae5eba4af4cb5a3b7aa3f958a0a767 xsa93-unstable-03.patch 45b7e6b226a4449370c4dbe21aa71c398955e4ed2bc7cf9e4426f29583af14be xsa93-unstable-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-unstable-05.patch e2668f0ecf1e79aa30928791b92a15c15821c8bce7958a5c3fee7563cf81960b xsa93-unstable-06.patch $ NOTE: These patches unconditionally deny access by all guests (including control domains) to various hardware features in order to close the vulnerability. Specifically guests are prevented from accessing: * coprocessors 0..9, 12 and 13; * coprocessor 14 (trace registers); * coprocessor 15 encodings: CRn==c9, opc1=={0-7}, CRm=={c0-c2, c5-c8}, opc2=={0-7}, CRn==c10, opc1=={0-7}, CRm=={c0, c1, c4, c8}, opc2=={0-7} CRn==c11, opc1=={0-7}, CRm=={c0-c8, c15}, opc2=={0-7} (IMPLEMENTATION DEFINED cache, TCM, branch predictor, memory remapping, and TLB control registers); * cp15 c15 (IMPLEMENTATION DEFINED); * Debug and Performance monitor registers. We have checked common Operating Systems which are known to run on Xen on ARM and not found any default uses of these registers. However it is expected that tools such as the Linux perf tool which make use of debug and performance registers will no longer function correctly in guest context. In addition if your use case requires access to specific coprocessors by one or more guest domains then additional local patches may be required to enable this. Where feasible we hope to reenable these use cases in the future. If this affects you then please contact the xen-devel mailing list http://lists.xen.org/mailman/listinfo/xen-devel. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTVoUqAAoJEIP+FMlX6CvZCDYH/i7QijGjgd4TtHPoJKkwKZhk P2Kztlo+EDm90UeAPy6BtsPIhHH8bI5yBCdbV/T8p32uRHv9GMyGCsIN+Qt0q7wO VgRvBGvr3Gpc/UvpsMQTNCFcy2BG6glI27icz9Ck8Uolan+Lc8cMDYTzy02XzTgV MN4hoBw51Mc/EVAyy0QSTF8nOpBMnzva7peDVOcVv90y3H0UNPQT+JKkw7r53jyJ SNXxiVnNN/mYhi7aD2UhX8zx01I/WsIhXt2tcW2q5pjTS+xoqW3Q2BB2nw7BOWPq 3I3AaZZ7jxt1AwL2T1LJBu6fVL6Qa1Bsr+q6QkCOfmP71v6ERq/Zuf0QavJTiL8= =qtaJ -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa93-4.4-01.patch" Content-Disposition: attachment; filename="xsa93-4.4-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-02.patch" Content-Disposition: attachment; filename="xsa93-4.4-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfcHYz Ml9kb21haW4oY3VycmVudC0+ZG9tYWluKSApCisgICAgICAgICAgICBnb3Rv IGJhZF90cmFwOworICAgICAgICBkb19jcChyZWdzLCBoc3IpOworICAgICAg ICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19TTUMzMjoKICAgICAgICAgaW5q ZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOwogICAgICAgICBicmVhazsK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCmluZGV4IDUwODQ2N2EuLjJi NDExYWYgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdz LmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaApAQCAtMTE1 LDYgKzExNSw3IEBACiAjZGVmaW5lIE5TQUNSICAgICAgICAgICBwMTUsMCxj MSxjMSwyICAgLyogTm9uLVNlY3VyZSBBY2Nlc3MgQ29udHJvbCBSZWdpc3Rl ciAqLwogI2RlZmluZSBIU0NUTFIgICAgICAgICAgcDE1LDQsYzEsYzAsMCAg IC8qIEh5cC4gU3lzdGVtIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNkZWZpbmUg SENSICAgICAgICAgICAgIHAxNSw0LGMxLGMxLDAgICAvKiBIeXAuIENvbmZp Z3VyYXRpb24gUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSENQVFIgICAgICAgICAg IHAxNSw0LGMxLGMxLDIgICAvKiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVn aXN0ZXIgKi8KIAogLyogQ1AxNSBDUjI6IFRyYW5zbGF0aW9uIFRhYmxlIEJh c2UgYW5kIENvbnRyb2wgUmVnaXN0ZXJzICovCiAjZGVmaW5lIFRUQkNSICAg ICAgICAgICBwMTUsMCxjMixjMCwyICAgLyogVHJhbnNsYXRhdGlvbiBUYWJs ZSBCYXNlIENvbnRyb2wgUmVnaXN0ZXIgKi8KQEAgLTI2MCw2ICsyNjEsNyBA QAogI2RlZmluZSBDTlRWX0NWQUxfRUwwICAgICAgICAgICBDTlRWX0NWQUwK ICNkZWZpbmUgQ09OVEVYVElEUl9FTDEgICAgICAgICAgQ09OVEVYVElEUgog I2RlZmluZSBDUEFDUl9FTDEgICAgICAgICAgICAgICBDUEFDUgorI2RlZmlu ZSBDUFRSX0VMMiAgICAgICAgICAgICAgICBIQ1BUUgogI2RlZmluZSBDU1NF TFJfRUwxICAgICAgICAgICAgICBDU1NFTFIKICNkZWZpbmUgREFDUjMyX0VM MiAgICAgICAgICAgICAgREFDUgogI2RlZmluZSBFU1JfRUwxICAgICAgICAg ICAgICAgICBERlNSCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwNmU2MzhmLi4wMmNlZmU5IDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg0LDEzICs4NCwxOCBAQAogI2RlZmlu ZSBIQ1JfU1dJTyAgICAgICAgKF9BQygxLFVMKTw8MSkgLyogU2V0L1dheSBJ bnZhbGlkYXRpb24gT3ZlcnJpZGUgKi8KICNkZWZpbmUgSENSX1ZNICAgICAg ICAgIChfQUMoMSxVTCk8PDApIC8qIFZpcnR1YWwgTU1VIEVuYWJsZSAqLwog CisvKiBIQ1BUUiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSENQVFJfVFRBICAgICAgICgoX0FDKDEsVSk8PDIwKSkgICAg ICAgIC8qIFRyYXAgdHJhY2UgcmVnaXN0ZXJzICovCisjZGVmaW5lIEhDUFRS X0NQKHgpICAgICAoKF9BQygxLFUpPDwoeCkpKSAgICAgICAvKiBUcmFwIENv cHJvY2Vzc29yIHggKi8KKyNkZWZpbmUgSENQVFJfQ1BfTUFTSyAgICgoX0FD KDEsVSk8PDE0KS0xKQorCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAg ICAgICAgICAweDAwCiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAg ICAgICAweDAxCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAg ICAweDAzCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAw eDA0CiAjZGVmaW5lIEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1 CiAjZGVmaW5lIEhTUl9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2Ci0j ZGVmaW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3CisjZGVm aW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3ICAgICAgICAv KiBIQ1BUUi10cmFwcGVkIGFjY2VzcyB0byBDUDAtQ1AxMyAqLwogI2RlZmlu ZSBIU1JfRUNfQ1AxMCAgICAgICAgICAgICAgICAgMHgwOAogI2RlZmluZSBI U1JfRUNfSkFaRUxMRSAgICAgICAgICAgICAgMHgwOQogI2RlZmluZSBIU1Jf RUNfQlhKICAgICAgICAgICAgICAgICAgMHgwYQotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-03.patch" Content-Disposition: attachment; filename="xsa93-4.4-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-04.patch" Content-Disposition: attachment; filename="xsa93-4.4-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfT1VURVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-05.patch" Content-Disposition: attachment; filename="xsa93-4.4-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-06.patch" Content-Disposition: attachment; filename="xsa93-4.4-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzX3B2MzJfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQor ICAgICAgICAgICAgZ290byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AxNChy ZWdzLCBoc3IpOworICAgICAgICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19D UDoKICAgICAgICAgaWYgKCAhaXNfcHYzMl9kb21haW4oY3VycmVudC0+ZG9t YWluKSApCiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwpkaWZmIC0tZ2l0 IGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCBiL3hlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmgKaW5kZXggZTlhODA5NC4uYmY4MTMzZSAxMDA2 NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAorKysgYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCkBAIC0xMTUsNiArMTE1LDcg QEAKICNkZWZpbmUgTlNBQ1IgICAgICAgICAgIHAxNSwwLGMxLGMxLDIgICAv KiBOb24tU2VjdXJlIEFjY2VzcyBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVm aW5lIEhTQ1RMUiAgICAgICAgICBwMTUsNCxjMSxjMCwwICAgLyogSHlwLiBT eXN0ZW0gQ29udHJvbCBSZWdpc3RlciAqLwogI2RlZmluZSBIQ1IgICAgICAg ICAgICAgcDE1LDQsYzEsYzEsMCAgIC8qIEh5cC4gQ29uZmlndXJhdGlvbiBS ZWdpc3RlciAqLworI2RlZmluZSBIRENSICAgICAgICAgICAgcDE1LDQsYzEs YzEsMSAgIC8qIEh5cC4gRGVidWcgQ29uZmlndXJhdGlvbiBSZWdpc3RlciAq LwogI2RlZmluZSBIQ1BUUiAgICAgICAgICAgcDE1LDQsYzEsYzEsMiAgIC8q IEh5cC4gQ29wcm9jZXNzb3IgVHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBI U1RSICAgICAgICAgICAgcDE1LDQsYzEsYzEsMyAgIC8qIEh5cC4gU3lzdGVt IFRyYXAgUmVnaXN0ZXIgKi8KIApAQCAtMjg3LDYgKzI4OCw3IEBACiAjZGVm aW5lIElEX1BGUjBfRUwxICAgICAgICAgICAgIElEX1BGUjAKICNkZWZpbmUg SURfUEZSMV9FTDEgICAgICAgICAgICAgSURfUEZSMQogI2RlZmluZSBJRlNS MzJfRUwyICAgICAgICAgICAgICBJRlNSCisjZGVmaW5lIE1EQ1JfRUwyICAg ICAgICAgICAgICAgIEhEQ1IKICNkZWZpbmUgTUlEUl9FTDEgICAgICAgICAg ICAgICAgTUlEUgogI2RlZmluZSBNUElEUl9FTDEgICAgICAgICAgICAgICBN UElEUgogI2RlZmluZSBQQVJfRUwxICAgICAgICAgICAgICAgICBQQVIKZGlm ZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCmluZGV4IDc1MDg2NGEu LjkyNjdjMWIgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJv Y2Vzc29yLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aApAQCAtOTIsMTIgKzkyLDE5IEBACiAvKiBIU1RSIEh5cC4gU3lzdGVtIFRy YXAgUmVnaXN0ZXIgKi8KICNkZWZpbmUgSFNUUl9UKHgpICAgICAgICgoX0FD KDEsVSk8PCh4KSkpICAgICAgIC8qIFRyYXAgQ3AxNSBjPHg+ICovCiAKKy8q IEhEQ1IgSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVyICovCisj ZGVmaW5lIEhEQ1JfVERSQSAgICAgICAoX0FDKDEsVSk8PDExKSAgICAgICAg ICAvKiBUcmFwIERlYnVnIFJPTSBhY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9U RE9TQSAgICAgIChfQUMoMSxVKTw8MTApICAgICAgICAgIC8qIFRyYXAgRGVi dWctT1MtcmVsYXRlZCByZWdpc3RlciBhY2Nlc3MgKi8KKyNkZWZpbmUgSERD Ul9UREEgICAgICAgIChfQUMoMSxVKTw8OSkgICAgICAgICAgIC8qIFRyYXAg RGVidWcgQWNjZXNzICovCisjZGVmaW5lIEhEQ1JfVFBNICAgICAgICAoX0FD KDEsVSk8PDYpICAgICAgICAgICAvKiBUcmFwIFBlcmZvcm1hbmNlIE1vbml0 b3JzIGFjY2Vzc2VzICovCisjZGVmaW5lIEhEQ1JfVFBNQ1IgICAgICAoX0FD KDEsVSk8PDUpICAgICAgICAgICAvKiBUcmFwIFBNQ1IgYWNjZXNzZXMgKi8K KwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAog I2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2Rl ZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwogI2RlZmlu ZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAgMHgwNAotI2RlZmluZSBI U1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgwNQotI2RlZmluZSBIU1Jf RUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgorI2RlZmluZSBIU1JfRUNf Q1AxNF8zMiAgICAgICAgICAgICAgMHgwNSAgICAgICAgLyogVHJhcHBlZCBN Q1Igb3IgTVJDIGFjY2VzcyB0byBDUDE0ICovCisjZGVmaW5lIEhTUl9FQ19D UDE0X0RCRyAgICAgICAgICAgICAweDA2ICAgICAgICAvKiBUcmFwcGVkIExE Qy9TVEMgYWNjZXNzIHRvIENQMTQgKG9ubHkgZm9yIGRlYnVnIHJlZ2lzdGVy cykgKi8KICNkZWZpbmUgSFNSX0VDX0NQICAgICAgICAgICAgICAgICAgIDB4 MDcgICAgICAgIC8qIEhDUFRSLXRyYXBwZWQgYWNjZXNzIHRvIENQMC1DUDEz ICovCiAjZGVmaW5lIEhTUl9FQ19DUDEwICAgICAgICAgICAgICAgICAweDA4 CiAjZGVmaW5lIEhTUl9FQ19KQVpFTExFICAgICAgICAgICAgICAweDA5CmRp ZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL3N5c3JlZ3MuaCBiL3hl bi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCmluZGV4IDBjZWUwZTkuLjRh NGRlMzQgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCkBAIC00 MCw2ICs0MCwzMSBAQAogICAgICgoX19IU1JfU1lTUkVHXyMjY3JtKSA8PCBI U1JfU1lTUkVHX0NSTV9TSElGVCkgfCBcCiAgICAgKChfX0hTUl9TWVNSRUdf IyNvcDIpIDw8IEhTUl9TWVNSRUdfT1AyX1NISUZUKQogCisjZGVmaW5lIEhT Ul9TWVNSRUdfTURTQ1JfRUwxICAgICAgSFNSX1NZU1JFRygyLDAsYzAsYzIs MikKKyNkZWZpbmUgSFNSX1NZU1JFR19PU0xBUl9FTDEgICAgICBIU1JfU1lT UkVHKDIsMCxjMSxjMCw0KQorCisjZGVmaW5lIEhTUl9TWVNSRUdfREJHQlZS bl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw0KQorI2RlZmluZSBI U1JfU1lTUkVHX0RCR0JDUm5fRUwxKG4pIEhTUl9TWVNSRUcoMiwwLGMwLGMj I24sNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdXVlJuX0VMMShuKSBIU1Jf U1lTUkVHKDIsMCxjMCxjIyNuLDYpCisjZGVmaW5lIEhTUl9TWVNSRUdfREJH V0NSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw3KQorCisjZGVm aW5lIEhTUl9TWVNSRUdfREJHX0NBU0VTKFJFRykgY2FzZSBIU1JfU1lTUkVH XyMjUkVHIyNuX0VMMSgwKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEpOiAg XAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNS X1NZU1JFR18jI1JFRyMjbl9FTDEoMik6ICBcCisgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VM MSgzKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBj YXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDQpOiAgXAorICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JF RyMjbl9FTDEoNSk6ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg2KTogIFwKKyAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDcpOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoOCk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg5KTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDEwKTogXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTEpOiBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSgxMik6IFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEzKTogXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoMTQpOiBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgx NSkKKwogI2RlZmluZSBIU1JfU1lTUkVHX1NDVExSX0VMMSAgICAgIEhTUl9T WVNSRUcoMywwLGMxLCBjMCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX1RUQlIw X0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBjMCwwKQogI2RlZmluZSBI U1JfU1lTUkVHX1RUQlIxX0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBj MCwxKQpAQCAtNDgsMTAgKzczLDI4IEBACiAjZGVmaW5lIEhTUl9TWVNSRUdf QUZTUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzUsIGMxLDEpCiAjZGVm aW5lIEhTUl9TWVNSRUdfRVNSX0VMMSAgICAgICAgSFNSX1NZU1JFRygzLDAs YzUsIGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfRkFSX0VMMSAgICAgICAg SFNSX1NZU1JFRygzLDAsYzYsIGMwLDApCisjZGVmaW5lIEhTUl9TWVNSRUdf UE1JTlRFTlNFVF9FTDEgSFNSX1NZU1JFRygzLDAsYzksYzE0LDEpCisjZGVm aW5lIEhTUl9TWVNSRUdfUE1JTlRFTkNMUl9FTDEgSFNSX1NZU1JFRygzLDAs YzksYzE0LDIpCiAjZGVmaW5lIEhTUl9TWVNSRUdfTUFJUl9FTDEgICAgICAg SFNSX1NZU1JFRygzLDAsYzEwLGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdf QU1BSVJfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzEwLGMzLDApCiAjZGVm aW5lIEhTUl9TWVNSRUdfQ09OVEVYVElEUl9FTDEgSFNSX1NZU1JFRygzLDAs YzEzLGMwLDEpCiAKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNSX0VMMCAgICAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNOVEVOU0VUX0VMMCBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUNOVEVOQ0xSX0VMMCBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsMikKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU0NMUl9FTDAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMykKKyNkZWZpbmUgSFNSX1NZU1JF R19QTVNXSU5DX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNCkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTVNFTFJfRUwwICAgICBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNFSUQwX0VMMCAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNikKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNFSUQxX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNykKKwor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ0NOVFJfRUwwICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMywwKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNWEVWVFlQRVJf RUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMywxKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNWEVWQ05UUl9FTDAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMywyKQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1VU0VSRU5SX0VMMCAgSFNSX1NZU1JF RygzLDMsYzksYzE0LDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1PVlNTRVRf RUwwICAgSFNSX1NZU1JFRygzLDMsYzksYzE0LDMpCisKICNkZWZpbmUgSFNS X1NZU1JFR19DTlRQQ1RfRUwwICAgICBIU1JfU1lTUkVHKDMsMyxjMTQsYzAs MCkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX0NUTF9FTDAgICBIU1JfU1lT UkVHKDMsMyxjMTQsYzIsMSkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX1RW QUxfRUwwICBIU1JfU1lTUkVHKDMsMyxjMTQsYzIsMCkKLS0gCjEuNy4xMC40 Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-01.patch" Content-Disposition: attachment; filename="xsa93-unstable-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-02.patch" Content-Disposition: attachment; filename="xsa93-unstable-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfMzJi aXRfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQorICAgICAgICAgICAgZ290 byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AocmVncywgaHNyKTsKKyAgICAg ICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNfU01DMzI6CiAgICAgICAgIGlu amVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKICAgICAgICAgYnJlYWs7 CmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCA1MDg0NjdhLi4y YjQxMWFmIDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTEx NSw2ICsxMTUsNyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAs YzEsYzEsMiAgIC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0 ZXIgKi8KICNkZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAg ICAvKiBIeXAuIFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhDUiAgICAgICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25m aWd1cmF0aW9uIFJlZ2lzdGVyICovCisjZGVmaW5lIEhDUFRSICAgICAgICAg ICBwMTUsNCxjMSxjMSwyICAgLyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJl Z2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJsZSBC YXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJDUiAg ICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24gVGFi bGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNjAsNiArMjYxLDcg QEAKICNkZWZpbmUgQ05UVl9DVkFMX0VMMCAgICAgICAgICAgQ05UVl9DVkFM CiAjZGVmaW5lIENPTlRFWFRJRFJfRUwxICAgICAgICAgIENPTlRFWFRJRFIK ICNkZWZpbmUgQ1BBQ1JfRUwxICAgICAgICAgICAgICAgQ1BBQ1IKKyNkZWZp bmUgQ1BUUl9FTDIgICAgICAgICAgICAgICAgSENQVFIKICNkZWZpbmUgQ1NT RUxSX0VMMSAgICAgICAgICAgICAgQ1NTRUxSCiAjZGVmaW5lIERBQ1IzMl9F TDIgICAgICAgICAgICAgIERBQ1IKICNkZWZpbmUgRVNSX0VMMSAgICAgICAg ICAgICAgICAgREZTUgpkaWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFy bS9wcm9jZXNzb3IuaCBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29y LmgKaW5kZXggMDZlNjM4Zi4uMDJjZWZlOSAxMDA2NDQKLS0tIGEveGVuL2lu Y2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oCkBAIC04NCwxMyArODQsMTggQEAKICNkZWZp bmUgSENSX1NXSU8gICAgICAgIChfQUMoMSxVTCk8PDEpIC8qIFNldC9XYXkg SW52YWxpZGF0aW9uIE92ZXJyaWRlICovCiAjZGVmaW5lIEhDUl9WTSAgICAg ICAgICAoX0FDKDEsVUwpPDwwKSAvKiBWaXJ0dWFsIE1NVSBFbmFibGUgKi8K IAorLyogSENQVFIgSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICov CisjZGVmaW5lIEhDUFRSX1RUQSAgICAgICAoKF9BQygxLFUpPDwyMCkpICAg ICAgICAvKiBUcmFwIHRyYWNlIHJlZ2lzdGVycyAqLworI2RlZmluZSBIQ1BU Ul9DUCh4KSAgICAgKChfQUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBD b3Byb2Nlc3NvciB4ICovCisjZGVmaW5lIEhDUFRSX0NQX01BU0sgICAoKF9B QygxLFUpPDwxNCktMSkKKwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAg ICAgICAgICAgMHgwMAogI2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAg ICAgICAgMHgwMQogI2RlZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAg ICAgMHgwMwogI2RlZmluZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAg MHgwNAogI2RlZmluZSBIU1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgw NQogI2RlZmluZSBIU1JfRUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgot I2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNworI2Rl ZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNyAgICAgICAg LyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQMTMgKi8KICNkZWZp bmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4MDgKICNkZWZpbmUg SFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkKICNkZWZpbmUgSFNS X0VDX0JYSiAgICAgICAgICAgICAgICAgIDB4MGEKLS0gCjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-03.patch" Content-Disposition: attachment; filename="xsa93-unstable-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-04.patch" Content-Disposition: attachment; filename="xsa93-unstable-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfSU5ORVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-05.patch" Content-Disposition: attachment; filename="xsa93-unstable-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-06.patch" Content-Disposition: attachment; filename="xsa93-unstable-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5kb21haW4pICkK KyAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CisgICAgICAgIGRvX2NwMTQo cmVncywgaHNyKTsKKyAgICAgICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNf Q1A6CiAgICAgICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5k b21haW4pICkKICAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CmRpZmYgLS1n aXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIveGVuL2luY2x1 ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCBlOWE4MDk0Li5iZjgxMzNlIDEw MDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCisrKyBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTExNSw2ICsxMTUs NyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAsYzEsYzEsMiAg IC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAgICAvKiBIeXAu IFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5lIEhDUiAgICAg ICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25maWd1cmF0aW9u IFJlZ2lzdGVyICovCisjZGVmaW5lIEhEQ1IgICAgICAgICAgICBwMTUsNCxj MSxjMSwxICAgLyogSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVy ICovCiAjZGVmaW5lIEhDUFRSICAgICAgICAgICBwMTUsNCxjMSxjMSwyICAg LyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhTVFIgICAgICAgICAgICBwMTUsNCxjMSxjMSwzICAgLyogSHlwLiBTeXN0 ZW0gVHJhcCBSZWdpc3RlciAqLwogCkBAIC0yODcsNiArMjg4LDcgQEAKICNk ZWZpbmUgSURfUEZSMF9FTDEgICAgICAgICAgICAgSURfUEZSMAogI2RlZmlu ZSBJRF9QRlIxX0VMMSAgICAgICAgICAgICBJRF9QRlIxCiAjZGVmaW5lIElG U1IzMl9FTDIgICAgICAgICAgICAgIElGU1IKKyNkZWZpbmUgTURDUl9FTDIg ICAgICAgICAgICAgICAgSERDUgogI2RlZmluZSBNSURSX0VMMSAgICAgICAg ICAgICAgICBNSURSCiAjZGVmaW5lIE1QSURSX0VMMSAgICAgICAgICAgICAg IE1QSURSCiAjZGVmaW5lIFBBUl9FTDEgICAgICAgICAgICAgICAgIFBBUgpk aWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaCBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmgKaW5kZXggNzUwODY0 YS4uOTI2N2MxYiAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9w cm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nv ci5oCkBAIC05MiwxMiArOTIsMTkgQEAKIC8qIEhTVFIgSHlwLiBTeXN0ZW0g VHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChf QUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KIAor LyogSERDUiBIeXAuIERlYnVnIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSERDUl9URFJBICAgICAgIChfQUMoMSxVKTw8MTEpICAgICAg ICAgIC8qIFRyYXAgRGVidWcgUk9NIGFjY2VzcyAqLworI2RlZmluZSBIRENS X1RET1NBICAgICAgKF9BQygxLFUpPDwxMCkgICAgICAgICAgLyogVHJhcCBE ZWJ1Zy1PUy1yZWxhdGVkIHJlZ2lzdGVyIGFjY2VzcyAqLworI2RlZmluZSBI RENSX1REQSAgICAgICAgKF9BQygxLFUpPDw5KSAgICAgICAgICAgLyogVHJh cCBEZWJ1ZyBBY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9UUE0gICAgICAgIChf QUMoMSxVKTw8NikgICAgICAgICAgIC8qIFRyYXAgUGVyZm9ybWFuY2UgTW9u aXRvcnMgYWNjZXNzZXMgKi8KKyNkZWZpbmUgSERDUl9UUE1DUiAgICAgIChf QUMoMSxVKTw8NSkgICAgICAgICAgIC8qIFRyYXAgUE1DUiBhY2Nlc3NlcyAq LworCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAgICAgICAgICAweDAw CiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAgICAgICAweDAxCiAj ZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAgICAweDAzCiAjZGVm aW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAweDA0Ci0jZGVmaW5l IEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1Ci0jZGVmaW5lIEhT Ul9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2CisjZGVmaW5lIEhTUl9F Q19DUDE0XzMyICAgICAgICAgICAgICAweDA1ICAgICAgICAvKiBUcmFwcGVk IE1DUiBvciBNUkMgYWNjZXNzIHRvIENQMTQgKi8KKyNkZWZpbmUgSFNSX0VD X0NQMTRfREJHICAgICAgICAgICAgIDB4MDYgICAgICAgIC8qIFRyYXBwZWQg TERDL1NUQyBhY2Nlc3MgdG8gQ1AxNCAob25seSBmb3IgZGVidWcgcmVnaXN0 ZXJzKSAqLwogI2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAg MHgwNyAgICAgICAgLyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQ MTMgKi8KICNkZWZpbmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4 MDgKICNkZWZpbmUgSFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKaW5kZXggMGNlZTBlOS4u NGE0ZGUzNCAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNy ZWdzLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKQEAg LTQwLDYgKzQwLDMxIEBACiAgICAgKChfX0hTUl9TWVNSRUdfIyNjcm0pIDw8 IEhTUl9TWVNSRUdfQ1JNX1NISUZUKSB8IFwKICAgICAoKF9fSFNSX1NZU1JF R18jI29wMikgPDwgSFNSX1NZU1JFR19PUDJfU0hJRlQpCiAKKyNkZWZpbmUg SFNSX1NZU1JFR19NRFNDUl9FTDEgICAgICBIU1JfU1lTUkVHKDIsMCxjMCxj MiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX09TTEFSX0VMMSAgICAgIEhTUl9T WVNSRUcoMiwwLGMxLGMwLDQpCisKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdC VlJuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDQpCisjZGVmaW5l IEhTUl9TWVNSRUdfREJHQkNSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAs YyMjbiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX0RCR1dWUm5fRUwxKG4pIEhT Ul9TWVNSRUcoMiwwLGMwLGMjI24sNikKKyNkZWZpbmUgSFNSX1NZU1JFR19E QkdXQ1JuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDcpCisKKyNk ZWZpbmUgSFNSX1NZU1JFR19EQkdfQ0FTRVMoUkVHKSBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDApOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMSk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgyKTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDMpOiAgXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoNCk6ICBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSg1KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDYpOiAgXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoNyk6ICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg4 KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNl IEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDkpOiAgXAorICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMj bl9FTDEoMTApOiBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgxMSk6IFwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdf IyNSRUcjI25fRUwxKDEyKTogXAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTMpOiBc CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1Jf U1lTUkVHXyMjUkVHIyNuX0VMMSgxNCk6IFwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwx KDE1KQorCiAjZGVmaW5lIEhTUl9TWVNSRUdfU0NUTFJfRUwxICAgICAgSFNS X1NZU1JFRygzLDAsYzEsIGMwLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfVFRC UjBfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIsIGMwLDApCiAjZGVmaW5l IEhTUl9TWVNSRUdfVFRCUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIs IGMwLDEpCkBAIC00OCwxMCArNzMsMjggQEAKICNkZWZpbmUgSFNSX1NZU1JF R19BRlNSMV9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjNSwgYzEsMSkKICNk ZWZpbmUgSFNSX1NZU1JFR19FU1JfRUwxICAgICAgICBIU1JfU1lTUkVHKDMs MCxjNSwgYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JFR19GQVJfRUwxICAgICAg ICBIU1JfU1lTUkVHKDMsMCxjNiwgYzAsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUlOVEVOU0VUX0VMMSBIU1JfU1lTUkVHKDMsMCxjOSxjMTQsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VMMSBIU1JfU1lTUkVHKDMs MCxjOSxjMTQsMikKICNkZWZpbmUgSFNSX1NZU1JFR19NQUlSX0VMMSAgICAg ICBIU1JfU1lTUkVHKDMsMCxjMTAsYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JF R19BTUFJUl9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjMTAsYzMsMCkKICNk ZWZpbmUgSFNSX1NZU1JFR19DT05URVhUSURSX0VMMSBIU1JfU1lTUkVHKDMs MCxjMTMsYzAsMSkKIAorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ1JfRUwwICAg ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwwKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ05URU5TRVRfRUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwxKQor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ05URU5DTFJfRUwwIEhTUl9TWVNSRUco MywzLGM5LGMxMiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNT1ZTQ0xSX0VM MCAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwzKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNU1dJTkNfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw0KQor I2RlZmluZSBIU1JfU1lTUkVHX1BNU0VMUl9FTDAgICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ0VJRDBfRUww ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw2KQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ0VJRDFfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw3KQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1DQ05UUl9FTDAgICAgSFNSX1NZU1JF RygzLDMsYzksYzEzLDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1YRVZUWVBF Ul9FTDAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDEpCisjZGVmaW5lIEhTUl9T WVNSRUdfUE1YRVZDTlRSX0VMMCAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDIp CisKKyNkZWZpbmUgSFNSX1NZU1JFR19QTVVTRVJFTlJfRUwwICBIU1JfU1lT UkVHKDMsMyxjOSxjMTQsMCkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU1NF VF9FTDAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTQsMykKKwogI2RlZmluZSBI U1JfU1lTUkVHX0NOVFBDVF9FTDAgICAgIEhTUl9TWVNSRUcoMywzLGMxNCxj MCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBfQ1RMX0VMMCAgIEhTUl9T WVNSRUcoMywzLGMxNCxjMiwxKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBf VFZBTF9FTDAgIEhTUl9TWVNSRUcoMywzLGMxNCxjMiwwKQotLSAKMS43LjEw LjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Tue Apr 22 15:07:52 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Apr 2014 15:07:52 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccHB-0004DW-90; Tue, 22 Apr 2014 15:06:25 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccH9-0004D4-47; Tue, 22 Apr 2014 15:06:23 +0000 Received: from [85.158.139.211:30912] by server-8.bemta-5.messagelabs.com id 9E/1E-11310-E6586535; Tue, 22 Apr 2014 15:06:22 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1398179179!8764090!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12464 invoked from network); 22 Apr 2014 15:06:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 22 Apr 2014 15:06:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WccGx-0002cL-6S; Tue, 22 Apr 2014 15:06:11 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WccGv-0002Uj-Kr; Tue, 22 Apr 2014 15:06:10 +0000 Date: Tue, 22 Apr 2014 15:06:09 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 93 - Hardware features unintentionally exposed to guests on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-93 Hardware features unintentionally exposed to guests on ARM ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not correctly configuring the hardware virtualisation platform and therefore did not prevent guests from accessing various hardware features including cache control, coprocessors, debug registers and various processor specific registers. IMPACT ====== By accessing these hardware facilities a malicious or buggy guest may be able to cause various issues, including crashing the host, crashing other guests (including control domains) and data corruption. Privilege escalation is not thought to be possible but has not been ruled out. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread contains information strongly suggestive of a security bug and included example code which can crash the host. CREDITS ======= The initial bug was discovered by Thomas Leonard and further followup issues were discovered by Julien Grall. RESOLUTION ========== Applying the attached patches resolves this issue. xsa93-unstable-{01..06}.patch xen-unstable xsa93-4.4-{01..06}.patch Xen 4.4.x $ sha256sum xsa93*.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-4.4-01.patch 68ec2bdb48dd232dbabefbe7c971546b52d7001a128471226a41f36e27a806f2 xsa93-4.4-02.patch 541d2d57ee85a9603ae4bf00bb321f6f491354df9e15eb09ddb5ccba68333ecc xsa93-4.4-03.patch 6a3736e5dea1d45df6b979f02e06e058d8dffdbcf128d2d0984db404a87ebb62 xsa93-4.4-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-4.4-05.patch e212ad288eaeccf6a33cab27ecc6515a889365b0c56b5010e91a603ce239a38b xsa93-4.4-06.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-unstable-01.patch 9b472975087dee1d22db8e5f3e55b1589910d84de86b2cad218bfd540fbbd92e xsa93-unstable-02.patch f921ba7c1b216dd425035f94ac9eef9374ae5eba4af4cb5a3b7aa3f958a0a767 xsa93-unstable-03.patch 45b7e6b226a4449370c4dbe21aa71c398955e4ed2bc7cf9e4426f29583af14be xsa93-unstable-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-unstable-05.patch e2668f0ecf1e79aa30928791b92a15c15821c8bce7958a5c3fee7563cf81960b xsa93-unstable-06.patch $ NOTE: These patches unconditionally deny access by all guests (including control domains) to various hardware features in order to close the vulnerability. Specifically guests are prevented from accessing: * coprocessors 0..9, 12 and 13; * coprocessor 14 (trace registers); * coprocessor 15 encodings: CRn==c9, opc1=={0-7}, CRm=={c0-c2, c5-c8}, opc2=={0-7}, CRn==c10, opc1=={0-7}, CRm=={c0, c1, c4, c8}, opc2=={0-7} CRn==c11, opc1=={0-7}, CRm=={c0-c8, c15}, opc2=={0-7} (IMPLEMENTATION DEFINED cache, TCM, branch predictor, memory remapping, and TLB control registers); * cp15 c15 (IMPLEMENTATION DEFINED); * Debug and Performance monitor registers. We have checked common Operating Systems which are known to run on Xen on ARM and not found any default uses of these registers. However it is expected that tools such as the Linux perf tool which make use of debug and performance registers will no longer function correctly in guest context. In addition if your use case requires access to specific coprocessors by one or more guest domains then additional local patches may be required to enable this. Where feasible we hope to reenable these use cases in the future. If this affects you then please contact the xen-devel mailing list http://lists.xen.org/mailman/listinfo/xen-devel. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTVoUqAAoJEIP+FMlX6CvZCDYH/i7QijGjgd4TtHPoJKkwKZhk P2Kztlo+EDm90UeAPy6BtsPIhHH8bI5yBCdbV/T8p32uRHv9GMyGCsIN+Qt0q7wO VgRvBGvr3Gpc/UvpsMQTNCFcy2BG6glI27icz9Ck8Uolan+Lc8cMDYTzy02XzTgV MN4hoBw51Mc/EVAyy0QSTF8nOpBMnzva7peDVOcVv90y3H0UNPQT+JKkw7r53jyJ SNXxiVnNN/mYhi7aD2UhX8zx01I/WsIhXt2tcW2q5pjTS+xoqW3Q2BB2nw7BOWPq 3I3AaZZ7jxt1AwL2T1LJBu6fVL6Qa1Bsr+q6QkCOfmP71v6ERq/Zuf0QavJTiL8= =qtaJ -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa93-4.4-01.patch" Content-Disposition: attachment; filename="xsa93-4.4-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-02.patch" Content-Disposition: attachment; filename="xsa93-4.4-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfcHYz Ml9kb21haW4oY3VycmVudC0+ZG9tYWluKSApCisgICAgICAgICAgICBnb3Rv IGJhZF90cmFwOworICAgICAgICBkb19jcChyZWdzLCBoc3IpOworICAgICAg ICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19TTUMzMjoKICAgICAgICAgaW5q ZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOwogICAgICAgICBicmVhazsK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCmluZGV4IDUwODQ2N2EuLjJi NDExYWYgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdz LmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaApAQCAtMTE1 LDYgKzExNSw3IEBACiAjZGVmaW5lIE5TQUNSICAgICAgICAgICBwMTUsMCxj MSxjMSwyICAgLyogTm9uLVNlY3VyZSBBY2Nlc3MgQ29udHJvbCBSZWdpc3Rl ciAqLwogI2RlZmluZSBIU0NUTFIgICAgICAgICAgcDE1LDQsYzEsYzAsMCAg IC8qIEh5cC4gU3lzdGVtIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNkZWZpbmUg SENSICAgICAgICAgICAgIHAxNSw0LGMxLGMxLDAgICAvKiBIeXAuIENvbmZp Z3VyYXRpb24gUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSENQVFIgICAgICAgICAg IHAxNSw0LGMxLGMxLDIgICAvKiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVn aXN0ZXIgKi8KIAogLyogQ1AxNSBDUjI6IFRyYW5zbGF0aW9uIFRhYmxlIEJh c2UgYW5kIENvbnRyb2wgUmVnaXN0ZXJzICovCiAjZGVmaW5lIFRUQkNSICAg ICAgICAgICBwMTUsMCxjMixjMCwyICAgLyogVHJhbnNsYXRhdGlvbiBUYWJs ZSBCYXNlIENvbnRyb2wgUmVnaXN0ZXIgKi8KQEAgLTI2MCw2ICsyNjEsNyBA QAogI2RlZmluZSBDTlRWX0NWQUxfRUwwICAgICAgICAgICBDTlRWX0NWQUwK ICNkZWZpbmUgQ09OVEVYVElEUl9FTDEgICAgICAgICAgQ09OVEVYVElEUgog I2RlZmluZSBDUEFDUl9FTDEgICAgICAgICAgICAgICBDUEFDUgorI2RlZmlu ZSBDUFRSX0VMMiAgICAgICAgICAgICAgICBIQ1BUUgogI2RlZmluZSBDU1NF TFJfRUwxICAgICAgICAgICAgICBDU1NFTFIKICNkZWZpbmUgREFDUjMyX0VM MiAgICAgICAgICAgICAgREFDUgogI2RlZmluZSBFU1JfRUwxICAgICAgICAg ICAgICAgICBERlNSCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwNmU2MzhmLi4wMmNlZmU5IDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg0LDEzICs4NCwxOCBAQAogI2RlZmlu ZSBIQ1JfU1dJTyAgICAgICAgKF9BQygxLFVMKTw8MSkgLyogU2V0L1dheSBJ bnZhbGlkYXRpb24gT3ZlcnJpZGUgKi8KICNkZWZpbmUgSENSX1ZNICAgICAg ICAgIChfQUMoMSxVTCk8PDApIC8qIFZpcnR1YWwgTU1VIEVuYWJsZSAqLwog CisvKiBIQ1BUUiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSENQVFJfVFRBICAgICAgICgoX0FDKDEsVSk8PDIwKSkgICAg ICAgIC8qIFRyYXAgdHJhY2UgcmVnaXN0ZXJzICovCisjZGVmaW5lIEhDUFRS X0NQKHgpICAgICAoKF9BQygxLFUpPDwoeCkpKSAgICAgICAvKiBUcmFwIENv cHJvY2Vzc29yIHggKi8KKyNkZWZpbmUgSENQVFJfQ1BfTUFTSyAgICgoX0FD KDEsVSk8PDE0KS0xKQorCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAg ICAgICAgICAweDAwCiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAg ICAgICAweDAxCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAg ICAweDAzCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAw eDA0CiAjZGVmaW5lIEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1 CiAjZGVmaW5lIEhTUl9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2Ci0j ZGVmaW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3CisjZGVm aW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3ICAgICAgICAv KiBIQ1BUUi10cmFwcGVkIGFjY2VzcyB0byBDUDAtQ1AxMyAqLwogI2RlZmlu ZSBIU1JfRUNfQ1AxMCAgICAgICAgICAgICAgICAgMHgwOAogI2RlZmluZSBI U1JfRUNfSkFaRUxMRSAgICAgICAgICAgICAgMHgwOQogI2RlZmluZSBIU1Jf RUNfQlhKICAgICAgICAgICAgICAgICAgMHgwYQotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-03.patch" Content-Disposition: attachment; filename="xsa93-4.4-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-04.patch" Content-Disposition: attachment; filename="xsa93-4.4-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfT1VURVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-05.patch" Content-Disposition: attachment; filename="xsa93-4.4-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-06.patch" Content-Disposition: attachment; filename="xsa93-4.4-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzX3B2MzJfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQor ICAgICAgICAgICAgZ290byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AxNChy ZWdzLCBoc3IpOworICAgICAgICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19D UDoKICAgICAgICAgaWYgKCAhaXNfcHYzMl9kb21haW4oY3VycmVudC0+ZG9t YWluKSApCiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwpkaWZmIC0tZ2l0 IGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCBiL3hlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmgKaW5kZXggZTlhODA5NC4uYmY4MTMzZSAxMDA2 NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAorKysgYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCkBAIC0xMTUsNiArMTE1LDcg QEAKICNkZWZpbmUgTlNBQ1IgICAgICAgICAgIHAxNSwwLGMxLGMxLDIgICAv KiBOb24tU2VjdXJlIEFjY2VzcyBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVm aW5lIEhTQ1RMUiAgICAgICAgICBwMTUsNCxjMSxjMCwwICAgLyogSHlwLiBT eXN0ZW0gQ29udHJvbCBSZWdpc3RlciAqLwogI2RlZmluZSBIQ1IgICAgICAg ICAgICAgcDE1LDQsYzEsYzEsMCAgIC8qIEh5cC4gQ29uZmlndXJhdGlvbiBS ZWdpc3RlciAqLworI2RlZmluZSBIRENSICAgICAgICAgICAgcDE1LDQsYzEs YzEsMSAgIC8qIEh5cC4gRGVidWcgQ29uZmlndXJhdGlvbiBSZWdpc3RlciAq LwogI2RlZmluZSBIQ1BUUiAgICAgICAgICAgcDE1LDQsYzEsYzEsMiAgIC8q IEh5cC4gQ29wcm9jZXNzb3IgVHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBI U1RSICAgICAgICAgICAgcDE1LDQsYzEsYzEsMyAgIC8qIEh5cC4gU3lzdGVt IFRyYXAgUmVnaXN0ZXIgKi8KIApAQCAtMjg3LDYgKzI4OCw3IEBACiAjZGVm aW5lIElEX1BGUjBfRUwxICAgICAgICAgICAgIElEX1BGUjAKICNkZWZpbmUg SURfUEZSMV9FTDEgICAgICAgICAgICAgSURfUEZSMQogI2RlZmluZSBJRlNS MzJfRUwyICAgICAgICAgICAgICBJRlNSCisjZGVmaW5lIE1EQ1JfRUwyICAg ICAgICAgICAgICAgIEhEQ1IKICNkZWZpbmUgTUlEUl9FTDEgICAgICAgICAg ICAgICAgTUlEUgogI2RlZmluZSBNUElEUl9FTDEgICAgICAgICAgICAgICBN UElEUgogI2RlZmluZSBQQVJfRUwxICAgICAgICAgICAgICAgICBQQVIKZGlm ZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCmluZGV4IDc1MDg2NGEu LjkyNjdjMWIgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJv Y2Vzc29yLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aApAQCAtOTIsMTIgKzkyLDE5IEBACiAvKiBIU1RSIEh5cC4gU3lzdGVtIFRy YXAgUmVnaXN0ZXIgKi8KICNkZWZpbmUgSFNUUl9UKHgpICAgICAgICgoX0FD KDEsVSk8PCh4KSkpICAgICAgIC8qIFRyYXAgQ3AxNSBjPHg+ICovCiAKKy8q IEhEQ1IgSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVyICovCisj ZGVmaW5lIEhEQ1JfVERSQSAgICAgICAoX0FDKDEsVSk8PDExKSAgICAgICAg ICAvKiBUcmFwIERlYnVnIFJPTSBhY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9U RE9TQSAgICAgIChfQUMoMSxVKTw8MTApICAgICAgICAgIC8qIFRyYXAgRGVi dWctT1MtcmVsYXRlZCByZWdpc3RlciBhY2Nlc3MgKi8KKyNkZWZpbmUgSERD Ul9UREEgICAgICAgIChfQUMoMSxVKTw8OSkgICAgICAgICAgIC8qIFRyYXAg RGVidWcgQWNjZXNzICovCisjZGVmaW5lIEhEQ1JfVFBNICAgICAgICAoX0FD KDEsVSk8PDYpICAgICAgICAgICAvKiBUcmFwIFBlcmZvcm1hbmNlIE1vbml0 b3JzIGFjY2Vzc2VzICovCisjZGVmaW5lIEhEQ1JfVFBNQ1IgICAgICAoX0FD KDEsVSk8PDUpICAgICAgICAgICAvKiBUcmFwIFBNQ1IgYWNjZXNzZXMgKi8K KwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAog I2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2Rl ZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwogI2RlZmlu ZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAgMHgwNAotI2RlZmluZSBI U1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgwNQotI2RlZmluZSBIU1Jf RUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgorI2RlZmluZSBIU1JfRUNf Q1AxNF8zMiAgICAgICAgICAgICAgMHgwNSAgICAgICAgLyogVHJhcHBlZCBN Q1Igb3IgTVJDIGFjY2VzcyB0byBDUDE0ICovCisjZGVmaW5lIEhTUl9FQ19D UDE0X0RCRyAgICAgICAgICAgICAweDA2ICAgICAgICAvKiBUcmFwcGVkIExE Qy9TVEMgYWNjZXNzIHRvIENQMTQgKG9ubHkgZm9yIGRlYnVnIHJlZ2lzdGVy cykgKi8KICNkZWZpbmUgSFNSX0VDX0NQICAgICAgICAgICAgICAgICAgIDB4 MDcgICAgICAgIC8qIEhDUFRSLXRyYXBwZWQgYWNjZXNzIHRvIENQMC1DUDEz ICovCiAjZGVmaW5lIEhTUl9FQ19DUDEwICAgICAgICAgICAgICAgICAweDA4 CiAjZGVmaW5lIEhTUl9FQ19KQVpFTExFICAgICAgICAgICAgICAweDA5CmRp ZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL3N5c3JlZ3MuaCBiL3hl bi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCmluZGV4IDBjZWUwZTkuLjRh NGRlMzQgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCkBAIC00 MCw2ICs0MCwzMSBAQAogICAgICgoX19IU1JfU1lTUkVHXyMjY3JtKSA8PCBI U1JfU1lTUkVHX0NSTV9TSElGVCkgfCBcCiAgICAgKChfX0hTUl9TWVNSRUdf IyNvcDIpIDw8IEhTUl9TWVNSRUdfT1AyX1NISUZUKQogCisjZGVmaW5lIEhT Ul9TWVNSRUdfTURTQ1JfRUwxICAgICAgSFNSX1NZU1JFRygyLDAsYzAsYzIs MikKKyNkZWZpbmUgSFNSX1NZU1JFR19PU0xBUl9FTDEgICAgICBIU1JfU1lT UkVHKDIsMCxjMSxjMCw0KQorCisjZGVmaW5lIEhTUl9TWVNSRUdfREJHQlZS bl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw0KQorI2RlZmluZSBI U1JfU1lTUkVHX0RCR0JDUm5fRUwxKG4pIEhTUl9TWVNSRUcoMiwwLGMwLGMj I24sNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdXVlJuX0VMMShuKSBIU1Jf U1lTUkVHKDIsMCxjMCxjIyNuLDYpCisjZGVmaW5lIEhTUl9TWVNSRUdfREJH V0NSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw3KQorCisjZGVm aW5lIEhTUl9TWVNSRUdfREJHX0NBU0VTKFJFRykgY2FzZSBIU1JfU1lTUkVH XyMjUkVHIyNuX0VMMSgwKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEpOiAg XAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNS X1NZU1JFR18jI1JFRyMjbl9FTDEoMik6ICBcCisgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VM MSgzKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBj YXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDQpOiAgXAorICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JF RyMjbl9FTDEoNSk6ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg2KTogIFwKKyAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDcpOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoOCk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg5KTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDEwKTogXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTEpOiBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSgxMik6IFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEzKTogXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoMTQpOiBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgx NSkKKwogI2RlZmluZSBIU1JfU1lTUkVHX1NDVExSX0VMMSAgICAgIEhTUl9T WVNSRUcoMywwLGMxLCBjMCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX1RUQlIw X0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBjMCwwKQogI2RlZmluZSBI U1JfU1lTUkVHX1RUQlIxX0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBj MCwxKQpAQCAtNDgsMTAgKzczLDI4IEBACiAjZGVmaW5lIEhTUl9TWVNSRUdf QUZTUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzUsIGMxLDEpCiAjZGVm aW5lIEhTUl9TWVNSRUdfRVNSX0VMMSAgICAgICAgSFNSX1NZU1JFRygzLDAs YzUsIGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfRkFSX0VMMSAgICAgICAg SFNSX1NZU1JFRygzLDAsYzYsIGMwLDApCisjZGVmaW5lIEhTUl9TWVNSRUdf UE1JTlRFTlNFVF9FTDEgSFNSX1NZU1JFRygzLDAsYzksYzE0LDEpCisjZGVm aW5lIEhTUl9TWVNSRUdfUE1JTlRFTkNMUl9FTDEgSFNSX1NZU1JFRygzLDAs YzksYzE0LDIpCiAjZGVmaW5lIEhTUl9TWVNSRUdfTUFJUl9FTDEgICAgICAg SFNSX1NZU1JFRygzLDAsYzEwLGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdf QU1BSVJfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzEwLGMzLDApCiAjZGVm aW5lIEhTUl9TWVNSRUdfQ09OVEVYVElEUl9FTDEgSFNSX1NZU1JFRygzLDAs YzEzLGMwLDEpCiAKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNSX0VMMCAgICAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNOVEVOU0VUX0VMMCBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUNOVEVOQ0xSX0VMMCBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsMikKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU0NMUl9FTDAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMykKKyNkZWZpbmUgSFNSX1NZU1JF R19QTVNXSU5DX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNCkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTVNFTFJfRUwwICAgICBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNFSUQwX0VMMCAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNikKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNFSUQxX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNykKKwor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ0NOVFJfRUwwICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMywwKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNWEVWVFlQRVJf RUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMywxKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNWEVWQ05UUl9FTDAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMywyKQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1VU0VSRU5SX0VMMCAgSFNSX1NZU1JF RygzLDMsYzksYzE0LDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1PVlNTRVRf RUwwICAgSFNSX1NZU1JFRygzLDMsYzksYzE0LDMpCisKICNkZWZpbmUgSFNS X1NZU1JFR19DTlRQQ1RfRUwwICAgICBIU1JfU1lTUkVHKDMsMyxjMTQsYzAs MCkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX0NUTF9FTDAgICBIU1JfU1lT UkVHKDMsMyxjMTQsYzIsMSkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX1RW QUxfRUwwICBIU1JfU1lTUkVHKDMsMyxjMTQsYzIsMCkKLS0gCjEuNy4xMC40 Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-01.patch" Content-Disposition: attachment; filename="xsa93-unstable-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-02.patch" Content-Disposition: attachment; filename="xsa93-unstable-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfMzJi aXRfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQorICAgICAgICAgICAgZ290 byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AocmVncywgaHNyKTsKKyAgICAg ICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNfU01DMzI6CiAgICAgICAgIGlu amVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKICAgICAgICAgYnJlYWs7 CmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCA1MDg0NjdhLi4y YjQxMWFmIDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTEx NSw2ICsxMTUsNyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAs YzEsYzEsMiAgIC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0 ZXIgKi8KICNkZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAg ICAvKiBIeXAuIFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhDUiAgICAgICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25m aWd1cmF0aW9uIFJlZ2lzdGVyICovCisjZGVmaW5lIEhDUFRSICAgICAgICAg ICBwMTUsNCxjMSxjMSwyICAgLyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJl Z2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJsZSBC YXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJDUiAg ICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24gVGFi bGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNjAsNiArMjYxLDcg QEAKICNkZWZpbmUgQ05UVl9DVkFMX0VMMCAgICAgICAgICAgQ05UVl9DVkFM CiAjZGVmaW5lIENPTlRFWFRJRFJfRUwxICAgICAgICAgIENPTlRFWFRJRFIK ICNkZWZpbmUgQ1BBQ1JfRUwxICAgICAgICAgICAgICAgQ1BBQ1IKKyNkZWZp bmUgQ1BUUl9FTDIgICAgICAgICAgICAgICAgSENQVFIKICNkZWZpbmUgQ1NT RUxSX0VMMSAgICAgICAgICAgICAgQ1NTRUxSCiAjZGVmaW5lIERBQ1IzMl9F TDIgICAgICAgICAgICAgIERBQ1IKICNkZWZpbmUgRVNSX0VMMSAgICAgICAg ICAgICAgICAgREZTUgpkaWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFy bS9wcm9jZXNzb3IuaCBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29y LmgKaW5kZXggMDZlNjM4Zi4uMDJjZWZlOSAxMDA2NDQKLS0tIGEveGVuL2lu Y2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oCkBAIC04NCwxMyArODQsMTggQEAKICNkZWZp bmUgSENSX1NXSU8gICAgICAgIChfQUMoMSxVTCk8PDEpIC8qIFNldC9XYXkg SW52YWxpZGF0aW9uIE92ZXJyaWRlICovCiAjZGVmaW5lIEhDUl9WTSAgICAg ICAgICAoX0FDKDEsVUwpPDwwKSAvKiBWaXJ0dWFsIE1NVSBFbmFibGUgKi8K IAorLyogSENQVFIgSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICov CisjZGVmaW5lIEhDUFRSX1RUQSAgICAgICAoKF9BQygxLFUpPDwyMCkpICAg ICAgICAvKiBUcmFwIHRyYWNlIHJlZ2lzdGVycyAqLworI2RlZmluZSBIQ1BU Ul9DUCh4KSAgICAgKChfQUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBD b3Byb2Nlc3NvciB4ICovCisjZGVmaW5lIEhDUFRSX0NQX01BU0sgICAoKF9B QygxLFUpPDwxNCktMSkKKwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAg ICAgICAgICAgMHgwMAogI2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAg ICAgICAgMHgwMQogI2RlZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAg ICAgMHgwMwogI2RlZmluZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAg MHgwNAogI2RlZmluZSBIU1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgw NQogI2RlZmluZSBIU1JfRUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgot I2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNworI2Rl ZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNyAgICAgICAg LyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQMTMgKi8KICNkZWZp bmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4MDgKICNkZWZpbmUg SFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkKICNkZWZpbmUgSFNS X0VDX0JYSiAgICAgICAgICAgICAgICAgIDB4MGEKLS0gCjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-03.patch" Content-Disposition: attachment; filename="xsa93-unstable-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-04.patch" Content-Disposition: attachment; filename="xsa93-unstable-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfSU5ORVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-05.patch" Content-Disposition: attachment; filename="xsa93-unstable-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-06.patch" Content-Disposition: attachment; filename="xsa93-unstable-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5kb21haW4pICkK KyAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CisgICAgICAgIGRvX2NwMTQo cmVncywgaHNyKTsKKyAgICAgICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNf Q1A6CiAgICAgICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5k b21haW4pICkKICAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CmRpZmYgLS1n aXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIveGVuL2luY2x1 ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCBlOWE4MDk0Li5iZjgxMzNlIDEw MDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCisrKyBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTExNSw2ICsxMTUs NyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAsYzEsYzEsMiAg IC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAgICAvKiBIeXAu IFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5lIEhDUiAgICAg ICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25maWd1cmF0aW9u IFJlZ2lzdGVyICovCisjZGVmaW5lIEhEQ1IgICAgICAgICAgICBwMTUsNCxj MSxjMSwxICAgLyogSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVy ICovCiAjZGVmaW5lIEhDUFRSICAgICAgICAgICBwMTUsNCxjMSxjMSwyICAg LyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhTVFIgICAgICAgICAgICBwMTUsNCxjMSxjMSwzICAgLyogSHlwLiBTeXN0 ZW0gVHJhcCBSZWdpc3RlciAqLwogCkBAIC0yODcsNiArMjg4LDcgQEAKICNk ZWZpbmUgSURfUEZSMF9FTDEgICAgICAgICAgICAgSURfUEZSMAogI2RlZmlu ZSBJRF9QRlIxX0VMMSAgICAgICAgICAgICBJRF9QRlIxCiAjZGVmaW5lIElG U1IzMl9FTDIgICAgICAgICAgICAgIElGU1IKKyNkZWZpbmUgTURDUl9FTDIg ICAgICAgICAgICAgICAgSERDUgogI2RlZmluZSBNSURSX0VMMSAgICAgICAg ICAgICAgICBNSURSCiAjZGVmaW5lIE1QSURSX0VMMSAgICAgICAgICAgICAg IE1QSURSCiAjZGVmaW5lIFBBUl9FTDEgICAgICAgICAgICAgICAgIFBBUgpk aWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaCBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmgKaW5kZXggNzUwODY0 YS4uOTI2N2MxYiAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9w cm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nv ci5oCkBAIC05MiwxMiArOTIsMTkgQEAKIC8qIEhTVFIgSHlwLiBTeXN0ZW0g VHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChf QUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KIAor LyogSERDUiBIeXAuIERlYnVnIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSERDUl9URFJBICAgICAgIChfQUMoMSxVKTw8MTEpICAgICAg ICAgIC8qIFRyYXAgRGVidWcgUk9NIGFjY2VzcyAqLworI2RlZmluZSBIRENS X1RET1NBICAgICAgKF9BQygxLFUpPDwxMCkgICAgICAgICAgLyogVHJhcCBE ZWJ1Zy1PUy1yZWxhdGVkIHJlZ2lzdGVyIGFjY2VzcyAqLworI2RlZmluZSBI RENSX1REQSAgICAgICAgKF9BQygxLFUpPDw5KSAgICAgICAgICAgLyogVHJh cCBEZWJ1ZyBBY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9UUE0gICAgICAgIChf QUMoMSxVKTw8NikgICAgICAgICAgIC8qIFRyYXAgUGVyZm9ybWFuY2UgTW9u aXRvcnMgYWNjZXNzZXMgKi8KKyNkZWZpbmUgSERDUl9UUE1DUiAgICAgIChf QUMoMSxVKTw8NSkgICAgICAgICAgIC8qIFRyYXAgUE1DUiBhY2Nlc3NlcyAq LworCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAgICAgICAgICAweDAw CiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAgICAgICAweDAxCiAj ZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAgICAweDAzCiAjZGVm aW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAweDA0Ci0jZGVmaW5l IEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1Ci0jZGVmaW5lIEhT Ul9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2CisjZGVmaW5lIEhTUl9F Q19DUDE0XzMyICAgICAgICAgICAgICAweDA1ICAgICAgICAvKiBUcmFwcGVk IE1DUiBvciBNUkMgYWNjZXNzIHRvIENQMTQgKi8KKyNkZWZpbmUgSFNSX0VD X0NQMTRfREJHICAgICAgICAgICAgIDB4MDYgICAgICAgIC8qIFRyYXBwZWQg TERDL1NUQyBhY2Nlc3MgdG8gQ1AxNCAob25seSBmb3IgZGVidWcgcmVnaXN0 ZXJzKSAqLwogI2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAg MHgwNyAgICAgICAgLyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQ MTMgKi8KICNkZWZpbmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4 MDgKICNkZWZpbmUgSFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKaW5kZXggMGNlZTBlOS4u NGE0ZGUzNCAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNy ZWdzLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKQEAg LTQwLDYgKzQwLDMxIEBACiAgICAgKChfX0hTUl9TWVNSRUdfIyNjcm0pIDw8 IEhTUl9TWVNSRUdfQ1JNX1NISUZUKSB8IFwKICAgICAoKF9fSFNSX1NZU1JF R18jI29wMikgPDwgSFNSX1NZU1JFR19PUDJfU0hJRlQpCiAKKyNkZWZpbmUg SFNSX1NZU1JFR19NRFNDUl9FTDEgICAgICBIU1JfU1lTUkVHKDIsMCxjMCxj MiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX09TTEFSX0VMMSAgICAgIEhTUl9T WVNSRUcoMiwwLGMxLGMwLDQpCisKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdC VlJuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDQpCisjZGVmaW5l IEhTUl9TWVNSRUdfREJHQkNSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAs YyMjbiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX0RCR1dWUm5fRUwxKG4pIEhT Ul9TWVNSRUcoMiwwLGMwLGMjI24sNikKKyNkZWZpbmUgSFNSX1NZU1JFR19E QkdXQ1JuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDcpCisKKyNk ZWZpbmUgSFNSX1NZU1JFR19EQkdfQ0FTRVMoUkVHKSBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDApOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMSk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgyKTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDMpOiAgXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoNCk6ICBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSg1KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDYpOiAgXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoNyk6ICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg4 KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNl IEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDkpOiAgXAorICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMj bl9FTDEoMTApOiBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgxMSk6IFwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdf IyNSRUcjI25fRUwxKDEyKTogXAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTMpOiBc CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1Jf U1lTUkVHXyMjUkVHIyNuX0VMMSgxNCk6IFwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwx KDE1KQorCiAjZGVmaW5lIEhTUl9TWVNSRUdfU0NUTFJfRUwxICAgICAgSFNS X1NZU1JFRygzLDAsYzEsIGMwLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfVFRC UjBfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIsIGMwLDApCiAjZGVmaW5l IEhTUl9TWVNSRUdfVFRCUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIs IGMwLDEpCkBAIC00OCwxMCArNzMsMjggQEAKICNkZWZpbmUgSFNSX1NZU1JF R19BRlNSMV9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjNSwgYzEsMSkKICNk ZWZpbmUgSFNSX1NZU1JFR19FU1JfRUwxICAgICAgICBIU1JfU1lTUkVHKDMs MCxjNSwgYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JFR19GQVJfRUwxICAgICAg ICBIU1JfU1lTUkVHKDMsMCxjNiwgYzAsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUlOVEVOU0VUX0VMMSBIU1JfU1lTUkVHKDMsMCxjOSxjMTQsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VMMSBIU1JfU1lTUkVHKDMs MCxjOSxjMTQsMikKICNkZWZpbmUgSFNSX1NZU1JFR19NQUlSX0VMMSAgICAg ICBIU1JfU1lTUkVHKDMsMCxjMTAsYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JF R19BTUFJUl9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjMTAsYzMsMCkKICNk ZWZpbmUgSFNSX1NZU1JFR19DT05URVhUSURSX0VMMSBIU1JfU1lTUkVHKDMs MCxjMTMsYzAsMSkKIAorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ1JfRUwwICAg ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwwKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ05URU5TRVRfRUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwxKQor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ05URU5DTFJfRUwwIEhTUl9TWVNSRUco MywzLGM5LGMxMiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNT1ZTQ0xSX0VM MCAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwzKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNU1dJTkNfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw0KQor I2RlZmluZSBIU1JfU1lTUkVHX1BNU0VMUl9FTDAgICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ0VJRDBfRUww ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw2KQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ0VJRDFfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw3KQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1DQ05UUl9FTDAgICAgSFNSX1NZU1JF RygzLDMsYzksYzEzLDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1YRVZUWVBF Ul9FTDAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDEpCisjZGVmaW5lIEhTUl9T WVNSRUdfUE1YRVZDTlRSX0VMMCAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDIp CisKKyNkZWZpbmUgSFNSX1NZU1JFR19QTVVTRVJFTlJfRUwwICBIU1JfU1lT UkVHKDMsMyxjOSxjMTQsMCkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU1NF VF9FTDAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTQsMykKKwogI2RlZmluZSBI U1JfU1lTUkVHX0NOVFBDVF9FTDAgICAgIEhTUl9TWVNSRUcoMywzLGMxNCxj MCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBfQ1RMX0VMMCAgIEhTUl9T WVNSRUcoMywzLGMxNCxjMiwxKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBf VFZBTF9FTDAgIEhTUl9TWVNSRUcoMywzLGMxNCxjMiwwKQotLSAKMS43LjEw LjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 10:22:16 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 10:22:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIM-0007FM-5H; Wed, 23 Apr 2014 10:20:50 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIK-0007EP-JM; Wed, 23 Apr 2014 10:20:49 +0000 Received: from [193.109.254.147:22835] by server-7.bemta-14.messagelabs.com id 97/79-17726-FF397535; Wed, 23 Apr 2014 10:20:47 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1398248444!337894!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 1631 invoked from network); 23 Apr 2014 10:20:45 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 10:20:45 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIA-0006U8-LF; Wed, 23 Apr 2014 10:20:38 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WcuIA-00083c-CY; Wed, 23 Apr 2014 10:20:38 +0000 Date: Wed, 23 Apr 2014 10:20:38 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2915 / XSA-93 version 2 Hardware features unintentionally exposed to guests on ARM UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2915. ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not correctly configuring the hardware virtualisation platform and therefore did not prevent guests from accessing various hardware features including cache control, coprocessors, debug registers and various processor specific registers. IMPACT ====== By accessing these hardware facilities a malicious or buggy guest may be able to cause various issues, including crashing the host, crashing other guests (including control domains) and data corruption. Privilege escalation is not thought to be possible but has not been ruled out. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread contains information strongly suggestive of a security bug and included example code which can crash the host. CREDITS ======= The initial bug was discovered by Thomas Leonard and further followup issues were discovered by Julien Grall. RESOLUTION ========== Applying the attached patches resolves this issue. xsa93-unstable-{01..06}.patch xen-unstable xsa93-4.4-{01..06}.patch Xen 4.4.x $ sha256sum xsa93*.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-4.4-01.patch 68ec2bdb48dd232dbabefbe7c971546b52d7001a128471226a41f36e27a806f2 xsa93-4.4-02.patch 541d2d57ee85a9603ae4bf00bb321f6f491354df9e15eb09ddb5ccba68333ecc xsa93-4.4-03.patch 6a3736e5dea1d45df6b979f02e06e058d8dffdbcf128d2d0984db404a87ebb62 xsa93-4.4-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-4.4-05.patch e212ad288eaeccf6a33cab27ecc6515a889365b0c56b5010e91a603ce239a38b xsa93-4.4-06.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-unstable-01.patch 9b472975087dee1d22db8e5f3e55b1589910d84de86b2cad218bfd540fbbd92e xsa93-unstable-02.patch f921ba7c1b216dd425035f94ac9eef9374ae5eba4af4cb5a3b7aa3f958a0a767 xsa93-unstable-03.patch 45b7e6b226a4449370c4dbe21aa71c398955e4ed2bc7cf9e4426f29583af14be xsa93-unstable-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-unstable-05.patch e2668f0ecf1e79aa30928791b92a15c15821c8bce7958a5c3fee7563cf81960b xsa93-unstable-06.patch $ NOTE: These patches unconditionally deny access by all guests (including control domains) to various hardware features in order to close the vulnerability. Specifically guests are prevented from accessing: * coprocessors 0..9, 12 and 13; * coprocessor 14 (trace registers); * coprocessor 15 encodings: CRn==c9, opc1=={0-7}, CRm=={c0-c2, c5-c8}, opc2=={0-7}, CRn==c10, opc1=={0-7}, CRm=={c0, c1, c4, c8}, opc2=={0-7} CRn==c11, opc1=={0-7}, CRm=={c0-c8, c15}, opc2=={0-7} (IMPLEMENTATION DEFINED cache, TCM, branch predictor, memory remapping, and TLB control registers); * cp15 c15 (IMPLEMENTATION DEFINED); * Debug and Performance monitor registers. We have checked common Operating Systems which are known to run on Xen on ARM and not found any default uses of these registers. However it is expected that tools such as the Linux perf tool which make use of debug and performance registers will no longer function correctly in guest context. In addition if your use case requires access to specific coprocessors by one or more guest domains then additional local patches may be required to enable this. Where feasible we hope to reenable these use cases in the future. If this affects you then please contact the xen-devel mailing list http://lists.xen.org/mailman/listinfo/xen-devel. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV5O6AAoJEIP+FMlX6CvZt7MH+wYxthL+nxagERvLrXQdXlF6 XYctN9gb5iEGwKLI4MLuVYdMqXIa2NfTvTEHfwNyWEp6sS/+nc2V0h8qAqDdhdtO cNuxV2zK7Ab328SkNVy17y6j0Jgyen0QrOGBwTaNb5CXUHkg3J+YppObvGlTqjDi HoXeX7Whv4CSqOjgua189e9uNzKtBNsZZepqerli1/tIazWSuOT8KIHp92NKAbLv hwm9HUS7gN2JmR8wU3DD3DxJp+bfTDXBCKOvGmYILxN+X0pzAtfDgK+RMOBwSD05 iJ3rcs83VR6ITRqdI+hRifesSiS6Yi7OFi3xB2vAdSm6IjsA06pARYPCIPGCQh0= =Nnq0 -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa93-4.4-01.patch" Content-Disposition: attachment; filename="xsa93-4.4-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-02.patch" Content-Disposition: attachment; filename="xsa93-4.4-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfcHYz Ml9kb21haW4oY3VycmVudC0+ZG9tYWluKSApCisgICAgICAgICAgICBnb3Rv IGJhZF90cmFwOworICAgICAgICBkb19jcChyZWdzLCBoc3IpOworICAgICAg ICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19TTUMzMjoKICAgICAgICAgaW5q ZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOwogICAgICAgICBicmVhazsK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCmluZGV4IDUwODQ2N2EuLjJi NDExYWYgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdz LmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaApAQCAtMTE1 LDYgKzExNSw3IEBACiAjZGVmaW5lIE5TQUNSICAgICAgICAgICBwMTUsMCxj MSxjMSwyICAgLyogTm9uLVNlY3VyZSBBY2Nlc3MgQ29udHJvbCBSZWdpc3Rl ciAqLwogI2RlZmluZSBIU0NUTFIgICAgICAgICAgcDE1LDQsYzEsYzAsMCAg IC8qIEh5cC4gU3lzdGVtIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNkZWZpbmUg SENSICAgICAgICAgICAgIHAxNSw0LGMxLGMxLDAgICAvKiBIeXAuIENvbmZp Z3VyYXRpb24gUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSENQVFIgICAgICAgICAg IHAxNSw0LGMxLGMxLDIgICAvKiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVn aXN0ZXIgKi8KIAogLyogQ1AxNSBDUjI6IFRyYW5zbGF0aW9uIFRhYmxlIEJh c2UgYW5kIENvbnRyb2wgUmVnaXN0ZXJzICovCiAjZGVmaW5lIFRUQkNSICAg ICAgICAgICBwMTUsMCxjMixjMCwyICAgLyogVHJhbnNsYXRhdGlvbiBUYWJs ZSBCYXNlIENvbnRyb2wgUmVnaXN0ZXIgKi8KQEAgLTI2MCw2ICsyNjEsNyBA QAogI2RlZmluZSBDTlRWX0NWQUxfRUwwICAgICAgICAgICBDTlRWX0NWQUwK ICNkZWZpbmUgQ09OVEVYVElEUl9FTDEgICAgICAgICAgQ09OVEVYVElEUgog I2RlZmluZSBDUEFDUl9FTDEgICAgICAgICAgICAgICBDUEFDUgorI2RlZmlu ZSBDUFRSX0VMMiAgICAgICAgICAgICAgICBIQ1BUUgogI2RlZmluZSBDU1NF TFJfRUwxICAgICAgICAgICAgICBDU1NFTFIKICNkZWZpbmUgREFDUjMyX0VM MiAgICAgICAgICAgICAgREFDUgogI2RlZmluZSBFU1JfRUwxICAgICAgICAg ICAgICAgICBERlNSCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwNmU2MzhmLi4wMmNlZmU5IDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg0LDEzICs4NCwxOCBAQAogI2RlZmlu ZSBIQ1JfU1dJTyAgICAgICAgKF9BQygxLFVMKTw8MSkgLyogU2V0L1dheSBJ bnZhbGlkYXRpb24gT3ZlcnJpZGUgKi8KICNkZWZpbmUgSENSX1ZNICAgICAg ICAgIChfQUMoMSxVTCk8PDApIC8qIFZpcnR1YWwgTU1VIEVuYWJsZSAqLwog CisvKiBIQ1BUUiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSENQVFJfVFRBICAgICAgICgoX0FDKDEsVSk8PDIwKSkgICAg ICAgIC8qIFRyYXAgdHJhY2UgcmVnaXN0ZXJzICovCisjZGVmaW5lIEhDUFRS X0NQKHgpICAgICAoKF9BQygxLFUpPDwoeCkpKSAgICAgICAvKiBUcmFwIENv cHJvY2Vzc29yIHggKi8KKyNkZWZpbmUgSENQVFJfQ1BfTUFTSyAgICgoX0FD KDEsVSk8PDE0KS0xKQorCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAg ICAgICAgICAweDAwCiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAg ICAgICAweDAxCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAg ICAweDAzCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAw eDA0CiAjZGVmaW5lIEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1 CiAjZGVmaW5lIEhTUl9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2Ci0j ZGVmaW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3CisjZGVm aW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3ICAgICAgICAv KiBIQ1BUUi10cmFwcGVkIGFjY2VzcyB0byBDUDAtQ1AxMyAqLwogI2RlZmlu ZSBIU1JfRUNfQ1AxMCAgICAgICAgICAgICAgICAgMHgwOAogI2RlZmluZSBI U1JfRUNfSkFaRUxMRSAgICAgICAgICAgICAgMHgwOQogI2RlZmluZSBIU1Jf RUNfQlhKICAgICAgICAgICAgICAgICAgMHgwYQotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-03.patch" Content-Disposition: attachment; filename="xsa93-4.4-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-04.patch" Content-Disposition: attachment; filename="xsa93-4.4-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfT1VURVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-05.patch" Content-Disposition: attachment; filename="xsa93-4.4-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-06.patch" Content-Disposition: attachment; filename="xsa93-4.4-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzX3B2MzJfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQor ICAgICAgICAgICAgZ290byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AxNChy ZWdzLCBoc3IpOworICAgICAgICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19D UDoKICAgICAgICAgaWYgKCAhaXNfcHYzMl9kb21haW4oY3VycmVudC0+ZG9t YWluKSApCiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwpkaWZmIC0tZ2l0 IGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCBiL3hlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmgKaW5kZXggZTlhODA5NC4uYmY4MTMzZSAxMDA2 NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAorKysgYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCkBAIC0xMTUsNiArMTE1LDcg QEAKICNkZWZpbmUgTlNBQ1IgICAgICAgICAgIHAxNSwwLGMxLGMxLDIgICAv KiBOb24tU2VjdXJlIEFjY2VzcyBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVm aW5lIEhTQ1RMUiAgICAgICAgICBwMTUsNCxjMSxjMCwwICAgLyogSHlwLiBT eXN0ZW0gQ29udHJvbCBSZWdpc3RlciAqLwogI2RlZmluZSBIQ1IgICAgICAg ICAgICAgcDE1LDQsYzEsYzEsMCAgIC8qIEh5cC4gQ29uZmlndXJhdGlvbiBS ZWdpc3RlciAqLworI2RlZmluZSBIRENSICAgICAgICAgICAgcDE1LDQsYzEs YzEsMSAgIC8qIEh5cC4gRGVidWcgQ29uZmlndXJhdGlvbiBSZWdpc3RlciAq LwogI2RlZmluZSBIQ1BUUiAgICAgICAgICAgcDE1LDQsYzEsYzEsMiAgIC8q IEh5cC4gQ29wcm9jZXNzb3IgVHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBI U1RSICAgICAgICAgICAgcDE1LDQsYzEsYzEsMyAgIC8qIEh5cC4gU3lzdGVt IFRyYXAgUmVnaXN0ZXIgKi8KIApAQCAtMjg3LDYgKzI4OCw3IEBACiAjZGVm aW5lIElEX1BGUjBfRUwxICAgICAgICAgICAgIElEX1BGUjAKICNkZWZpbmUg SURfUEZSMV9FTDEgICAgICAgICAgICAgSURfUEZSMQogI2RlZmluZSBJRlNS MzJfRUwyICAgICAgICAgICAgICBJRlNSCisjZGVmaW5lIE1EQ1JfRUwyICAg ICAgICAgICAgICAgIEhEQ1IKICNkZWZpbmUgTUlEUl9FTDEgICAgICAgICAg ICAgICAgTUlEUgogI2RlZmluZSBNUElEUl9FTDEgICAgICAgICAgICAgICBN UElEUgogI2RlZmluZSBQQVJfRUwxICAgICAgICAgICAgICAgICBQQVIKZGlm ZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCmluZGV4IDc1MDg2NGEu LjkyNjdjMWIgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJv Y2Vzc29yLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aApAQCAtOTIsMTIgKzkyLDE5IEBACiAvKiBIU1RSIEh5cC4gU3lzdGVtIFRy YXAgUmVnaXN0ZXIgKi8KICNkZWZpbmUgSFNUUl9UKHgpICAgICAgICgoX0FD KDEsVSk8PCh4KSkpICAgICAgIC8qIFRyYXAgQ3AxNSBjPHg+ICovCiAKKy8q IEhEQ1IgSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVyICovCisj ZGVmaW5lIEhEQ1JfVERSQSAgICAgICAoX0FDKDEsVSk8PDExKSAgICAgICAg ICAvKiBUcmFwIERlYnVnIFJPTSBhY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9U RE9TQSAgICAgIChfQUMoMSxVKTw8MTApICAgICAgICAgIC8qIFRyYXAgRGVi dWctT1MtcmVsYXRlZCByZWdpc3RlciBhY2Nlc3MgKi8KKyNkZWZpbmUgSERD Ul9UREEgICAgICAgIChfQUMoMSxVKTw8OSkgICAgICAgICAgIC8qIFRyYXAg RGVidWcgQWNjZXNzICovCisjZGVmaW5lIEhEQ1JfVFBNICAgICAgICAoX0FD KDEsVSk8PDYpICAgICAgICAgICAvKiBUcmFwIFBlcmZvcm1hbmNlIE1vbml0 b3JzIGFjY2Vzc2VzICovCisjZGVmaW5lIEhEQ1JfVFBNQ1IgICAgICAoX0FD KDEsVSk8PDUpICAgICAgICAgICAvKiBUcmFwIFBNQ1IgYWNjZXNzZXMgKi8K KwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAog I2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2Rl ZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwogI2RlZmlu ZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAgMHgwNAotI2RlZmluZSBI U1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgwNQotI2RlZmluZSBIU1Jf RUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgorI2RlZmluZSBIU1JfRUNf Q1AxNF8zMiAgICAgICAgICAgICAgMHgwNSAgICAgICAgLyogVHJhcHBlZCBN Q1Igb3IgTVJDIGFjY2VzcyB0byBDUDE0ICovCisjZGVmaW5lIEhTUl9FQ19D UDE0X0RCRyAgICAgICAgICAgICAweDA2ICAgICAgICAvKiBUcmFwcGVkIExE Qy9TVEMgYWNjZXNzIHRvIENQMTQgKG9ubHkgZm9yIGRlYnVnIHJlZ2lzdGVy cykgKi8KICNkZWZpbmUgSFNSX0VDX0NQICAgICAgICAgICAgICAgICAgIDB4 MDcgICAgICAgIC8qIEhDUFRSLXRyYXBwZWQgYWNjZXNzIHRvIENQMC1DUDEz ICovCiAjZGVmaW5lIEhTUl9FQ19DUDEwICAgICAgICAgICAgICAgICAweDA4 CiAjZGVmaW5lIEhTUl9FQ19KQVpFTExFICAgICAgICAgICAgICAweDA5CmRp ZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL3N5c3JlZ3MuaCBiL3hl bi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCmluZGV4IDBjZWUwZTkuLjRh NGRlMzQgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCkBAIC00 MCw2ICs0MCwzMSBAQAogICAgICgoX19IU1JfU1lTUkVHXyMjY3JtKSA8PCBI U1JfU1lTUkVHX0NSTV9TSElGVCkgfCBcCiAgICAgKChfX0hTUl9TWVNSRUdf IyNvcDIpIDw8IEhTUl9TWVNSRUdfT1AyX1NISUZUKQogCisjZGVmaW5lIEhT Ul9TWVNSRUdfTURTQ1JfRUwxICAgICAgSFNSX1NZU1JFRygyLDAsYzAsYzIs MikKKyNkZWZpbmUgSFNSX1NZU1JFR19PU0xBUl9FTDEgICAgICBIU1JfU1lT UkVHKDIsMCxjMSxjMCw0KQorCisjZGVmaW5lIEhTUl9TWVNSRUdfREJHQlZS bl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw0KQorI2RlZmluZSBI U1JfU1lTUkVHX0RCR0JDUm5fRUwxKG4pIEhTUl9TWVNSRUcoMiwwLGMwLGMj I24sNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdXVlJuX0VMMShuKSBIU1Jf U1lTUkVHKDIsMCxjMCxjIyNuLDYpCisjZGVmaW5lIEhTUl9TWVNSRUdfREJH V0NSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw3KQorCisjZGVm aW5lIEhTUl9TWVNSRUdfREJHX0NBU0VTKFJFRykgY2FzZSBIU1JfU1lTUkVH XyMjUkVHIyNuX0VMMSgwKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEpOiAg XAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNS X1NZU1JFR18jI1JFRyMjbl9FTDEoMik6ICBcCisgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VM MSgzKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBj YXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDQpOiAgXAorICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JF RyMjbl9FTDEoNSk6ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg2KTogIFwKKyAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDcpOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoOCk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg5KTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDEwKTogXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTEpOiBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSgxMik6IFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEzKTogXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoMTQpOiBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgx NSkKKwogI2RlZmluZSBIU1JfU1lTUkVHX1NDVExSX0VMMSAgICAgIEhTUl9T WVNSRUcoMywwLGMxLCBjMCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX1RUQlIw X0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBjMCwwKQogI2RlZmluZSBI U1JfU1lTUkVHX1RUQlIxX0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBj MCwxKQpAQCAtNDgsMTAgKzczLDI4IEBACiAjZGVmaW5lIEhTUl9TWVNSRUdf QUZTUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzUsIGMxLDEpCiAjZGVm aW5lIEhTUl9TWVNSRUdfRVNSX0VMMSAgICAgICAgSFNSX1NZU1JFRygzLDAs YzUsIGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfRkFSX0VMMSAgICAgICAg SFNSX1NZU1JFRygzLDAsYzYsIGMwLDApCisjZGVmaW5lIEhTUl9TWVNSRUdf UE1JTlRFTlNFVF9FTDEgSFNSX1NZU1JFRygzLDAsYzksYzE0LDEpCisjZGVm aW5lIEhTUl9TWVNSRUdfUE1JTlRFTkNMUl9FTDEgSFNSX1NZU1JFRygzLDAs YzksYzE0LDIpCiAjZGVmaW5lIEhTUl9TWVNSRUdfTUFJUl9FTDEgICAgICAg SFNSX1NZU1JFRygzLDAsYzEwLGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdf QU1BSVJfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzEwLGMzLDApCiAjZGVm aW5lIEhTUl9TWVNSRUdfQ09OVEVYVElEUl9FTDEgSFNSX1NZU1JFRygzLDAs YzEzLGMwLDEpCiAKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNSX0VMMCAgICAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNOVEVOU0VUX0VMMCBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUNOVEVOQ0xSX0VMMCBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsMikKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU0NMUl9FTDAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMykKKyNkZWZpbmUgSFNSX1NZU1JF R19QTVNXSU5DX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNCkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTVNFTFJfRUwwICAgICBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNFSUQwX0VMMCAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNikKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNFSUQxX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNykKKwor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ0NOVFJfRUwwICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMywwKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNWEVWVFlQRVJf RUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMywxKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNWEVWQ05UUl9FTDAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMywyKQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1VU0VSRU5SX0VMMCAgSFNSX1NZU1JF RygzLDMsYzksYzE0LDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1PVlNTRVRf RUwwICAgSFNSX1NZU1JFRygzLDMsYzksYzE0LDMpCisKICNkZWZpbmUgSFNS X1NZU1JFR19DTlRQQ1RfRUwwICAgICBIU1JfU1lTUkVHKDMsMyxjMTQsYzAs MCkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX0NUTF9FTDAgICBIU1JfU1lT UkVHKDMsMyxjMTQsYzIsMSkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX1RW QUxfRUwwICBIU1JfU1lTUkVHKDMsMyxjMTQsYzIsMCkKLS0gCjEuNy4xMC40 Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-01.patch" Content-Disposition: attachment; filename="xsa93-unstable-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-02.patch" Content-Disposition: attachment; filename="xsa93-unstable-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfMzJi aXRfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQorICAgICAgICAgICAgZ290 byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AocmVncywgaHNyKTsKKyAgICAg ICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNfU01DMzI6CiAgICAgICAgIGlu amVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKICAgICAgICAgYnJlYWs7 CmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCA1MDg0NjdhLi4y YjQxMWFmIDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTEx NSw2ICsxMTUsNyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAs YzEsYzEsMiAgIC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0 ZXIgKi8KICNkZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAg ICAvKiBIeXAuIFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhDUiAgICAgICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25m aWd1cmF0aW9uIFJlZ2lzdGVyICovCisjZGVmaW5lIEhDUFRSICAgICAgICAg ICBwMTUsNCxjMSxjMSwyICAgLyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJl Z2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJsZSBC YXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJDUiAg ICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24gVGFi bGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNjAsNiArMjYxLDcg QEAKICNkZWZpbmUgQ05UVl9DVkFMX0VMMCAgICAgICAgICAgQ05UVl9DVkFM CiAjZGVmaW5lIENPTlRFWFRJRFJfRUwxICAgICAgICAgIENPTlRFWFRJRFIK ICNkZWZpbmUgQ1BBQ1JfRUwxICAgICAgICAgICAgICAgQ1BBQ1IKKyNkZWZp bmUgQ1BUUl9FTDIgICAgICAgICAgICAgICAgSENQVFIKICNkZWZpbmUgQ1NT RUxSX0VMMSAgICAgICAgICAgICAgQ1NTRUxSCiAjZGVmaW5lIERBQ1IzMl9F TDIgICAgICAgICAgICAgIERBQ1IKICNkZWZpbmUgRVNSX0VMMSAgICAgICAg ICAgICAgICAgREZTUgpkaWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFy bS9wcm9jZXNzb3IuaCBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29y LmgKaW5kZXggMDZlNjM4Zi4uMDJjZWZlOSAxMDA2NDQKLS0tIGEveGVuL2lu Y2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oCkBAIC04NCwxMyArODQsMTggQEAKICNkZWZp bmUgSENSX1NXSU8gICAgICAgIChfQUMoMSxVTCk8PDEpIC8qIFNldC9XYXkg SW52YWxpZGF0aW9uIE92ZXJyaWRlICovCiAjZGVmaW5lIEhDUl9WTSAgICAg ICAgICAoX0FDKDEsVUwpPDwwKSAvKiBWaXJ0dWFsIE1NVSBFbmFibGUgKi8K IAorLyogSENQVFIgSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICov CisjZGVmaW5lIEhDUFRSX1RUQSAgICAgICAoKF9BQygxLFUpPDwyMCkpICAg ICAgICAvKiBUcmFwIHRyYWNlIHJlZ2lzdGVycyAqLworI2RlZmluZSBIQ1BU Ul9DUCh4KSAgICAgKChfQUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBD b3Byb2Nlc3NvciB4ICovCisjZGVmaW5lIEhDUFRSX0NQX01BU0sgICAoKF9B QygxLFUpPDwxNCktMSkKKwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAg ICAgICAgICAgMHgwMAogI2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAg ICAgICAgMHgwMQogI2RlZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAg ICAgMHgwMwogI2RlZmluZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAg MHgwNAogI2RlZmluZSBIU1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgw NQogI2RlZmluZSBIU1JfRUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgot I2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNworI2Rl ZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNyAgICAgICAg LyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQMTMgKi8KICNkZWZp bmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4MDgKICNkZWZpbmUg SFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkKICNkZWZpbmUgSFNS X0VDX0JYSiAgICAgICAgICAgICAgICAgIDB4MGEKLS0gCjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-03.patch" Content-Disposition: attachment; filename="xsa93-unstable-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-04.patch" Content-Disposition: attachment; filename="xsa93-unstable-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfSU5ORVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-05.patch" Content-Disposition: attachment; filename="xsa93-unstable-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-06.patch" Content-Disposition: attachment; filename="xsa93-unstable-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5kb21haW4pICkK KyAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CisgICAgICAgIGRvX2NwMTQo cmVncywgaHNyKTsKKyAgICAgICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNf Q1A6CiAgICAgICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5k b21haW4pICkKICAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CmRpZmYgLS1n aXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIveGVuL2luY2x1 ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCBlOWE4MDk0Li5iZjgxMzNlIDEw MDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCisrKyBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTExNSw2ICsxMTUs NyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAsYzEsYzEsMiAg IC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAgICAvKiBIeXAu IFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5lIEhDUiAgICAg ICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25maWd1cmF0aW9u IFJlZ2lzdGVyICovCisjZGVmaW5lIEhEQ1IgICAgICAgICAgICBwMTUsNCxj MSxjMSwxICAgLyogSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVy ICovCiAjZGVmaW5lIEhDUFRSICAgICAgICAgICBwMTUsNCxjMSxjMSwyICAg LyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhTVFIgICAgICAgICAgICBwMTUsNCxjMSxjMSwzICAgLyogSHlwLiBTeXN0 ZW0gVHJhcCBSZWdpc3RlciAqLwogCkBAIC0yODcsNiArMjg4LDcgQEAKICNk ZWZpbmUgSURfUEZSMF9FTDEgICAgICAgICAgICAgSURfUEZSMAogI2RlZmlu ZSBJRF9QRlIxX0VMMSAgICAgICAgICAgICBJRF9QRlIxCiAjZGVmaW5lIElG U1IzMl9FTDIgICAgICAgICAgICAgIElGU1IKKyNkZWZpbmUgTURDUl9FTDIg ICAgICAgICAgICAgICAgSERDUgogI2RlZmluZSBNSURSX0VMMSAgICAgICAg ICAgICAgICBNSURSCiAjZGVmaW5lIE1QSURSX0VMMSAgICAgICAgICAgICAg IE1QSURSCiAjZGVmaW5lIFBBUl9FTDEgICAgICAgICAgICAgICAgIFBBUgpk aWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaCBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmgKaW5kZXggNzUwODY0 YS4uOTI2N2MxYiAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9w cm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nv ci5oCkBAIC05MiwxMiArOTIsMTkgQEAKIC8qIEhTVFIgSHlwLiBTeXN0ZW0g VHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChf QUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KIAor LyogSERDUiBIeXAuIERlYnVnIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSERDUl9URFJBICAgICAgIChfQUMoMSxVKTw8MTEpICAgICAg ICAgIC8qIFRyYXAgRGVidWcgUk9NIGFjY2VzcyAqLworI2RlZmluZSBIRENS X1RET1NBICAgICAgKF9BQygxLFUpPDwxMCkgICAgICAgICAgLyogVHJhcCBE ZWJ1Zy1PUy1yZWxhdGVkIHJlZ2lzdGVyIGFjY2VzcyAqLworI2RlZmluZSBI RENSX1REQSAgICAgICAgKF9BQygxLFUpPDw5KSAgICAgICAgICAgLyogVHJh cCBEZWJ1ZyBBY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9UUE0gICAgICAgIChf QUMoMSxVKTw8NikgICAgICAgICAgIC8qIFRyYXAgUGVyZm9ybWFuY2UgTW9u aXRvcnMgYWNjZXNzZXMgKi8KKyNkZWZpbmUgSERDUl9UUE1DUiAgICAgIChf QUMoMSxVKTw8NSkgICAgICAgICAgIC8qIFRyYXAgUE1DUiBhY2Nlc3NlcyAq LworCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAgICAgICAgICAweDAw CiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAgICAgICAweDAxCiAj ZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAgICAweDAzCiAjZGVm aW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAweDA0Ci0jZGVmaW5l IEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1Ci0jZGVmaW5lIEhT Ul9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2CisjZGVmaW5lIEhTUl9F Q19DUDE0XzMyICAgICAgICAgICAgICAweDA1ICAgICAgICAvKiBUcmFwcGVk IE1DUiBvciBNUkMgYWNjZXNzIHRvIENQMTQgKi8KKyNkZWZpbmUgSFNSX0VD X0NQMTRfREJHICAgICAgICAgICAgIDB4MDYgICAgICAgIC8qIFRyYXBwZWQg TERDL1NUQyBhY2Nlc3MgdG8gQ1AxNCAob25seSBmb3IgZGVidWcgcmVnaXN0 ZXJzKSAqLwogI2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAg MHgwNyAgICAgICAgLyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQ MTMgKi8KICNkZWZpbmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4 MDgKICNkZWZpbmUgSFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKaW5kZXggMGNlZTBlOS4u NGE0ZGUzNCAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNy ZWdzLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKQEAg LTQwLDYgKzQwLDMxIEBACiAgICAgKChfX0hTUl9TWVNSRUdfIyNjcm0pIDw8 IEhTUl9TWVNSRUdfQ1JNX1NISUZUKSB8IFwKICAgICAoKF9fSFNSX1NZU1JF R18jI29wMikgPDwgSFNSX1NZU1JFR19PUDJfU0hJRlQpCiAKKyNkZWZpbmUg SFNSX1NZU1JFR19NRFNDUl9FTDEgICAgICBIU1JfU1lTUkVHKDIsMCxjMCxj MiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX09TTEFSX0VMMSAgICAgIEhTUl9T WVNSRUcoMiwwLGMxLGMwLDQpCisKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdC VlJuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDQpCisjZGVmaW5l IEhTUl9TWVNSRUdfREJHQkNSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAs YyMjbiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX0RCR1dWUm5fRUwxKG4pIEhT Ul9TWVNSRUcoMiwwLGMwLGMjI24sNikKKyNkZWZpbmUgSFNSX1NZU1JFR19E QkdXQ1JuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDcpCisKKyNk ZWZpbmUgSFNSX1NZU1JFR19EQkdfQ0FTRVMoUkVHKSBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDApOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMSk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgyKTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDMpOiAgXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoNCk6ICBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSg1KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDYpOiAgXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoNyk6ICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg4 KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNl IEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDkpOiAgXAorICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMj bl9FTDEoMTApOiBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgxMSk6IFwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdf IyNSRUcjI25fRUwxKDEyKTogXAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTMpOiBc CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1Jf U1lTUkVHXyMjUkVHIyNuX0VMMSgxNCk6IFwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwx KDE1KQorCiAjZGVmaW5lIEhTUl9TWVNSRUdfU0NUTFJfRUwxICAgICAgSFNS X1NZU1JFRygzLDAsYzEsIGMwLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfVFRC UjBfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIsIGMwLDApCiAjZGVmaW5l IEhTUl9TWVNSRUdfVFRCUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIs IGMwLDEpCkBAIC00OCwxMCArNzMsMjggQEAKICNkZWZpbmUgSFNSX1NZU1JF R19BRlNSMV9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjNSwgYzEsMSkKICNk ZWZpbmUgSFNSX1NZU1JFR19FU1JfRUwxICAgICAgICBIU1JfU1lTUkVHKDMs MCxjNSwgYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JFR19GQVJfRUwxICAgICAg ICBIU1JfU1lTUkVHKDMsMCxjNiwgYzAsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUlOVEVOU0VUX0VMMSBIU1JfU1lTUkVHKDMsMCxjOSxjMTQsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VMMSBIU1JfU1lTUkVHKDMs MCxjOSxjMTQsMikKICNkZWZpbmUgSFNSX1NZU1JFR19NQUlSX0VMMSAgICAg ICBIU1JfU1lTUkVHKDMsMCxjMTAsYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JF R19BTUFJUl9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjMTAsYzMsMCkKICNk ZWZpbmUgSFNSX1NZU1JFR19DT05URVhUSURSX0VMMSBIU1JfU1lTUkVHKDMs MCxjMTMsYzAsMSkKIAorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ1JfRUwwICAg ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwwKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ05URU5TRVRfRUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwxKQor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ05URU5DTFJfRUwwIEhTUl9TWVNSRUco MywzLGM5LGMxMiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNT1ZTQ0xSX0VM MCAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwzKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNU1dJTkNfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw0KQor I2RlZmluZSBIU1JfU1lTUkVHX1BNU0VMUl9FTDAgICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ0VJRDBfRUww ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw2KQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ0VJRDFfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw3KQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1DQ05UUl9FTDAgICAgSFNSX1NZU1JF RygzLDMsYzksYzEzLDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1YRVZUWVBF Ul9FTDAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDEpCisjZGVmaW5lIEhTUl9T WVNSRUdfUE1YRVZDTlRSX0VMMCAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDIp CisKKyNkZWZpbmUgSFNSX1NZU1JFR19QTVVTRVJFTlJfRUwwICBIU1JfU1lT UkVHKDMsMyxjOSxjMTQsMCkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU1NF VF9FTDAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTQsMykKKwogI2RlZmluZSBI U1JfU1lTUkVHX0NOVFBDVF9FTDAgICAgIEhTUl9TWVNSRUcoMywzLGMxNCxj MCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBfQ1RMX0VMMCAgIEhTUl9T WVNSRUcoMywzLGMxNCxjMiwxKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBf VFZBTF9FTDAgIEhTUl9TWVNSRUcoMywzLGMxNCxjMiwwKQotLSAKMS43LjEw LjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 10:22:16 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 10:22:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIM-0007FM-5H; Wed, 23 Apr 2014 10:20:50 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIK-0007EP-JM; Wed, 23 Apr 2014 10:20:49 +0000 Received: from [193.109.254.147:22835] by server-7.bemta-14.messagelabs.com id 97/79-17726-FF397535; Wed, 23 Apr 2014 10:20:47 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1398248444!337894!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 1631 invoked from network); 23 Apr 2014 10:20:45 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 10:20:45 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcuIA-0006U8-LF; Wed, 23 Apr 2014 10:20:38 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WcuIA-00083c-CY; Wed, 23 Apr 2014 10:20:38 +0000 Date: Wed, 23 Apr 2014 10:20:38 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 93 (CVE-2014-2915) - Hardware features unintentionally exposed to guests on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2915 / XSA-93 version 2 Hardware features unintentionally exposed to guests on ARM UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2915. ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not correctly configuring the hardware virtualisation platform and therefore did not prevent guests from accessing various hardware features including cache control, coprocessors, debug registers and various processor specific registers. IMPACT ====== By accessing these hardware facilities a malicious or buggy guest may be able to cause various issues, including crashing the host, crashing other guests (including control domains) and data corruption. Privilege escalation is not thought to be possible but has not been ruled out. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. The public mailing list thread contains information strongly suggestive of a security bug and included example code which can crash the host. CREDITS ======= The initial bug was discovered by Thomas Leonard and further followup issues were discovered by Julien Grall. RESOLUTION ========== Applying the attached patches resolves this issue. xsa93-unstable-{01..06}.patch xen-unstable xsa93-4.4-{01..06}.patch Xen 4.4.x $ sha256sum xsa93*.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-4.4-01.patch 68ec2bdb48dd232dbabefbe7c971546b52d7001a128471226a41f36e27a806f2 xsa93-4.4-02.patch 541d2d57ee85a9603ae4bf00bb321f6f491354df9e15eb09ddb5ccba68333ecc xsa93-4.4-03.patch 6a3736e5dea1d45df6b979f02e06e058d8dffdbcf128d2d0984db404a87ebb62 xsa93-4.4-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-4.4-05.patch e212ad288eaeccf6a33cab27ecc6515a889365b0c56b5010e91a603ce239a38b xsa93-4.4-06.patch 9a01ed1c7d33d2381594af3b0985df50f3aa7f13f5a9989595427407c5a5eb06 xsa93-unstable-01.patch 9b472975087dee1d22db8e5f3e55b1589910d84de86b2cad218bfd540fbbd92e xsa93-unstable-02.patch f921ba7c1b216dd425035f94ac9eef9374ae5eba4af4cb5a3b7aa3f958a0a767 xsa93-unstable-03.patch 45b7e6b226a4449370c4dbe21aa71c398955e4ed2bc7cf9e4426f29583af14be xsa93-unstable-04.patch 282e2cf82ad4345573d21351c242684cd09f384bcd76c262740f9e33f8b04c9c xsa93-unstable-05.patch e2668f0ecf1e79aa30928791b92a15c15821c8bce7958a5c3fee7563cf81960b xsa93-unstable-06.patch $ NOTE: These patches unconditionally deny access by all guests (including control domains) to various hardware features in order to close the vulnerability. Specifically guests are prevented from accessing: * coprocessors 0..9, 12 and 13; * coprocessor 14 (trace registers); * coprocessor 15 encodings: CRn==c9, opc1=={0-7}, CRm=={c0-c2, c5-c8}, opc2=={0-7}, CRn==c10, opc1=={0-7}, CRm=={c0, c1, c4, c8}, opc2=={0-7} CRn==c11, opc1=={0-7}, CRm=={c0-c8, c15}, opc2=={0-7} (IMPLEMENTATION DEFINED cache, TCM, branch predictor, memory remapping, and TLB control registers); * cp15 c15 (IMPLEMENTATION DEFINED); * Debug and Performance monitor registers. We have checked common Operating Systems which are known to run on Xen on ARM and not found any default uses of these registers. However it is expected that tools such as the Linux perf tool which make use of debug and performance registers will no longer function correctly in guest context. In addition if your use case requires access to specific coprocessors by one or more guest domains then additional local patches may be required to enable this. Where feasible we hope to reenable these use cases in the future. If this affects you then please contact the xen-devel mailing list http://lists.xen.org/mailman/listinfo/xen-devel. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV5O6AAoJEIP+FMlX6CvZt7MH+wYxthL+nxagERvLrXQdXlF6 XYctN9gb5iEGwKLI4MLuVYdMqXIa2NfTvTEHfwNyWEp6sS/+nc2V0h8qAqDdhdtO cNuxV2zK7Ab328SkNVy17y6j0Jgyen0QrOGBwTaNb5CXUHkg3J+YppObvGlTqjDi HoXeX7Whv4CSqOjgua189e9uNzKtBNsZZepqerli1/tIazWSuOT8KIHp92NKAbLv hwm9HUS7gN2JmR8wU3DD3DxJp+bfTDXBCKOvGmYILxN+X0pzAtfDgK+RMOBwSD05 iJ3rcs83VR6ITRqdI+hRifesSiS6Yi7OFi3xB2vAdSm6IjsA06pARYPCIPGCQh0= =Nnq0 -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa93-4.4-01.patch" Content-Disposition: attachment; filename="xsa93-4.4-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-02.patch" Content-Disposition: attachment; filename="xsa93-4.4-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfcHYz Ml9kb21haW4oY3VycmVudC0+ZG9tYWluKSApCisgICAgICAgICAgICBnb3Rv IGJhZF90cmFwOworICAgICAgICBkb19jcChyZWdzLCBoc3IpOworICAgICAg ICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19TTUMzMjoKICAgICAgICAgaW5q ZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOwogICAgICAgICBicmVhazsK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCmluZGV4IDUwODQ2N2EuLjJi NDExYWYgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdz LmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaApAQCAtMTE1 LDYgKzExNSw3IEBACiAjZGVmaW5lIE5TQUNSICAgICAgICAgICBwMTUsMCxj MSxjMSwyICAgLyogTm9uLVNlY3VyZSBBY2Nlc3MgQ29udHJvbCBSZWdpc3Rl ciAqLwogI2RlZmluZSBIU0NUTFIgICAgICAgICAgcDE1LDQsYzEsYzAsMCAg IC8qIEh5cC4gU3lzdGVtIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNkZWZpbmUg SENSICAgICAgICAgICAgIHAxNSw0LGMxLGMxLDAgICAvKiBIeXAuIENvbmZp Z3VyYXRpb24gUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSENQVFIgICAgICAgICAg IHAxNSw0LGMxLGMxLDIgICAvKiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVn aXN0ZXIgKi8KIAogLyogQ1AxNSBDUjI6IFRyYW5zbGF0aW9uIFRhYmxlIEJh c2UgYW5kIENvbnRyb2wgUmVnaXN0ZXJzICovCiAjZGVmaW5lIFRUQkNSICAg ICAgICAgICBwMTUsMCxjMixjMCwyICAgLyogVHJhbnNsYXRhdGlvbiBUYWJs ZSBCYXNlIENvbnRyb2wgUmVnaXN0ZXIgKi8KQEAgLTI2MCw2ICsyNjEsNyBA QAogI2RlZmluZSBDTlRWX0NWQUxfRUwwICAgICAgICAgICBDTlRWX0NWQUwK ICNkZWZpbmUgQ09OVEVYVElEUl9FTDEgICAgICAgICAgQ09OVEVYVElEUgog I2RlZmluZSBDUEFDUl9FTDEgICAgICAgICAgICAgICBDUEFDUgorI2RlZmlu ZSBDUFRSX0VMMiAgICAgICAgICAgICAgICBIQ1BUUgogI2RlZmluZSBDU1NF TFJfRUwxICAgICAgICAgICAgICBDU1NFTFIKICNkZWZpbmUgREFDUjMyX0VM MiAgICAgICAgICAgICAgREFDUgogI2RlZmluZSBFU1JfRUwxICAgICAgICAg ICAgICAgICBERlNSCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwNmU2MzhmLi4wMmNlZmU5IDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg0LDEzICs4NCwxOCBAQAogI2RlZmlu ZSBIQ1JfU1dJTyAgICAgICAgKF9BQygxLFVMKTw8MSkgLyogU2V0L1dheSBJ bnZhbGlkYXRpb24gT3ZlcnJpZGUgKi8KICNkZWZpbmUgSENSX1ZNICAgICAg ICAgIChfQUMoMSxVTCk8PDApIC8qIFZpcnR1YWwgTU1VIEVuYWJsZSAqLwog CisvKiBIQ1BUUiBIeXAuIENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSENQVFJfVFRBICAgICAgICgoX0FDKDEsVSk8PDIwKSkgICAg ICAgIC8qIFRyYXAgdHJhY2UgcmVnaXN0ZXJzICovCisjZGVmaW5lIEhDUFRS X0NQKHgpICAgICAoKF9BQygxLFUpPDwoeCkpKSAgICAgICAvKiBUcmFwIENv cHJvY2Vzc29yIHggKi8KKyNkZWZpbmUgSENQVFJfQ1BfTUFTSyAgICgoX0FD KDEsVSk8PDE0KS0xKQorCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAg ICAgICAgICAweDAwCiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAg ICAgICAweDAxCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAg ICAweDAzCiAjZGVmaW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAw eDA0CiAjZGVmaW5lIEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1 CiAjZGVmaW5lIEhTUl9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2Ci0j ZGVmaW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3CisjZGVm aW5lIEhTUl9FQ19DUCAgICAgICAgICAgICAgICAgICAweDA3ICAgICAgICAv KiBIQ1BUUi10cmFwcGVkIGFjY2VzcyB0byBDUDAtQ1AxMyAqLwogI2RlZmlu ZSBIU1JfRUNfQ1AxMCAgICAgICAgICAgICAgICAgMHgwOAogI2RlZmluZSBI U1JfRUNfSkFaRUxMRSAgICAgICAgICAgICAgMHgwOQogI2RlZmluZSBIU1Jf RUNfQlhKICAgICAgICAgICAgICAgICAgMHgwYQotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-03.patch" Content-Disposition: attachment; filename="xsa93-4.4-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX09VVEVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-04.patch" Content-Disposition: attachment; filename="xsa93-4.4-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfT1VURVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-4.4-05.patch" Content-Disposition: attachment; filename="xsa93-4.4-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-4.4-06.patch" Content-Disposition: attachment; filename="xsa93-4.4-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzX3B2MzJfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQor ICAgICAgICAgICAgZ290byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AxNChy ZWdzLCBoc3IpOworICAgICAgICBicmVhazsKICAgICBjYXNlIEhTUl9FQ19D UDoKICAgICAgICAgaWYgKCAhaXNfcHYzMl9kb21haW4oY3VycmVudC0+ZG9t YWluKSApCiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwpkaWZmIC0tZ2l0 IGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCBiL3hlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmgKaW5kZXggZTlhODA5NC4uYmY4MTMzZSAxMDA2 NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAorKysgYi94 ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCkBAIC0xMTUsNiArMTE1LDcg QEAKICNkZWZpbmUgTlNBQ1IgICAgICAgICAgIHAxNSwwLGMxLGMxLDIgICAv KiBOb24tU2VjdXJlIEFjY2VzcyBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVm aW5lIEhTQ1RMUiAgICAgICAgICBwMTUsNCxjMSxjMCwwICAgLyogSHlwLiBT eXN0ZW0gQ29udHJvbCBSZWdpc3RlciAqLwogI2RlZmluZSBIQ1IgICAgICAg ICAgICAgcDE1LDQsYzEsYzEsMCAgIC8qIEh5cC4gQ29uZmlndXJhdGlvbiBS ZWdpc3RlciAqLworI2RlZmluZSBIRENSICAgICAgICAgICAgcDE1LDQsYzEs YzEsMSAgIC8qIEh5cC4gRGVidWcgQ29uZmlndXJhdGlvbiBSZWdpc3RlciAq LwogI2RlZmluZSBIQ1BUUiAgICAgICAgICAgcDE1LDQsYzEsYzEsMiAgIC8q IEh5cC4gQ29wcm9jZXNzb3IgVHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBI U1RSICAgICAgICAgICAgcDE1LDQsYzEsYzEsMyAgIC8qIEh5cC4gU3lzdGVt IFRyYXAgUmVnaXN0ZXIgKi8KIApAQCAtMjg3LDYgKzI4OCw3IEBACiAjZGVm aW5lIElEX1BGUjBfRUwxICAgICAgICAgICAgIElEX1BGUjAKICNkZWZpbmUg SURfUEZSMV9FTDEgICAgICAgICAgICAgSURfUEZSMQogI2RlZmluZSBJRlNS MzJfRUwyICAgICAgICAgICAgICBJRlNSCisjZGVmaW5lIE1EQ1JfRUwyICAg ICAgICAgICAgICAgIEhEQ1IKICNkZWZpbmUgTUlEUl9FTDEgICAgICAgICAg ICAgICAgTUlEUgogI2RlZmluZSBNUElEUl9FTDEgICAgICAgICAgICAgICBN UElEUgogI2RlZmluZSBQQVJfRUwxICAgICAgICAgICAgICAgICBQQVIKZGlm ZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggYi94 ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCmluZGV4IDc1MDg2NGEu LjkyNjdjMWIgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJv Y2Vzc29yLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aApAQCAtOTIsMTIgKzkyLDE5IEBACiAvKiBIU1RSIEh5cC4gU3lzdGVtIFRy YXAgUmVnaXN0ZXIgKi8KICNkZWZpbmUgSFNUUl9UKHgpICAgICAgICgoX0FD KDEsVSk8PCh4KSkpICAgICAgIC8qIFRyYXAgQ3AxNSBjPHg+ICovCiAKKy8q IEhEQ1IgSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVyICovCisj ZGVmaW5lIEhEQ1JfVERSQSAgICAgICAoX0FDKDEsVSk8PDExKSAgICAgICAg ICAvKiBUcmFwIERlYnVnIFJPTSBhY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9U RE9TQSAgICAgIChfQUMoMSxVKTw8MTApICAgICAgICAgIC8qIFRyYXAgRGVi dWctT1MtcmVsYXRlZCByZWdpc3RlciBhY2Nlc3MgKi8KKyNkZWZpbmUgSERD Ul9UREEgICAgICAgIChfQUMoMSxVKTw8OSkgICAgICAgICAgIC8qIFRyYXAg RGVidWcgQWNjZXNzICovCisjZGVmaW5lIEhEQ1JfVFBNICAgICAgICAoX0FD KDEsVSk8PDYpICAgICAgICAgICAvKiBUcmFwIFBlcmZvcm1hbmNlIE1vbml0 b3JzIGFjY2Vzc2VzICovCisjZGVmaW5lIEhEQ1JfVFBNQ1IgICAgICAoX0FD KDEsVSk8PDUpICAgICAgICAgICAvKiBUcmFwIFBNQ1IgYWNjZXNzZXMgKi8K KwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAog I2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2Rl ZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwogI2RlZmlu ZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAgMHgwNAotI2RlZmluZSBI U1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgwNQotI2RlZmluZSBIU1Jf RUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgorI2RlZmluZSBIU1JfRUNf Q1AxNF8zMiAgICAgICAgICAgICAgMHgwNSAgICAgICAgLyogVHJhcHBlZCBN Q1Igb3IgTVJDIGFjY2VzcyB0byBDUDE0ICovCisjZGVmaW5lIEhTUl9FQ19D UDE0X0RCRyAgICAgICAgICAgICAweDA2ICAgICAgICAvKiBUcmFwcGVkIExE Qy9TVEMgYWNjZXNzIHRvIENQMTQgKG9ubHkgZm9yIGRlYnVnIHJlZ2lzdGVy cykgKi8KICNkZWZpbmUgSFNSX0VDX0NQICAgICAgICAgICAgICAgICAgIDB4 MDcgICAgICAgIC8qIEhDUFRSLXRyYXBwZWQgYWNjZXNzIHRvIENQMC1DUDEz ICovCiAjZGVmaW5lIEhTUl9FQ19DUDEwICAgICAgICAgICAgICAgICAweDA4 CiAjZGVmaW5lIEhTUl9FQ19KQVpFTExFICAgICAgICAgICAgICAweDA5CmRp ZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL3N5c3JlZ3MuaCBiL3hl bi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCmluZGV4IDBjZWUwZTkuLjRh NGRlMzQgMTAwNjQ0Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oCkBAIC00 MCw2ICs0MCwzMSBAQAogICAgICgoX19IU1JfU1lTUkVHXyMjY3JtKSA8PCBI U1JfU1lTUkVHX0NSTV9TSElGVCkgfCBcCiAgICAgKChfX0hTUl9TWVNSRUdf IyNvcDIpIDw8IEhTUl9TWVNSRUdfT1AyX1NISUZUKQogCisjZGVmaW5lIEhT Ul9TWVNSRUdfTURTQ1JfRUwxICAgICAgSFNSX1NZU1JFRygyLDAsYzAsYzIs MikKKyNkZWZpbmUgSFNSX1NZU1JFR19PU0xBUl9FTDEgICAgICBIU1JfU1lT UkVHKDIsMCxjMSxjMCw0KQorCisjZGVmaW5lIEhTUl9TWVNSRUdfREJHQlZS bl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw0KQorI2RlZmluZSBI U1JfU1lTUkVHX0RCR0JDUm5fRUwxKG4pIEhTUl9TWVNSRUcoMiwwLGMwLGMj I24sNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdXVlJuX0VMMShuKSBIU1Jf U1lTUkVHKDIsMCxjMCxjIyNuLDYpCisjZGVmaW5lIEhTUl9TWVNSRUdfREJH V0NSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAsYyMjbiw3KQorCisjZGVm aW5lIEhTUl9TWVNSRUdfREJHX0NBU0VTKFJFRykgY2FzZSBIU1JfU1lTUkVH XyMjUkVHIyNuX0VMMSgwKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEpOiAg XAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNS X1NZU1JFR18jI1JFRyMjbl9FTDEoMik6ICBcCisgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VM MSgzKTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBj YXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDQpOiAgXAorICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JF RyMjbl9FTDEoNSk6ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg2KTogIFwKKyAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDcpOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoOCk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg5KTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDEwKTogXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTEpOiBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSgxMik6IFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDEzKTogXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoMTQpOiBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgx NSkKKwogI2RlZmluZSBIU1JfU1lTUkVHX1NDVExSX0VMMSAgICAgIEhTUl9T WVNSRUcoMywwLGMxLCBjMCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX1RUQlIw X0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBjMCwwKQogI2RlZmluZSBI U1JfU1lTUkVHX1RUQlIxX0VMMSAgICAgIEhTUl9TWVNSRUcoMywwLGMyLCBj MCwxKQpAQCAtNDgsMTAgKzczLDI4IEBACiAjZGVmaW5lIEhTUl9TWVNSRUdf QUZTUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzUsIGMxLDEpCiAjZGVm aW5lIEhTUl9TWVNSRUdfRVNSX0VMMSAgICAgICAgSFNSX1NZU1JFRygzLDAs YzUsIGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfRkFSX0VMMSAgICAgICAg SFNSX1NZU1JFRygzLDAsYzYsIGMwLDApCisjZGVmaW5lIEhTUl9TWVNSRUdf UE1JTlRFTlNFVF9FTDEgSFNSX1NZU1JFRygzLDAsYzksYzE0LDEpCisjZGVm aW5lIEhTUl9TWVNSRUdfUE1JTlRFTkNMUl9FTDEgSFNSX1NZU1JFRygzLDAs YzksYzE0LDIpCiAjZGVmaW5lIEhTUl9TWVNSRUdfTUFJUl9FTDEgICAgICAg SFNSX1NZU1JFRygzLDAsYzEwLGMyLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdf QU1BSVJfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzEwLGMzLDApCiAjZGVm aW5lIEhTUl9TWVNSRUdfQ09OVEVYVElEUl9FTDEgSFNSX1NZU1JFRygzLDAs YzEzLGMwLDEpCiAKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNSX0VMMCAgICAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNOVEVOU0VUX0VMMCBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUNOVEVOQ0xSX0VMMCBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsMikKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU0NMUl9FTDAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsMykKKyNkZWZpbmUgSFNSX1NZU1JF R19QTVNXSU5DX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNCkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTVNFTFJfRUwwICAgICBIU1JfU1lTUkVHKDMs MyxjOSxjMTIsNSkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTUNFSUQwX0VMMCAg ICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNikKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUNFSUQxX0VMMCAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTIsNykKKwor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ0NOVFJfRUwwICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMywwKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNWEVWVFlQRVJf RUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMywxKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNWEVWQ05UUl9FTDAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMywyKQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1VU0VSRU5SX0VMMCAgSFNSX1NZU1JF RygzLDMsYzksYzE0LDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1PVlNTRVRf RUwwICAgSFNSX1NZU1JFRygzLDMsYzksYzE0LDMpCisKICNkZWZpbmUgSFNS X1NZU1JFR19DTlRQQ1RfRUwwICAgICBIU1JfU1lTUkVHKDMsMyxjMTQsYzAs MCkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX0NUTF9FTDAgICBIU1JfU1lT UkVHKDMsMyxjMTQsYzIsMSkKICNkZWZpbmUgSFNSX1NZU1JFR19DTlRQX1RW QUxfRUwwICBIU1JfU1lTUkVHKDMsMyxjMTQsYzIsMCkKLS0gCjEuNy4xMC40 Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-01.patch" Content-Disposition: attachment; filename="xsa93-unstable-01.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAxOTowMToyMCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBJbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHdo ZW4gdGhlCiBjb3Byb2Mvc3lzcmVnIGlzIG5vdCBoYW5kbGVkCgpDdXJyZW50 bHkgWGVuIHBhbmljcyBpZiBpdCdzIHVuYWJsZSB0byBoYW5kbGUgYSBjb3By b2Nlc3Nvci9zeXNyZWcgaW5zdHJ1Y3Rpb24uClJlcGxhY2UgdGhpcyBiZWhh dmlvciBieSBpbmplY3QgYW4gdW5kZWZpbmVkIGluc3RydWN0aW9uIHRvIHRo ZSBmYXVsdHkgZ3Vlc3QKYW5kIGxvZyBpZiBYZW4gaXMgaW4gZGVidWcgbW9k ZS4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jIHwg ICA2MSArKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tLS0t LS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDQxIGluc2VydGlvbnMoKyks IDIwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90 cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggYTdlZGM0ZS4u OTJiNzkxMCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysr IGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTEzNTEsMTAgKzEzNTEsMTYg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV8zMihzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgICAgKnIgPSB2LT5hcmNoLmFjdGxyOwogICAg ICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBwcmludGsoIiVz IHAxNSwgJWQsIHIlZCwgY3IlZCwgY3IlZCwgJWQgQCAweCUiUFJJcmVnaXN0 ZXIiXG4iLAotICAgICAgICAgICAgICAgY3AzMi5yZWFkID8gIm1yYyIgOiAi bWNyIiwKLSAgICAgICAgICAgICAgIGNwMzIub3AxLCBjcDMyLnJlZywgY3Az Mi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+cGMpOwotICAgICAg ICBwYW5pYygidW5oYW5kbGVkIDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLCBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjaWZuZGVmIE5ERUJV RworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLAorICAgICAgICAgICAg ICAgICAiJXMgcDE1LCAlZCwgciVkLCBjciVkLCBjciVkLCAlZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCisgICAgICAgICAgICAgICAgIGNwMzIucmVhZCA/ ICJtcmMiIDogIm1jciIsCisgICAgICAgICAgICAgICAgIGNwMzIub3AxLCBj cDMyLnJlZywgY3AzMi5jcm4sIGNwMzIuY3JtLCBjcDMyLm9wMiwgcmVncy0+ cGMpOworICAgICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVk IDMyLWJpdCBDUDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICBo c3IuYml0cyAmIEhTUl9DUDMyX1JFR1NfTUFTSyk7CisjZW5kaWYKKyAgICAg ICAgaW5qZWN0X3VuZGVmMzJfZXhjZXB0aW9uKHJlZ3MpOworICAgICAgICBy ZXR1cm47CiAgICAgfQogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K QEAgLTEzNjIsOCArMTM2OCw2IEBAIHN0YXRpYyB2b2lkIGRvX2NwMTVfMzIo c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiBzdGF0aWMgdm9pZCBkb19j cDE1XzY0KHN0cnVjdCBjcHVfdXNlcl9yZWdzICpyZWdzLAogICAgICAgICAg ICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewotICAgIHN0cnVjdCBo c3JfY3A2NCBjcDY0ID0gaHNyLmNwNjQ7Ci0KICAgICBpZiAoICFjaGVja19j b25kaXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKICAgICB7CiAgICAgICAg IGFkdmFuY2VfcGMocmVncywgaHNyKTsKQEAgLTEzODEsMTAgKzEzODUsMjAg QEAgc3RhdGljIHZvaWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVn cyAqcmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZh dWx0OgotICAgICAgICBwcmludGsoIiVzIHAxNSwgJWQsIHIlZCwgciVkLCBj ciVkIEAgMHglIlBSSXJlZ2lzdGVyIlxuIiwKLSAgICAgICAgICAgICAgIGNw NjQucmVhZCA/ICJtcnJjIiA6ICJtY3JyIiwKLSAgICAgICAgICAgICAgIGNw NjQub3AxLCBjcDY0LnJlZzEsIGNwNjQucmVnMiwgY3A2NC5jcm0sIHJlZ3Mt PnBjKTsKLSAgICAgICAgcGFuaWMoInVuaGFuZGxlZCA2NC1iaXQgQ1AxNSBh Y2Nlc3MgJSN4IiwgaHNyLmJpdHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOwor ICAgICAgICB7CisjaWZuZGVmIE5ERUJVRworICAgICAgICAgICAgc3RydWN0 IGhzcl9jcDY0IGNwNjQgPSBoc3IuY3A2NDsKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyBw MTUsICVkLCByJWQsIHIlZCwgY3IlZCBAIDB4JSJQUklyZWdpc3RlciJcbiIs CisgICAgICAgICAgICAgICAgICAgICBjcDY0LnJlYWQgPyAibXJyYyIgOiAi bWNyciIsCisgICAgICAgICAgICAgICAgICAgICBjcDY0Lm9wMSwgY3A2NC5y ZWcxLCBjcDY0LnJlZzIsIGNwNjQuY3JtLCByZWdzLT5wYyk7CisgICAgICAg ICAgICBnZHByaW50ayhYRU5MT0dfRVJSLCAidW5oYW5kbGVkIDY0LWJpdCBD UDE1IGFjY2VzcyAlI3giLAorICAgICAgICAgICAgICAgICAgICAgaHNyLmJp dHMgJiBIU1JfQ1A2NF9SRUdTX01BU0spOworI2VuZGlmCisgICAgICAgICAg ICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7CisgICAgICAgICAg ICByZXR1cm47CisgICAgICAgIH0KICAgICB9CiAgICAgYWR2YW5jZV9wYyhy ZWdzLCBoc3IpOwogfQpAQCAtMTM5Myw3ICsxNDA3LDYgQEAgc3RhdGljIHZv aWQgZG9fY3AxNV82NChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKIHN0 YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVn cywKICAgICAgICAgICAgICAgICAgICAgICB1bmlvbiBoc3IgaHNyKQogewot ICAgIHN0cnVjdCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAK ICAgICBzd2l0Y2ggKCBoc3IuYml0cyAmIEhTUl9TWVNSRUdfUkVHU19NQVNL ICkKICAgICB7CkBAIC0xNDA3LDE1ICsxNDIwLDIzIEBAIHN0YXRpYyB2b2lk IGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAqcmVncywKICAgICAg ICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0OgotICAgICAgICBw cmludGsoIiVzICVkLCAlZCwgYyVkLCBjJWQsICVkICVzIHglZCBAIDB4JSJQ UklyZWdpc3RlciJcbiIsCi0gICAgICAgICAgICAgICBzeXNyZWcucmVhZCA/ ICJtcnMiIDogIm1zciIsCi0gICAgICAgICAgICAgICBzeXNyZWcub3AwLCBz eXNyZWcub3AxLAotICAgICAgICAgICAgICAgc3lzcmVnLmNybiwgc3lzcmVn LmNybSwKLSAgICAgICAgICAgICAgIHN5c3JlZy5vcDIsCi0gICAgICAgICAg ICAgICBzeXNyZWcucmVhZCA/ICI9PiIgOiAiPD0iLAotICAgICAgICAgICAg ICAgc3lzcmVnLnJlZywgcmVncy0+cGMpOwotICAgICAgICBwYW5pYygidW5o YW5kbGVkIDY0LWJpdCBzeXNyZWcgYWNjZXNzICUjeCIsCi0gICAgICAgICAg ICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOworICAgICAg ICB7CisgICAgICAgICAgICBzdHJ1Y3QgaHNyX3N5c3JlZyBzeXNyZWcgPSBo c3Iuc3lzcmVnOworI2lmbmRlZiBOREVCVUcKKworICAgICAgICAgICAgZ2Rw cmludGsoWEVOTE9HX0VSUiwKKyAgICAgICAgICAgICAgICAgICAgICIlcyAl ZCwgJWQsIGMlZCwgYyVkLCAlZCAlcyB4JWQgQCAweCUiUFJJcmVnaXN0ZXIi XG4iLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAibXJz IiA6ICJtc3IiLAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLm9wMCwg c3lzcmVnLm9wMSwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5jcm4s IHN5c3JlZy5jcm0sCisgICAgICAgICAgICAgICAgICAgICBzeXNyZWcub3Ay LAorICAgICAgICAgICAgICAgICAgICAgc3lzcmVnLnJlYWQgPyAiPT4iIDog Ijw9IiwKKyAgICAgICAgICAgICAgICAgICAgIHN5c3JlZy5yZWcsIHJlZ3Mt PnBjKTsKKyAgICAgICAgICAgIGdkcHJpbnRrKFhFTkxPR19FUlIsICJ1bmhh bmRsZWQgNjQtYml0IHN5c3JlZyBhY2Nlc3MgJSN4IiwKKyAgICAgICAgICAg ICAgICAgICAgIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0spOwor I2VuZGlmCisgICAgICAgICAgICBpbmplY3RfdW5kZWY2NF9leGNlcHRpb24o cmVncywgc3lzcmVnLmxlbik7CisgICAgICAgIH0KICAgICB9CiAKICAgICBy ZWdzLT5wYyArPSA0OwotLSAKMS43LjEwLjQKCg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-02.patch" Content-Disposition: attachment; filename="xsa93-unstable-02.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDozNzoxNiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgdGhlIGd1ZXN0IGFjY2VzcyB0aGUgY29w cm9jZXNzb3JzCiByZWdpc3RlcnMKCkluIFhlbiB3ZSBvbmx5IGhhbmRsZSBz YXZlL3Jlc3RvcmUgZm9yIGNvcHJvY2Vzc29yIDEwIGFuZCAxMSAoTkVPTiku IE90aGVyCmNvcHJvY2Vzc29ycyAoMC05LCAxMi0xMykgYXJlIGN1cnJlbnRs eSBleHBvc2VkIHRvIHRoZSBndWVzdCBhbmQgbWF5IGxlYWQKdG8gZGF0YSBz aGFyZWQgYmV0d2VlbiBndWVzdC4KCkRpc2FibGUgYWNjZXNzIHRvIGFsbCBj b3Byb2Nlc3NvciBleGNlcHQgMTAgYW5kIDExIGJ5IHNldHRpbmcgY29ycmVj dGx5CkhDVFBSLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdyYWxsIDxqdWxp ZW4uZ3JhbGxAbGluYXJvLm9yZz4KQWNrZWQtYnk6IElhbiBDYW1wYmVsbCA8 aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+Ci0tLQogeGVuL2FyY2gvYXJtL3Ry YXBzLmMgICAgICAgICAgICB8ICAgMjIgKysrKysrKysrKysrKysrKysrKysr KwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaCAgICB8ICAgIDIgKysK IHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmggfCAgICA3ICsrKysr Ky0KIDMgZmlsZXMgY2hhbmdlZCwgMzAgaW5zZXJ0aW9ucygrKSwgMSBkZWxl dGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90cmFwcy5jIGIv eGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggOTJiNzkxMC4uOTdhYjI4NiAx MDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMKKysrIGIveGVuL2Fy Y2gvYXJtL3RyYXBzLmMKQEAgLTc0LDYgKzc0LDEyIEBAIHZvaWQgX19jcHVp bml0IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9y IGJhc2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBz X3ZlY3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBhbGwgY29wcm9j ZXNzb3IgcmVnaXN0ZXJzICgwLTEzKSBleGNlcHQgY3AxMCBhbmQgY3AxMSBm b3IgVkZQCisgICAgICogLyFcIEFsbCBwcm9jZXNzb3JzIGV4Y2VwdCBjcDEw IGFuZCBjcDExIGNhbm5vdCBiZSB1c2VkIGluIFhlbgorICAgICAqLworICAg IFdSSVRFX1NZU1JFRygoSENQVFJfQ1BfTUFTSyAmIH4oSENQVFJfQ1AoMTAp IHwgSENQVFJfQ1AoMTEpKSkgfCBIQ1BUUl9UVEEsCisgICAgICAgICAgICAg ICAgIENQVFJfRUwyKTsKKwogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJh cHMgKi8KICAgICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVS fEhDUl9BTU98SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAogICAg ICAgICAgICAgICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKQEAgLTE0MDMsNiAr MTQwOSwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsK IH0KIAorc3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3Mg KnJlZ3MsIHVuaW9uIGhzciBoc3IpCit7CisgICAgaWYgKCAhY2hlY2tfY29u ZGl0aW9uYWxfaW5zdHIocmVncywgaHNyKSApCisgICAgeworICAgICAgICBh ZHZhbmNlX3BjKHJlZ3MsIGhzcik7CisgICAgICAgIHJldHVybjsKKyAgICB9 CisKKyAgICBpbmplY3RfdW5kZWYzMl9leGNlcHRpb24ocmVncyk7Cit9CisK ICNpZmRlZiBDT05GSUdfQVJNXzY0CiBzdGF0aWMgdm9pZCBkb19zeXNyZWco c3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAg ICAgICAgdW5pb24gaHNyIGhzcikKQEAgLTE1OTQsNiArMTYxMSwxMSBAQCBh c21saW5rYWdlIHZvaWQgZG9fdHJhcF9oeXBlcnZpc29yKHN0cnVjdCBjcHVf dXNlcl9yZWdzICpyZWdzKQogICAgICAgICAgICAgZ290byBiYWRfdHJhcDsK ICAgICAgICAgZG9fY3AxNV82NChyZWdzLCBoc3IpOwogICAgICAgICBicmVh azsKKyAgICBjYXNlIEhTUl9FQ19DUDoKKyAgICAgICAgaWYgKCAhaXNfMzJi aXRfZG9tYWluKGN1cnJlbnQtPmRvbWFpbikgKQorICAgICAgICAgICAgZ290 byBiYWRfdHJhcDsKKyAgICAgICAgZG9fY3AocmVncywgaHNyKTsKKyAgICAg ICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNfU01DMzI6CiAgICAgICAgIGlu amVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKICAgICAgICAgYnJlYWs7 CmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCA1MDg0NjdhLi4y YjQxMWFmIDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVn cy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTEx NSw2ICsxMTUsNyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAs YzEsYzEsMiAgIC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0 ZXIgKi8KICNkZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAg ICAvKiBIeXAuIFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhDUiAgICAgICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25m aWd1cmF0aW9uIFJlZ2lzdGVyICovCisjZGVmaW5lIEhDUFRSICAgICAgICAg ICBwMTUsNCxjMSxjMSwyICAgLyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJl Z2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJsZSBC YXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJDUiAg ICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24gVGFi bGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNjAsNiArMjYxLDcg QEAKICNkZWZpbmUgQ05UVl9DVkFMX0VMMCAgICAgICAgICAgQ05UVl9DVkFM CiAjZGVmaW5lIENPTlRFWFRJRFJfRUwxICAgICAgICAgIENPTlRFWFRJRFIK ICNkZWZpbmUgQ1BBQ1JfRUwxICAgICAgICAgICAgICAgQ1BBQ1IKKyNkZWZp bmUgQ1BUUl9FTDIgICAgICAgICAgICAgICAgSENQVFIKICNkZWZpbmUgQ1NT RUxSX0VMMSAgICAgICAgICAgICAgQ1NTRUxSCiAjZGVmaW5lIERBQ1IzMl9F TDIgICAgICAgICAgICAgIERBQ1IKICNkZWZpbmUgRVNSX0VMMSAgICAgICAg ICAgICAgICAgREZTUgpkaWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFy bS9wcm9jZXNzb3IuaCBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29y LmgKaW5kZXggMDZlNjM4Zi4uMDJjZWZlOSAxMDA2NDQKLS0tIGEveGVuL2lu Y2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oCkBAIC04NCwxMyArODQsMTggQEAKICNkZWZp bmUgSENSX1NXSU8gICAgICAgIChfQUMoMSxVTCk8PDEpIC8qIFNldC9XYXkg SW52YWxpZGF0aW9uIE92ZXJyaWRlICovCiAjZGVmaW5lIEhDUl9WTSAgICAg ICAgICAoX0FDKDEsVUwpPDwwKSAvKiBWaXJ0dWFsIE1NVSBFbmFibGUgKi8K IAorLyogSENQVFIgSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICov CisjZGVmaW5lIEhDUFRSX1RUQSAgICAgICAoKF9BQygxLFUpPDwyMCkpICAg ICAgICAvKiBUcmFwIHRyYWNlIHJlZ2lzdGVycyAqLworI2RlZmluZSBIQ1BU Ul9DUCh4KSAgICAgKChfQUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBD b3Byb2Nlc3NvciB4ICovCisjZGVmaW5lIEhDUFRSX0NQX01BU0sgICAoKF9B QygxLFUpPDwxNCktMSkKKwogI2RlZmluZSBIU1JfRUNfVU5LTk9XTiAgICAg ICAgICAgICAgMHgwMAogI2RlZmluZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAg ICAgICAgMHgwMQogI2RlZmluZSBIU1JfRUNfQ1AxNV8zMiAgICAgICAgICAg ICAgMHgwMwogI2RlZmluZSBIU1JfRUNfQ1AxNV82NCAgICAgICAgICAgICAg MHgwNAogI2RlZmluZSBIU1JfRUNfQ1AxNF8zMiAgICAgICAgICAgICAgMHgw NQogI2RlZmluZSBIU1JfRUNfQ1AxNF9EQkcgICAgICAgICAgICAgMHgwNgot I2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNworI2Rl ZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAgMHgwNyAgICAgICAg LyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQMTMgKi8KICNkZWZp bmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4MDgKICNkZWZpbmUg SFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkKICNkZWZpbmUgSFNS X0VDX0JYSiAgICAgICAgICAgICAgICAgIDB4MGEKLS0gCjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-03.patch" Content-Disposition: attachment; filename="xsa93-unstable-03.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDo0Njo0MyArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBVcGdyYWRlIERDSVNXIGludG8gRENDSVNXCgpBIGd1ZXN0 IGlzIGFsbG93ZWQgdG8gdXNlIGludmFsaWRhdGUgY2FjaGUgYnkgc2V0L3dh eSBpbnN0cnVjdGlvbiAoaS5lIERDSVNXKQp3aXRob3V0IGFueSByZXN0cmlj dGlvbi4gQXMgdGhlIGNhY2hlIGlzIHNoYXJlZCB3aXRoIFhlbiwgdGhlIGd1 ZXN0IGludmFsaWRhdGUKYW4gYWRkcmVzcyBiZWluZyBpbiB1c2VkIGJ5IFhl bi4gVGhpcyBtYXkgbGVhZCBhIFhlbiBjcmFzaCBiZWNhdXNlIHRoZSBtZW1v cnkKc3RhdGUgaXMgaW52YWxpZC4KU2V0IHRoZSBiaXQgSENSLlNXSU8gdG8g dXBncmFkZSBpbnZhbGlkYXRlIGNhY2hlIGJ5IHNldC93YXkgaW5zdHJ1Y3Rp b24gdG8gYW4KaW52YWxpZGF0ZSBhbmQgY2xlYW4uCgpTaWduZWQtb2ZmLWJ5 OiBKdWxpZW4gR3JhbGwgPGp1bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpSZXBv cnRlZC1ieTogVGhvbWFzIExlb25hcmQgPHRhbDM2QGNhbS5hYy51az4KQWNr ZWQtYnk6IElhbiBDYW1wYmVsbCA8aWFuLmNhbXBiZWxsQGNpdHJpeC5jb20+ Ci0tLQogeGVuL2FyY2gvYXJtL3RyYXBzLmMgfCAgICAyICstCiAxIGZpbGUg Y2hhbmdlZCwgMSBpbnNlcnRpb24oKyksIDEgZGVsZXRpb24oLSkKCmRpZmYg LS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90 cmFwcy5jCmluZGV4IDk3YWIyODYuLjE3YWM4ZDggMTAwNjQ0Ci0tLSBhL3hl bi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5j CkBAIC04Miw3ICs4Miw3IEBAIHZvaWQgX19jcHVpbml0IGluaXRfdHJhcHMo dm9pZCkKIAogICAgIC8qIFNldHVwIGh5cGVydmlzb3IgdHJhcHMgKi8KICAg ICBXUklURV9TWVNSRUcoSENSX1BUV3xIQ1JfQlNVX0lOTkVSfEhDUl9BTU98 SENSX0lNT3xIQ1JfVk18SENSX1RXSXxIQ1JfVFNDfAotICAgICAgICAgICAg ICAgICBIQ1JfVEFDLCBIQ1JfRUwyKTsKKyAgICAgICAgICAgICAgICAgSENS X1RBQ3xIQ1JfU1dJTywgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-04.patch" Content-Disposition: attachment; filename="xsa93-unstable-04.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogTW9uLCAxNCBBcHIgMjAxNCAyMDowMDoxNCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBUcmFwIGNhY2hlIGFuZCBUQ00gbG9ja2Rvd24gcmVnaXN0 ZXJzCgpTb21lIGNwMTUgYzkvYzEwL2MxMSBlbmNvZGluZ3MgYXJlIHVzZWQg Zm9yOgogICAgIC0gY2FjaGUgY29udHJvbAogICAgIC0gVENNIGNvbnRyb2wK ICAgICAtIGJyYW5jaCBwcmVkaWN0b3IgY29udHJvbAoKQWxsIG9mIHRoZW0g YXJlIGltcGxlbWVudGF0aW9uIGRlZmluZWQuIEZvciBub3cgaW5qZWN0IGFu IHVuZGVmaW5lZCBleGNlcHRpb24KaWYgdGhlIGd1ZXN0IHdhbnRzIHRyeSB0 byBhY2Nlc3MgaXQuCgpTaWduZWQtb2ZmLWJ5OiBKdWxpZW4gR3JhbGwgPGp1 bGllbi5ncmFsbEBsaW5hcm8ub3JnPgpBY2tlZC1ieTogSWFuIENhbXBiZWxs IDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4ZW4vYXJjaC9hcm0v dHJhcHMuYyB8ICAgIDIgKy0KIDEgZmlsZSBjaGFuZ2VkLCAxIGluc2VydGlv bigrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2Fy bS90cmFwcy5jIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKaW5kZXggMTdhYzhk OC4uYjc3ZTYyMyAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL3RyYXBzLmMK KysrIGIveGVuL2FyY2gvYXJtL3RyYXBzLmMKQEAgLTgyLDcgKzgyLDcgQEAg dm9pZCBfX2NwdWluaXQgaW5pdF90cmFwcyh2b2lkKQogCiAgICAgLyogU2V0 dXAgaHlwZXJ2aXNvciB0cmFwcyAqLwogICAgIFdSSVRFX1NZU1JFRyhIQ1Jf UFRXfEhDUl9CU1VfSU5ORVJ8SENSX0FNT3xIQ1JfSU1PfEhDUl9WTXxIQ1Jf VFdJfEhDUl9UU0N8Ci0gICAgICAgICAgICAgICAgIEhDUl9UQUN8SENSX1NX SU8sIEhDUl9FTDIpOworICAgICAgICAgICAgICAgICBIQ1JfVEFDfEhDUl9T V0lPfEhDUl9USURDUCwgSENSX0VMMik7CiAgICAgaXNiKCk7CiB9CiAKLS0g CjEuNy4xMC40Cgo= --=separator Content-Type: application/octet-stream; name="xsa93-unstable-05.patch" Content-Disposition: attachment; filename="xsa93-unstable-05.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxMjo0NToyOCArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBleHBvc2UgaW1wbGVtZW50YXRpb24gZGVmaW5l ZCByZWdpc3RlcnMKIChDcDE1IGMxNSkgdG8gdGhlIGd1ZXN0CgpPbiBDb3J0 ZXgtQTE1LCBDUDE1IGMxNSBjb250YWlucyByZWdpc3RlcnMgdG8gcmV0cmll dmUgZGF0YSBmcm9tIEwxL0wyIFJBTS4KCkV4cG9zaW5nIHRoaXMgcmVnaXN0 ZXJzIHRvIGd1ZXN0IG1heSByZXN1bHQgdG8gbGVhayBkYXRhIGZyb20gWGVu IGFuZC9vcgphbm90aGVyIGd1ZXN0LgoKQnkgZGVmYXVsdCB0cmFwIGV2ZXJ5 IHJlZ2lzdGVycyBhbmQgaW5qZWN0IGFuIHVuZGVmaW5lZCBpbnN0cnVjdGlv bi4KClNpZ25lZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxs QGxpbmFyby5vcmc+CkFja2VkLWJ5OiBJYW4gQ2FtcGJlbGwgPGlhbi5jYW1w YmVsbEBjaXRyaXguY29tPgotLS0KIHhlbi9hcmNoL2FybS90cmFwcy5jICAg ICAgICAgICAgfCAgICAzICsrKwogeGVuL2luY2x1ZGUvYXNtLWFybS9jcHJl Z3MuaCAgICB8ICAgIDIgKysKIHhlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vz c29yLmggfCAgICAzICsrKwogMyBmaWxlcyBjaGFuZ2VkLCA4IGluc2VydGlv bnMoKykKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdHJhcHMuYyBiL3hl bi9hcmNoL2FybS90cmFwcy5jCmluZGV4IGI3N2U2MjMuLjcxMGU1Y2MgMTAw NjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5jCisrKyBiL3hlbi9hcmNo L2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCw5IEBAIHZvaWQgX19jcHVpbml0 IGluaXRfdHJhcHModm9pZCkKICAgICAvKiBTZXR1cCBIeXAgdmVjdG9yIGJh c2UgKi8KICAgICBXUklURV9TWVNSRUcoKHZhZGRyX3QpaHlwX3RyYXBzX3Zl Y3RvciwgVkJBUl9FTDIpOwogCisgICAgLyogVHJhcCBDUDE1IGMxNSB1c2Vk IGZvciBpbXBsZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLworICAg IFdSSVRFX1NZU1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CisKICAgICAv KiBUcmFwIGFsbCBjb3Byb2Nlc3NvciByZWdpc3RlcnMgKDAtMTMpIGV4Y2Vw dCBjcDEwIGFuZCBjcDExIGZvciBWRlAKICAgICAgKiAvIVwgQWxsIHByb2Nl c3NvcnMgZXhjZXB0IGNwMTAgYW5kIGNwMTEgY2Fubm90IGJlIHVzZWQgaW4g WGVuCiAgICAgICovCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L2NwcmVncy5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRl eCAyYjQxMWFmLi5lOWE4MDk0IDEwMDY0NAotLS0gYS94ZW4vaW5jbHVkZS9h c20tYXJtL2NwcmVncy5oCisrKyBiL3hlbi9pbmNsdWRlL2FzbS1hcm0vY3By ZWdzLmgKQEAgLTExNiw2ICsxMTYsNyBAQAogI2RlZmluZSBIU0NUTFIgICAg ICAgICAgcDE1LDQsYzEsYzAsMCAgIC8qIEh5cC4gU3lzdGVtIENvbnRyb2wg UmVnaXN0ZXIgKi8KICNkZWZpbmUgSENSICAgICAgICAgICAgIHAxNSw0LGMx LGMxLDAgICAvKiBIeXAuIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSENQVFIgICAgICAgICAgIHAxNSw0LGMxLGMxLDIgICAvKiBIeXAu IENvcHJvY2Vzc29yIFRyYXAgUmVnaXN0ZXIgKi8KKyNkZWZpbmUgSFNUUiAg ICAgICAgICAgIHAxNSw0LGMxLGMxLDMgICAvKiBIeXAuIFN5c3RlbSBUcmFw IFJlZ2lzdGVyICovCiAKIC8qIENQMTUgQ1IyOiBUcmFuc2xhdGlvbiBUYWJs ZSBCYXNlIGFuZCBDb250cm9sIFJlZ2lzdGVycyAqLwogI2RlZmluZSBUVEJD UiAgICAgICAgICAgcDE1LDAsYzIsYzAsMiAgIC8qIFRyYW5zbGF0YXRpb24g VGFibGUgQmFzZSBDb250cm9sIFJlZ2lzdGVyICovCkBAIC0yNzAsNiArMjcx LDcgQEAKICNkZWZpbmUgRkFSX0VMMiAgICAgICAgICAgICAgICAgSElGQVIK ICNkZWZpbmUgSENSX0VMMiAgICAgICAgICAgICAgICAgSENSCiAjZGVmaW5l IEhQRkFSX0VMMiAgICAgICAgICAgICAgIEhQRkFSCisjZGVmaW5lIEhTVFJf RUwyICAgICAgICAgICAgICAgIEhTVFIKICNkZWZpbmUgSURfQUZSMF9FTDEg ICAgICAgICAgICAgSURfQUZSMAogI2RlZmluZSBJRF9ERlIwX0VMMSAgICAg ICAgICAgICBJRF9ERlIwCiAjZGVmaW5lIElEX0lTQVIwX0VMMSAgICAgICAg ICAgIElEX0lTQVIwCmRpZmYgLS1naXQgYS94ZW4vaW5jbHVkZS9hc20tYXJt L3Byb2Nlc3Nvci5oIGIveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3Iu aAppbmRleCAwMmNlZmU5Li43NTA4NjRhIDEwMDY0NAotLS0gYS94ZW4vaW5j bHVkZS9hc20tYXJtL3Byb2Nlc3Nvci5oCisrKyBiL3hlbi9pbmNsdWRlL2Fz bS1hcm0vcHJvY2Vzc29yLmgKQEAgLTg5LDYgKzg5LDkgQEAKICNkZWZpbmUg SENQVFJfQ1AoeCkgICAgICgoX0FDKDEsVSk8PCh4KSkpICAgICAgIC8qIFRy YXAgQ29wcm9jZXNzb3IgeCAqLwogI2RlZmluZSBIQ1BUUl9DUF9NQVNLICAg KChfQUMoMSxVKTw8MTQpLTEpCiAKKy8qIEhTVFIgSHlwLiBTeXN0ZW0gVHJh cCBSZWdpc3RlciAqLworI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChfQUMo MSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KKwogI2Rl ZmluZSBIU1JfRUNfVU5LTk9XTiAgICAgICAgICAgICAgMHgwMAogI2RlZmlu ZSBIU1JfRUNfV0ZJX1dGRSAgICAgICAgICAgICAgMHgwMQogI2RlZmluZSBI U1JfRUNfQ1AxNV8zMiAgICAgICAgICAgICAgMHgwMwotLSAKMS43LjEwLjQK Cg== --=separator Content-Type: application/octet-stream; name="xsa93-unstable-06.patch" Content-Disposition: attachment; filename="xsa93-unstable-06.patch" Content-Transfer-Encoding: base64 RnJvbTogSnVsaWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4K RGF0ZTogVHVlLCAxNSBBcHIgMjAxNCAxNDowNjo0MiArMDEwMApTdWJqZWN0 OiB4ZW4vYXJtOiBEb24ndCBsZXQgZ3Vlc3MgYWNjZXNzIHRvIERlYnVnIGFu ZCBQZXJmb3JtYW5jZQogTW9uaXRvciByZWdpc3RlcnMKCkRlYnVnIGFuZCBw ZXJmb3JtYW5jZSByZWdpc3RlcnMgYXJlIG5vdCBwcm9wZXJseSBzd2l0Y2hl ZCBieSBYZW4uCgpUcmFwIHRoZW0gYW5kIGluamVjdCBhbiB1bmRlZmluZWQg aW5zdHJ1Y3Rpb24sIGV4Y2VwdCBmb3IgdGhvc2UgcmVnaXN0ZXJzCndoaWNo IG1pZ2h0IGJlIHVuY29uZGl0aW9uYWxseSBhY2Nlc3NlZCB3aGljaCB3ZSBp bXBsZW1lbnQgYXMgUkFaL1dJLgoKU2lnbmVkLW9mZi1ieTogSnVsaWVuIEdy YWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KU2lnbmVkLW9mZi1ieTog SWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KLS0tCiB4 ZW4vYXJjaC9hcm0vdHJhcHMuYyAgICAgICAgICAgIHwgICA1OSArKysrKysr KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysKIHhlbi9pbmNsdWRl L2FzbS1hcm0vY3ByZWdzLmggICAgfCAgICAyICsrCiB4ZW4vaW5jbHVkZS9h c20tYXJtL3Byb2Nlc3Nvci5oIHwgICAxMSArKysrKystLQogeGVuL2luY2x1 ZGUvYXNtLWFybS9zeXNyZWdzLmggICB8ICAgNDMgKysrKysrKysrKysrKysr KysrKysrKysrKysrKwogNCBmaWxlcyBjaGFuZ2VkLCAxMTMgaW5zZXJ0aW9u cygrKSwgMiBkZWxldGlvbnMoLSkKCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9h cm0vdHJhcHMuYyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCmluZGV4IDcxMGU1 Y2MuLjM5YzI0NjggMTAwNjQ0Ci0tLSBhL3hlbi9hcmNoL2FybS90cmFwcy5j CisrKyBiL3hlbi9hcmNoL2FybS90cmFwcy5jCkBAIC03NCw2ICs3NCwxMCBA QCB2b2lkIF9fY3B1aW5pdCBpbml0X3RyYXBzKHZvaWQpCiAgICAgLyogU2V0 dXAgSHlwIHZlY3RvciBiYXNlICovCiAgICAgV1JJVEVfU1lTUkVHKCh2YWRk cl90KWh5cF90cmFwc192ZWN0b3IsIFZCQVJfRUwyKTsKIAorICAgIC8qIFRy YXAgRGVidWcgYW5kIFBlcmZvcm1hbmNlIE1vbml0b3IgYWNjZXNzZXMgKi8K KyAgICBXUklURV9TWVNSRUcoSERDUl9URFJBfEhEQ1JfVERPU0F8SERDUl9U REF8SERDUl9UUE18SERDUl9UUE1DUiwKKyAgICAgICAgICAgICAgICAgTURD Ul9FTDIpOworCiAgICAgLyogVHJhcCBDUDE1IGMxNSB1c2VkIGZvciBpbXBs ZW1lbnRhdGlvbiBkZWZpbmVkIHJlZ2lzdGVycyAqLwogICAgIFdSSVRFX1NZ U1JFRyhIU1RSX1QoMTUpLCBIU1RSX0VMMik7CiAKQEAgLTE0MTIsNiArMTQx NiwxNyBAQCBzdGF0aWMgdm9pZCBkb19jcDE1XzY0KHN0cnVjdCBjcHVfdXNl cl9yZWdzICpyZWdzLAogICAgIGFkdmFuY2VfcGMocmVncywgaHNyKTsKIH0K IAorc3RhdGljIHZvaWQgZG9fY3AxNChzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywgdW5pb24gaHNyIGhzcikKK3sKKyAgICBpZiAoICFjaGVja19jb25k aXRpb25hbF9pbnN0cihyZWdzLCBoc3IpICkKKyAgICB7CisgICAgICAgIGFk dmFuY2VfcGMocmVncywgaHNyKTsKKyAgICAgICAgcmV0dXJuOworICAgIH0K KworICAgIGluamVjdF91bmRlZjMyX2V4Y2VwdGlvbihyZWdzKTsKK30KKwog c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiB7CiAgICAgaWYgKCAhY2hlY2tfY29uZGl0aW9u YWxfaW5zdHIocmVncywgaHNyKSApCkBAIC0xNDI3LDkgKzE0NDIsNDYgQEAg c3RhdGljIHZvaWQgZG9fY3Aoc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Ms IHVuaW9uIGhzciBoc3IpCiBzdGF0aWMgdm9pZCBkb19zeXNyZWcoc3RydWN0 IGNwdV91c2VyX3JlZ3MgKnJlZ3MsCiAgICAgICAgICAgICAgICAgICAgICAg dW5pb24gaHNyIGhzcikKIHsKKyAgICByZWdpc3Rlcl90ICp4ID0gc2VsZWN0 X3VzZXJfcmVnKHJlZ3MsIGhzci5zeXNyZWcucmVnKTsKIAogICAgIHN3aXRj aCAoIGhzci5iaXRzICYgSFNSX1NZU1JFR19SRUdTX01BU0sgKQogICAgIHsK KyAgICAvKiBSQVovV0kgcmVnaXN0ZXJzOiAqLworICAgIC8qICAtIERlYnVn ICovCisgICAgY2FzZSBIU1JfU1lTUkVHX01EU0NSX0VMMToKKyAgICAvKiAg LSBQZXJmIG1vbml0b3JzICovCisgICAgY2FzZSBIU1JfU1lTUkVHX1BNSU5U RU5TRVRfRUwxOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VM MToKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1DUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNQ05URU5TRVRfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JF R19QTUNOVEVOQ0xSX0VMMDoKKyAgICBjYXNlIEhTUl9TWVNSRUdfUE1PVlND TFJfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTVNXSU5DX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1TRUxSX0VMMDoKKyAgICBjYXNlIEhTUl9T WVNSRUdfUE1DRUlEMF9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNQ0VJ RDFfRUwwOgorICAgIGNhc2UgSFNSX1NZU1JFR19QTUNDTlRSX0VMMDoKKyAg ICBjYXNlIEhTUl9TWVNSRUdfUE1YRVZUWVBFUl9FTDA6CisgICAgY2FzZSBI U1JfU1lTUkVHX1BNWEVWQ05UUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVH X1BNVVNFUkVOUl9FTDA6CisgICAgY2FzZSBIU1JfU1lTUkVHX1BNT1ZTU0VU X0VMMDoKKyAgICAvKiAtIEJyZWFrcG9pbnRzICovCisgICAgSFNSX1NZU1JF R19EQkdfQ0FTRVMoREJHQlZSKToKKyAgICBIU1JfU1lTUkVHX0RCR19DQVNF UyhEQkdCQ1IpOgorICAgIC8qIC0gIFdhdGNocG9pbnRzICovCisgICAgSFNS X1NZU1JFR19EQkdfQ0FTRVMoREJHV1ZSKToKKyAgICBIU1JfU1lTUkVHX0RC R19DQVNFUyhEQkdXQ1IpOgorICAgICAgICBpZiAoIGhzci5zeXNyZWcucmVh ZCApCisgICAgICAgICAgICAqeCA9IDA7CisgICAgICAgIC8qIGVsc2U6IHdy aXRlIGlnbm9yZWQgKi8KKyAgICAgICAgYnJlYWs7CisKKyAgICAvKiBXcml0 ZSBvbmx5LCBXcml0ZSBpZ25vcmUgcmVnaXN0ZXJzOiAqLworICAgIGNhc2Ug SFNSX1NZU1JFR19PU0xBUl9FTDE6CisgICAgICAgIGlmICggaHNyLnN5c3Jl Zy5yZWFkICkKKyAgICAgICAgICAgIGdvdG8gYmFkX3N5c3JlZzsKKyAgICAg ICAgLyogZWxzZTogd3JpdGUgaWdub3JlZCAqLworICAgICAgICBicmVhazsK ICAgICBjYXNlIEhTUl9TWVNSRUdfQ05UUF9DVExfRUwwOgogICAgIGNhc2Ug SFNSX1NZU1JFR19DTlRQX1RWQUxfRUwwOgogICAgICAgICBpZiAoICF2dGlt ZXJfZW11bGF0ZShyZWdzLCBoc3IpICkKQEAgLTE0NDAsNiArMTQ5Miw3IEBA IHN0YXRpYyB2b2lkIGRvX3N5c3JlZyhzdHJ1Y3QgY3B1X3VzZXJfcmVncyAq cmVncywKICAgICAgICAgfQogICAgICAgICBicmVhazsKICAgICBkZWZhdWx0 OgorIGJhZF9zeXNyZWc6CiAgICAgICAgIHsKICAgICAgICAgICAgIHN0cnVj dCBoc3Jfc3lzcmVnIHN5c3JlZyA9IGhzci5zeXNyZWc7CiAjaWZuZGVmIE5E RUJVRwpAQCAtMTYxNCw2ICsxNjY3LDEyIEBAIGFzbWxpbmthZ2Ugdm9pZCBk b190cmFwX2h5cGVydmlzb3Ioc3RydWN0IGNwdV91c2VyX3JlZ3MgKnJlZ3Mp CiAgICAgICAgICAgICBnb3RvIGJhZF90cmFwOwogICAgICAgICBkb19jcDE1 XzY0KHJlZ3MsIGhzcik7CiAgICAgICAgIGJyZWFrOworICAgIGNhc2UgSFNS X0VDX0NQMTRfMzI6CisgICAgY2FzZSBIU1JfRUNfQ1AxNF9EQkc6CisgICAg ICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5kb21haW4pICkK KyAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CisgICAgICAgIGRvX2NwMTQo cmVncywgaHNyKTsKKyAgICAgICAgYnJlYWs7CiAgICAgY2FzZSBIU1JfRUNf Q1A6CiAgICAgICAgIGlmICggIWlzXzMyYml0X2RvbWFpbihjdXJyZW50LT5k b21haW4pICkKICAgICAgICAgICAgIGdvdG8gYmFkX3RyYXA7CmRpZmYgLS1n aXQgYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oIGIveGVuL2luY2x1 ZGUvYXNtLWFybS9jcHJlZ3MuaAppbmRleCBlOWE4MDk0Li5iZjgxMzNlIDEw MDY0NAotLS0gYS94ZW4vaW5jbHVkZS9hc20tYXJtL2NwcmVncy5oCisrKyBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vY3ByZWdzLmgKQEAgLTExNSw2ICsxMTUs NyBAQAogI2RlZmluZSBOU0FDUiAgICAgICAgICAgcDE1LDAsYzEsYzEsMiAg IC8qIE5vbi1TZWN1cmUgQWNjZXNzIENvbnRyb2wgUmVnaXN0ZXIgKi8KICNk ZWZpbmUgSFNDVExSICAgICAgICAgIHAxNSw0LGMxLGMwLDAgICAvKiBIeXAu IFN5c3RlbSBDb250cm9sIFJlZ2lzdGVyICovCiAjZGVmaW5lIEhDUiAgICAg ICAgICAgICBwMTUsNCxjMSxjMSwwICAgLyogSHlwLiBDb25maWd1cmF0aW9u IFJlZ2lzdGVyICovCisjZGVmaW5lIEhEQ1IgICAgICAgICAgICBwMTUsNCxj MSxjMSwxICAgLyogSHlwLiBEZWJ1ZyBDb25maWd1cmF0aW9uIFJlZ2lzdGVy ICovCiAjZGVmaW5lIEhDUFRSICAgICAgICAgICBwMTUsNCxjMSxjMSwyICAg LyogSHlwLiBDb3Byb2Nlc3NvciBUcmFwIFJlZ2lzdGVyICovCiAjZGVmaW5l IEhTVFIgICAgICAgICAgICBwMTUsNCxjMSxjMSwzICAgLyogSHlwLiBTeXN0 ZW0gVHJhcCBSZWdpc3RlciAqLwogCkBAIC0yODcsNiArMjg4LDcgQEAKICNk ZWZpbmUgSURfUEZSMF9FTDEgICAgICAgICAgICAgSURfUEZSMAogI2RlZmlu ZSBJRF9QRlIxX0VMMSAgICAgICAgICAgICBJRF9QRlIxCiAjZGVmaW5lIElG U1IzMl9FTDIgICAgICAgICAgICAgIElGU1IKKyNkZWZpbmUgTURDUl9FTDIg ICAgICAgICAgICAgICAgSERDUgogI2RlZmluZSBNSURSX0VMMSAgICAgICAg ICAgICAgICBNSURSCiAjZGVmaW5lIE1QSURSX0VMMSAgICAgICAgICAgICAg IE1QSURSCiAjZGVmaW5lIFBBUl9FTDEgICAgICAgICAgICAgICAgIFBBUgpk aWZmIC0tZ2l0IGEveGVuL2luY2x1ZGUvYXNtLWFybS9wcm9jZXNzb3IuaCBi L3hlbi9pbmNsdWRlL2FzbS1hcm0vcHJvY2Vzc29yLmgKaW5kZXggNzUwODY0 YS4uOTI2N2MxYiAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9w cm9jZXNzb3IuaAorKysgYi94ZW4vaW5jbHVkZS9hc20tYXJtL3Byb2Nlc3Nv ci5oCkBAIC05MiwxMiArOTIsMTkgQEAKIC8qIEhTVFIgSHlwLiBTeXN0ZW0g VHJhcCBSZWdpc3RlciAqLwogI2RlZmluZSBIU1RSX1QoeCkgICAgICAgKChf QUMoMSxVKTw8KHgpKSkgICAgICAgLyogVHJhcCBDcDE1IGM8eD4gKi8KIAor LyogSERDUiBIeXAuIERlYnVnIENvbmZpZ3VyYXRpb24gUmVnaXN0ZXIgKi8K KyNkZWZpbmUgSERDUl9URFJBICAgICAgIChfQUMoMSxVKTw8MTEpICAgICAg ICAgIC8qIFRyYXAgRGVidWcgUk9NIGFjY2VzcyAqLworI2RlZmluZSBIRENS X1RET1NBICAgICAgKF9BQygxLFUpPDwxMCkgICAgICAgICAgLyogVHJhcCBE ZWJ1Zy1PUy1yZWxhdGVkIHJlZ2lzdGVyIGFjY2VzcyAqLworI2RlZmluZSBI RENSX1REQSAgICAgICAgKF9BQygxLFUpPDw5KSAgICAgICAgICAgLyogVHJh cCBEZWJ1ZyBBY2Nlc3MgKi8KKyNkZWZpbmUgSERDUl9UUE0gICAgICAgIChf QUMoMSxVKTw8NikgICAgICAgICAgIC8qIFRyYXAgUGVyZm9ybWFuY2UgTW9u aXRvcnMgYWNjZXNzZXMgKi8KKyNkZWZpbmUgSERDUl9UUE1DUiAgICAgIChf QUMoMSxVKTw8NSkgICAgICAgICAgIC8qIFRyYXAgUE1DUiBhY2Nlc3NlcyAq LworCiAjZGVmaW5lIEhTUl9FQ19VTktOT1dOICAgICAgICAgICAgICAweDAw CiAjZGVmaW5lIEhTUl9FQ19XRklfV0ZFICAgICAgICAgICAgICAweDAxCiAj ZGVmaW5lIEhTUl9FQ19DUDE1XzMyICAgICAgICAgICAgICAweDAzCiAjZGVm aW5lIEhTUl9FQ19DUDE1XzY0ICAgICAgICAgICAgICAweDA0Ci0jZGVmaW5l IEhTUl9FQ19DUDE0XzMyICAgICAgICAgICAgICAweDA1Ci0jZGVmaW5lIEhT Ul9FQ19DUDE0X0RCRyAgICAgICAgICAgICAweDA2CisjZGVmaW5lIEhTUl9F Q19DUDE0XzMyICAgICAgICAgICAgICAweDA1ICAgICAgICAvKiBUcmFwcGVk IE1DUiBvciBNUkMgYWNjZXNzIHRvIENQMTQgKi8KKyNkZWZpbmUgSFNSX0VD X0NQMTRfREJHICAgICAgICAgICAgIDB4MDYgICAgICAgIC8qIFRyYXBwZWQg TERDL1NUQyBhY2Nlc3MgdG8gQ1AxNCAob25seSBmb3IgZGVidWcgcmVnaXN0 ZXJzKSAqLwogI2RlZmluZSBIU1JfRUNfQ1AgICAgICAgICAgICAgICAgICAg MHgwNyAgICAgICAgLyogSENQVFItdHJhcHBlZCBhY2Nlc3MgdG8gQ1AwLUNQ MTMgKi8KICNkZWZpbmUgSFNSX0VDX0NQMTAgICAgICAgICAgICAgICAgIDB4 MDgKICNkZWZpbmUgSFNSX0VDX0pBWkVMTEUgICAgICAgICAgICAgIDB4MDkK ZGlmZiAtLWdpdCBhL3hlbi9pbmNsdWRlL2FzbS1hcm0vc3lzcmVncy5oIGIv eGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKaW5kZXggMGNlZTBlOS4u NGE0ZGUzNCAxMDA2NDQKLS0tIGEveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNy ZWdzLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLWFybS9zeXNyZWdzLmgKQEAg LTQwLDYgKzQwLDMxIEBACiAgICAgKChfX0hTUl9TWVNSRUdfIyNjcm0pIDw8 IEhTUl9TWVNSRUdfQ1JNX1NISUZUKSB8IFwKICAgICAoKF9fSFNSX1NZU1JF R18jI29wMikgPDwgSFNSX1NZU1JFR19PUDJfU0hJRlQpCiAKKyNkZWZpbmUg SFNSX1NZU1JFR19NRFNDUl9FTDEgICAgICBIU1JfU1lTUkVHKDIsMCxjMCxj MiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX09TTEFSX0VMMSAgICAgIEhTUl9T WVNSRUcoMiwwLGMxLGMwLDQpCisKKyNkZWZpbmUgSFNSX1NZU1JFR19EQkdC VlJuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDQpCisjZGVmaW5l IEhTUl9TWVNSRUdfREJHQkNSbl9FTDEobikgSFNSX1NZU1JFRygyLDAsYzAs YyMjbiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX0RCR1dWUm5fRUwxKG4pIEhT Ul9TWVNSRUcoMiwwLGMwLGMjI24sNikKKyNkZWZpbmUgSFNSX1NZU1JFR19E QkdXQ1JuX0VMMShuKSBIU1JfU1lTUkVHKDIsMCxjMCxjIyNuLDcpCisKKyNk ZWZpbmUgSFNSX1NZU1JFR19EQkdfQ0FTRVMoUkVHKSBjYXNlIEhTUl9TWVNS RUdfIyNSRUcjI25fRUwxKDApOiAgXAorICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMSk6 ICBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBI U1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgyKTogIFwKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25f RUwxKDMpOiAgXAorICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg IGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoNCk6ICBcCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMj UkVHIyNuX0VMMSg1KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDYpOiAgXAor ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZ U1JFR18jI1JFRyMjbl9FTDEoNyk6ICBcCisgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSg4 KTogIFwKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNl IEhTUl9TWVNSRUdfIyNSRUcjI25fRUwxKDkpOiAgXAorICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMj bl9FTDEoMTApOiBcCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgY2FzZSBIU1JfU1lTUkVHXyMjUkVHIyNuX0VMMSgxMSk6IFwKKyAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdf IyNSRUcjI25fRUwxKDEyKTogXAorICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgIGNhc2UgSFNSX1NZU1JFR18jI1JFRyMjbl9FTDEoMTMpOiBc CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgY2FzZSBIU1Jf U1lTUkVHXyMjUkVHIyNuX0VMMSgxNCk6IFwKKyAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICBjYXNlIEhTUl9TWVNSRUdfIyNSRUcjI25fRUwx KDE1KQorCiAjZGVmaW5lIEhTUl9TWVNSRUdfU0NUTFJfRUwxICAgICAgSFNS X1NZU1JFRygzLDAsYzEsIGMwLDApCiAjZGVmaW5lIEhTUl9TWVNSRUdfVFRC UjBfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIsIGMwLDApCiAjZGVmaW5l IEhTUl9TWVNSRUdfVFRCUjFfRUwxICAgICAgSFNSX1NZU1JFRygzLDAsYzIs IGMwLDEpCkBAIC00OCwxMCArNzMsMjggQEAKICNkZWZpbmUgSFNSX1NZU1JF R19BRlNSMV9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjNSwgYzEsMSkKICNk ZWZpbmUgSFNSX1NZU1JFR19FU1JfRUwxICAgICAgICBIU1JfU1lTUkVHKDMs MCxjNSwgYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JFR19GQVJfRUwxICAgICAg ICBIU1JfU1lTUkVHKDMsMCxjNiwgYzAsMCkKKyNkZWZpbmUgSFNSX1NZU1JF R19QTUlOVEVOU0VUX0VMMSBIU1JfU1lTUkVHKDMsMCxjOSxjMTQsMSkKKyNk ZWZpbmUgSFNSX1NZU1JFR19QTUlOVEVOQ0xSX0VMMSBIU1JfU1lTUkVHKDMs MCxjOSxjMTQsMikKICNkZWZpbmUgSFNSX1NZU1JFR19NQUlSX0VMMSAgICAg ICBIU1JfU1lTUkVHKDMsMCxjMTAsYzIsMCkKICNkZWZpbmUgSFNSX1NZU1JF R19BTUFJUl9FTDEgICAgICBIU1JfU1lTUkVHKDMsMCxjMTAsYzMsMCkKICNk ZWZpbmUgSFNSX1NZU1JFR19DT05URVhUSURSX0VMMSBIU1JfU1lTUkVHKDMs MCxjMTMsYzAsMSkKIAorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ1JfRUwwICAg ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwwKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ05URU5TRVRfRUwwIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwxKQor I2RlZmluZSBIU1JfU1lTUkVHX1BNQ05URU5DTFJfRUwwIEhTUl9TWVNSRUco MywzLGM5LGMxMiwyKQorI2RlZmluZSBIU1JfU1lTUkVHX1BNT1ZTQ0xSX0VM MCAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiwzKQorI2RlZmluZSBIU1JfU1lT UkVHX1BNU1dJTkNfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw0KQor I2RlZmluZSBIU1JfU1lTUkVHX1BNU0VMUl9FTDAgICAgIEhTUl9TWVNSRUco MywzLGM5LGMxMiw1KQorI2RlZmluZSBIU1JfU1lTUkVHX1BNQ0VJRDBfRUww ICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw2KQorI2RlZmluZSBIU1JfU1lT UkVHX1BNQ0VJRDFfRUwwICAgIEhTUl9TWVNSRUcoMywzLGM5LGMxMiw3KQor CisjZGVmaW5lIEhTUl9TWVNSRUdfUE1DQ05UUl9FTDAgICAgSFNSX1NZU1JF RygzLDMsYzksYzEzLDApCisjZGVmaW5lIEhTUl9TWVNSRUdfUE1YRVZUWVBF Ul9FTDAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDEpCisjZGVmaW5lIEhTUl9T WVNSRUdfUE1YRVZDTlRSX0VMMCAgSFNSX1NZU1JFRygzLDMsYzksYzEzLDIp CisKKyNkZWZpbmUgSFNSX1NZU1JFR19QTVVTRVJFTlJfRUwwICBIU1JfU1lT UkVHKDMsMyxjOSxjMTQsMCkKKyNkZWZpbmUgSFNSX1NZU1JFR19QTU9WU1NF VF9FTDAgICBIU1JfU1lTUkVHKDMsMyxjOSxjMTQsMykKKwogI2RlZmluZSBI U1JfU1lTUkVHX0NOVFBDVF9FTDAgICAgIEhTUl9TWVNSRUcoMywzLGMxNCxj MCwwKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBfQ1RMX0VMMCAgIEhTUl9T WVNSRUcoMywzLGMxNCxjMiwxKQogI2RlZmluZSBIU1JfU1lTUkVHX0NOVFBf VFZBTF9FTDAgIEhTUl9TWVNSRUcoMywzLGMxNCxjMiwwKQotLSAKMS43LjEw LjQKCg== --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 13:07:56 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 13:07:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcwsK-0006O5-V1; Wed, 23 Apr 2014 13:06:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcwsJ-0006Nm-U6; Wed, 23 Apr 2014 13:06:08 +0000 Received: from [85.158.139.211:13792] by server-14.bemta-5.messagelabs.com id E2/63-15696-FBAB7535; Wed, 23 Apr 2014 13:06:07 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-7.tower-206.messagelabs.com!1398258365!138844!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13197 invoked from network); 23 Apr 2014 13:06:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 13:06:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wcws9-0008Qj-EL; Wed, 23 Apr 2014 13:05:57 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wcws9-0005ae-0x; Wed, 23 Apr 2014 13:05:57 +0000 Date: Wed, 23 Apr 2014 13:05:57 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-94 ARM hypervisor crash on guest interrupt controller access ISSUE DESCRIPTION ================= When handling a guest access to the virtual GIC distributor (interrupt controller) Xen could dereference a pointer before checking it for validity leading to a hypervisor crash and host Denial of Service. IMPACT ====== A buggy or malicious guest can crash the host. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onward. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. CREDITS ======= The initial bug was discovered by Thomas Leonard and the security aspect was diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa94.patch xen-unstable, Xen 4.4.x $ sha256sum xsa94*.patch ad0f20577400756a1786daeafef86fa870727ec35b48f71f565e4a30dcbda58d xsa94.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV7qTAAoJEIP+FMlX6CvZ08EH/3pIhD1lCXex3pbvo0BFIc2y +XqJmLQ8QVeuk1Q9etEVbJxC8YvbmunefyCyfXIYQpL5jWqJdOAGzSktLOuaGrrM ENG6kFyiC6pxLouJb+BAm3qOfe3vVCdkWh9ouWQGC/3FqbSM+2QGI0vUyxtfmmga IDeQ+CjyWVVhmR7Tb76Gc/pMLnrfD1HTZSgTe8NacqbnZuXzPMrxkKw8BleK/boH L5r/0Y/GqqOe5LRqCOZt8U7jlcfwAs+rqUI0UDz70YvokcBH7RwaRiolZxicLdjP 4lFJH8q9d45EA9JI+Xifv2QZ9tJMRNhRtTQpqIS8swAROOM/SblpPUPlOiPvyaE= =RGUg -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa94.patch" Content-Disposition: attachment; filename="xsa94.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogdmdpYzogQ2hlY2sgcmFuayBpbiBHSUNEX0lDRkdSKiBlbXVs YXRpb24gYmVmb3JlIGxvY2tpbmcKClRoZSBmdW5jdGlvbiB2Z2ljX2lycV9y YW5rIG1heSByZXR1cm4gTlVMTCBpcyB0aGUgSVJRIGlzIG5vdCBpbiByYW5n ZSBoYW5kbGVkCmJ5IHRoZSBndWVzdC4gVGhpcyB3aWxsIHJlc3VsdCB0byBk ZXJlZmVuY2UgYSBOVUxMIHBvaW50ZXIgd2hpY2ggd2lsbCBjcmFzaApYZW4u CgpJJ3ZlIGNoZWNrZWQgdGhlIHJlc3Qgb2YgdGhlIGVtdWxhdGlvbiBhbmQg dGhpcyBpcyBvbmx5IHBsYWNlIHdoZXJlIHRoZSBsb2NrIGlzCnRha2VuIGJl Zm9yZSB0aGUgcmFuayBpcyBjaGVja2VkLgoKU2lnbmVkLW9mZi1ieTogSnVs aWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KUmVwb3J0ZWQt Ynk6IFRob21hcyBMZW9uYXJkIDx0YWxleDVAZ21haWwuY29tPgpSZXZpZXdl ZC1ieTogSmFuIEJldWxpY2ggPEpCZXVsaWNoQHN1c2UuY29tPgpBY2tlZC1i eTogSWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KCmRp ZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdmdpYy5jIGIveGVuL2FyY2gvYXJt L3ZnaWMuYwppbmRleCAxYjk1MDAzLi40Y2Y2NDcwIDEwMDY0NAotLS0gYS94 ZW4vYXJjaC9hcm0vdmdpYy5jCisrKyBiL3hlbi9hcmNoL2FybS92Z2ljLmMK QEAgLTYwMiw4ICs2MDIsOCBAQCBzdGF0aWMgaW50IHZnaWNfZGlzdHJfbW1p b193cml0ZShzdHJ1Y3QgdmNwdSAqdiwgbW1pb19pbmZvX3QgKmluZm8pCiAg ICAgY2FzZSBHSUNEX0lDRkdSICsgMiAuLi4gR0lDRF9JQ0ZHUk46IC8qIFNQ SXMgKi8KICAgICAgICAgaWYgKCBkYWJ0LnNpemUgIT0gMiApIGdvdG8gYmFk X3dpZHRoOwogICAgICAgICByYW5rID0gdmdpY19pcnFfcmFuayh2LCAyLCBn aWNkX3JlZyAtIEdJQ0RfSUNGR1IpOwotICAgICAgICB2Z2ljX2xvY2tfcmFu ayh2LCByYW5rKTsKICAgICAgICAgaWYgKCByYW5rID09IE5VTEwpIGdvdG8g d3JpdGVfaWdub3JlOworICAgICAgICB2Z2ljX2xvY2tfcmFuayh2LCByYW5r KTsKICAgICAgICAgcmFuay0+aWNmZ1tSRUdfUkFOS19JTkRFWCgyLCBnaWNk X3JlZyAtIEdJQ0RfSUNGR1IpXSA9ICpyOwogICAgICAgICB2Z2ljX3VubG9j a19yYW5rKHYsIHJhbmspOwogICAgICAgICByZXR1cm4gMTsKCgoK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 13:07:56 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 13:07:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcwsK-0006O5-V1; Wed, 23 Apr 2014 13:06:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcwsJ-0006Nm-U6; Wed, 23 Apr 2014 13:06:08 +0000 Received: from [85.158.139.211:13792] by server-14.bemta-5.messagelabs.com id E2/63-15696-FBAB7535; Wed, 23 Apr 2014 13:06:07 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-7.tower-206.messagelabs.com!1398258365!138844!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13197 invoked from network); 23 Apr 2014 13:06:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 13:06:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wcws9-0008Qj-EL; Wed, 23 Apr 2014 13:05:57 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wcws9-0005ae-0x; Wed, 23 Apr 2014 13:05:57 +0000 Date: Wed, 23 Apr 2014 13:05:57 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 94 - ARM hypervisor crash on guest interrupt controller access X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-94 ARM hypervisor crash on guest interrupt controller access ISSUE DESCRIPTION ================= When handling a guest access to the virtual GIC distributor (interrupt controller) Xen could dereference a pointer before checking it for validity leading to a hypervisor crash and host Denial of Service. IMPACT ====== A buggy or malicious guest can crash the host. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onward. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. CREDITS ======= The initial bug was discovered by Thomas Leonard and the security aspect was diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa94.patch xen-unstable, Xen 4.4.x $ sha256sum xsa94*.patch ad0f20577400756a1786daeafef86fa870727ec35b48f71f565e4a30dcbda58d xsa94.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV7qTAAoJEIP+FMlX6CvZ08EH/3pIhD1lCXex3pbvo0BFIc2y +XqJmLQ8QVeuk1Q9etEVbJxC8YvbmunefyCyfXIYQpL5jWqJdOAGzSktLOuaGrrM ENG6kFyiC6pxLouJb+BAm3qOfe3vVCdkWh9ouWQGC/3FqbSM+2QGI0vUyxtfmmga IDeQ+CjyWVVhmR7Tb76Gc/pMLnrfD1HTZSgTe8NacqbnZuXzPMrxkKw8BleK/boH L5r/0Y/GqqOe5LRqCOZt8U7jlcfwAs+rqUI0UDz70YvokcBH7RwaRiolZxicLdjP 4lFJH8q9d45EA9JI+Xifv2QZ9tJMRNhRtTQpqIS8swAROOM/SblpPUPlOiPvyaE= =RGUg -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa94.patch" Content-Disposition: attachment; filename="xsa94.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogdmdpYzogQ2hlY2sgcmFuayBpbiBHSUNEX0lDRkdSKiBlbXVs YXRpb24gYmVmb3JlIGxvY2tpbmcKClRoZSBmdW5jdGlvbiB2Z2ljX2lycV9y YW5rIG1heSByZXR1cm4gTlVMTCBpcyB0aGUgSVJRIGlzIG5vdCBpbiByYW5n ZSBoYW5kbGVkCmJ5IHRoZSBndWVzdC4gVGhpcyB3aWxsIHJlc3VsdCB0byBk ZXJlZmVuY2UgYSBOVUxMIHBvaW50ZXIgd2hpY2ggd2lsbCBjcmFzaApYZW4u CgpJJ3ZlIGNoZWNrZWQgdGhlIHJlc3Qgb2YgdGhlIGVtdWxhdGlvbiBhbmQg dGhpcyBpcyBvbmx5IHBsYWNlIHdoZXJlIHRoZSBsb2NrIGlzCnRha2VuIGJl Zm9yZSB0aGUgcmFuayBpcyBjaGVja2VkLgoKU2lnbmVkLW9mZi1ieTogSnVs aWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KUmVwb3J0ZWQt Ynk6IFRob21hcyBMZW9uYXJkIDx0YWxleDVAZ21haWwuY29tPgpSZXZpZXdl ZC1ieTogSmFuIEJldWxpY2ggPEpCZXVsaWNoQHN1c2UuY29tPgpBY2tlZC1i eTogSWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KCmRp ZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdmdpYy5jIGIveGVuL2FyY2gvYXJt L3ZnaWMuYwppbmRleCAxYjk1MDAzLi40Y2Y2NDcwIDEwMDY0NAotLS0gYS94 ZW4vYXJjaC9hcm0vdmdpYy5jCisrKyBiL3hlbi9hcmNoL2FybS92Z2ljLmMK QEAgLTYwMiw4ICs2MDIsOCBAQCBzdGF0aWMgaW50IHZnaWNfZGlzdHJfbW1p b193cml0ZShzdHJ1Y3QgdmNwdSAqdiwgbW1pb19pbmZvX3QgKmluZm8pCiAg ICAgY2FzZSBHSUNEX0lDRkdSICsgMiAuLi4gR0lDRF9JQ0ZHUk46IC8qIFNQ SXMgKi8KICAgICAgICAgaWYgKCBkYWJ0LnNpemUgIT0gMiApIGdvdG8gYmFk X3dpZHRoOwogICAgICAgICByYW5rID0gdmdpY19pcnFfcmFuayh2LCAyLCBn aWNkX3JlZyAtIEdJQ0RfSUNGR1IpOwotICAgICAgICB2Z2ljX2xvY2tfcmFu ayh2LCByYW5rKTsKICAgICAgICAgaWYgKCByYW5rID09IE5VTEwpIGdvdG8g d3JpdGVfaWdub3JlOworICAgICAgICB2Z2ljX2xvY2tfcmFuayh2LCByYW5r KTsKICAgICAgICAgcmFuay0+aWNmZ1tSRUdfUkFOS19JTkRFWCgyLCBnaWNk X3JlZyAtIEdJQ0RfSUNGR1IpXSA9ICpyOwogICAgICAgICB2Z2ljX3VubG9j a19yYW5rKHYsIHJhbmspOwogICAgICAgICByZXR1cm4gMTsKCgoK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 15:15:22 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 15:15:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcyrI-0007aR-GB; Wed, 23 Apr 2014 15:13:12 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcyrH-0007Z4-7p; Wed, 23 Apr 2014 15:13:11 +0000 Received: from [193.109.254.147:29156] by server-9.bemta-14.messagelabs.com id F7/D7-03644-688D7535; Wed, 23 Apr 2014 15:13:10 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-16.tower-27.messagelabs.com!1398265988!430745!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30450 invoked from network); 23 Apr 2014 15:13:09 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 15:13:09 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wcyr8-0001UN-TG; Wed, 23 Apr 2014 15:13:02 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wcyr8-0001eE-Nk; Wed, 23 Apr 2014 15:13:02 +0000 Date: Wed, 23 Apr 2014 15:13:02 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 94 (CVE-2014-2986) - ARM hypervisor crash on guest interrupt controller access X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2986 / XSA-94 version 2 ARM hypervisor crash on guest interrupt controller access UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2986. ISSUE DESCRIPTION ================= When handling a guest access to the virtual GIC distributor (interrupt controller) Xen could dereference a pointer before checking it for validity leading to a hypervisor crash and host Denial of Service. IMPACT ====== A buggy or malicious guest can crash the host. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onward. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. CREDITS ======= The initial bug was discovered by Thomas Leonard and the security aspect was diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa94.patch xen-unstable, Xen 4.4.x $ sha256sum xsa94*.patch ad0f20577400756a1786daeafef86fa870727ec35b48f71f565e4a30dcbda58d xsa94.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV9hdAAoJEIP+FMlX6CvZmDwH/2sBH/w9kPhOu+hdOAMX3dlb bmj1sLTehOKqEy8sZpDsCuJw8cRAIQn+xWPMDPj2lUggz5iVWHUgfs4Zk8o9l3qQ 9/RcnQQHFSw1Bu8lDLlH0FpE6R98ZcdX//PAviJewj10FiMOpIoBSzNpKLxst1IZ 5YPmBVCn6DfgsCjWYPPaGQMLtBWU/LbAPmpYUiIDywOd58OScekNL2hfKM0ZWzgo HPuB2DwpPsj7P43kuEJyXIHYLu00see+uEXXKd591mmznVtSXSrzVVaKPjeTfh9D WEGqCxOof5slzwofbMFflBL1SW6d6f0Llui/7cMEDITSXeCaP2wqMb34p/g68+w= =BNcq -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa94.patch" Content-Disposition: attachment; filename="xsa94.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogdmdpYzogQ2hlY2sgcmFuayBpbiBHSUNEX0lDRkdSKiBlbXVs YXRpb24gYmVmb3JlIGxvY2tpbmcKClRoZSBmdW5jdGlvbiB2Z2ljX2lycV9y YW5rIG1heSByZXR1cm4gTlVMTCBpcyB0aGUgSVJRIGlzIG5vdCBpbiByYW5n ZSBoYW5kbGVkCmJ5IHRoZSBndWVzdC4gVGhpcyB3aWxsIHJlc3VsdCB0byBk ZXJlZmVuY2UgYSBOVUxMIHBvaW50ZXIgd2hpY2ggd2lsbCBjcmFzaApYZW4u CgpJJ3ZlIGNoZWNrZWQgdGhlIHJlc3Qgb2YgdGhlIGVtdWxhdGlvbiBhbmQg dGhpcyBpcyBvbmx5IHBsYWNlIHdoZXJlIHRoZSBsb2NrIGlzCnRha2VuIGJl Zm9yZSB0aGUgcmFuayBpcyBjaGVja2VkLgoKU2lnbmVkLW9mZi1ieTogSnVs aWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KUmVwb3J0ZWQt Ynk6IFRob21hcyBMZW9uYXJkIDx0YWxleDVAZ21haWwuY29tPgpSZXZpZXdl ZC1ieTogSmFuIEJldWxpY2ggPEpCZXVsaWNoQHN1c2UuY29tPgpBY2tlZC1i eTogSWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KCmRp ZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdmdpYy5jIGIveGVuL2FyY2gvYXJt L3ZnaWMuYwppbmRleCAxYjk1MDAzLi40Y2Y2NDcwIDEwMDY0NAotLS0gYS94 ZW4vYXJjaC9hcm0vdmdpYy5jCisrKyBiL3hlbi9hcmNoL2FybS92Z2ljLmMK QEAgLTYwMiw4ICs2MDIsOCBAQCBzdGF0aWMgaW50IHZnaWNfZGlzdHJfbW1p b193cml0ZShzdHJ1Y3QgdmNwdSAqdiwgbW1pb19pbmZvX3QgKmluZm8pCiAg ICAgY2FzZSBHSUNEX0lDRkdSICsgMiAuLi4gR0lDRF9JQ0ZHUk46IC8qIFNQ SXMgKi8KICAgICAgICAgaWYgKCBkYWJ0LnNpemUgIT0gMiApIGdvdG8gYmFk X3dpZHRoOwogICAgICAgICByYW5rID0gdmdpY19pcnFfcmFuayh2LCAyLCBn aWNkX3JlZyAtIEdJQ0RfSUNGR1IpOwotICAgICAgICB2Z2ljX2xvY2tfcmFu ayh2LCByYW5rKTsKICAgICAgICAgaWYgKCByYW5rID09IE5VTEwpIGdvdG8g d3JpdGVfaWdub3JlOworICAgICAgICB2Z2ljX2xvY2tfcmFuayh2LCByYW5r KTsKICAgICAgICAgcmFuay0+aWNmZ1tSRUdfUkFOS19JTkRFWCgyLCBnaWNk X3JlZyAtIEdJQ0RfSUNGR1IpXSA9ICpyOwogICAgICAgICB2Z2ljX3VubG9j a19yYW5rKHYsIHJhbmspOwogICAgICAgICByZXR1cm4gMTsKCgoK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 23 15:15:22 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Apr 2014 15:15:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcyrI-0007aR-GB; Wed, 23 Apr 2014 15:13:12 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WcyrH-0007Z4-7p; Wed, 23 Apr 2014 15:13:11 +0000 Received: from [193.109.254.147:29156] by server-9.bemta-14.messagelabs.com id F7/D7-03644-688D7535; Wed, 23 Apr 2014 15:13:10 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-16.tower-27.messagelabs.com!1398265988!430745!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30450 invoked from network); 23 Apr 2014 15:13:09 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Apr 2014 15:13:09 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wcyr8-0001UN-TG; Wed, 23 Apr 2014 15:13:02 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wcyr8-0001eE-Nk; Wed, 23 Apr 2014 15:13:02 +0000 Date: Wed, 23 Apr 2014 15:13:02 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 94 (CVE-2014-2986) - ARM hypervisor crash on guest interrupt controller access X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2014-2986 / XSA-94 version 2 ARM hypervisor crash on guest interrupt controller access UPDATES IN VERSION 2 ==================== This issue has been assigned CVE-2014-2986. ISSUE DESCRIPTION ================= When handling a guest access to the virtual GIC distributor (interrupt controller) Xen could dereference a pointer before checking it for validity leading to a hypervisor crash and host Denial of Service. IMPACT ====== A buggy or malicious guest can crash the host. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onward. x86 systems are not vulnerable. MITIGATION ========== None. NOTE REGARDING LACK OF EMBARGO ============================== This bug was publicly reported on xen-devel, before it was appreciated that there was a security problem. CREDITS ======= The initial bug was discovered by Thomas Leonard and the security aspect was diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa94.patch xen-unstable, Xen 4.4.x $ sha256sum xsa94*.patch ad0f20577400756a1786daeafef86fa870727ec35b48f71f565e4a30dcbda58d xsa94.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTV9hdAAoJEIP+FMlX6CvZmDwH/2sBH/w9kPhOu+hdOAMX3dlb bmj1sLTehOKqEy8sZpDsCuJw8cRAIQn+xWPMDPj2lUggz5iVWHUgfs4Zk8o9l3qQ 9/RcnQQHFSw1Bu8lDLlH0FpE6R98ZcdX//PAviJewj10FiMOpIoBSzNpKLxst1IZ 5YPmBVCn6DfgsCjWYPPaGQMLtBWU/LbAPmpYUiIDywOd58OScekNL2hfKM0ZWzgo HPuB2DwpPsj7P43kuEJyXIHYLu00see+uEXXKd591mmznVtSXSrzVVaKPjeTfh9D WEGqCxOof5slzwofbMFflBL1SW6d6f0Llui/7cMEDITSXeCaP2wqMb34p/g68+w= =BNcq -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa94.patch" Content-Disposition: attachment; filename="xsa94.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogdmdpYzogQ2hlY2sgcmFuayBpbiBHSUNEX0lDRkdSKiBlbXVs YXRpb24gYmVmb3JlIGxvY2tpbmcKClRoZSBmdW5jdGlvbiB2Z2ljX2lycV9y YW5rIG1heSByZXR1cm4gTlVMTCBpcyB0aGUgSVJRIGlzIG5vdCBpbiByYW5n ZSBoYW5kbGVkCmJ5IHRoZSBndWVzdC4gVGhpcyB3aWxsIHJlc3VsdCB0byBk ZXJlZmVuY2UgYSBOVUxMIHBvaW50ZXIgd2hpY2ggd2lsbCBjcmFzaApYZW4u CgpJJ3ZlIGNoZWNrZWQgdGhlIHJlc3Qgb2YgdGhlIGVtdWxhdGlvbiBhbmQg dGhpcyBpcyBvbmx5IHBsYWNlIHdoZXJlIHRoZSBsb2NrIGlzCnRha2VuIGJl Zm9yZSB0aGUgcmFuayBpcyBjaGVja2VkLgoKU2lnbmVkLW9mZi1ieTogSnVs aWVuIEdyYWxsIDxqdWxpZW4uZ3JhbGxAbGluYXJvLm9yZz4KUmVwb3J0ZWQt Ynk6IFRob21hcyBMZW9uYXJkIDx0YWxleDVAZ21haWwuY29tPgpSZXZpZXdl ZC1ieTogSmFuIEJldWxpY2ggPEpCZXVsaWNoQHN1c2UuY29tPgpBY2tlZC1i eTogSWFuIENhbXBiZWxsIDxpYW4uY2FtcGJlbGxAY2l0cml4LmNvbT4KCmRp ZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0vdmdpYy5jIGIveGVuL2FyY2gvYXJt L3ZnaWMuYwppbmRleCAxYjk1MDAzLi40Y2Y2NDcwIDEwMDY0NAotLS0gYS94 ZW4vYXJjaC9hcm0vdmdpYy5jCisrKyBiL3hlbi9hcmNoL2FybS92Z2ljLmMK QEAgLTYwMiw4ICs2MDIsOCBAQCBzdGF0aWMgaW50IHZnaWNfZGlzdHJfbW1p b193cml0ZShzdHJ1Y3QgdmNwdSAqdiwgbW1pb19pbmZvX3QgKmluZm8pCiAg ICAgY2FzZSBHSUNEX0lDRkdSICsgMiAuLi4gR0lDRF9JQ0ZHUk46IC8qIFNQ SXMgKi8KICAgICAgICAgaWYgKCBkYWJ0LnNpemUgIT0gMiApIGdvdG8gYmFk X3dpZHRoOwogICAgICAgICByYW5rID0gdmdpY19pcnFfcmFuayh2LCAyLCBn aWNkX3JlZyAtIEdJQ0RfSUNGR1IpOwotICAgICAgICB2Z2ljX2xvY2tfcmFu ayh2LCByYW5rKTsKICAgICAgICAgaWYgKCByYW5rID09IE5VTEwpIGdvdG8g d3JpdGVfaWdub3JlOworICAgICAgICB2Z2ljX2xvY2tfcmFuayh2LCByYW5r KTsKICAgICAgICAgcmFuay0+aWNmZ1tSRUdfUkFOS19JTkRFWCgyLCBnaWNk X3JlZyAtIEdJQ0RfSUNGR1IpXSA9ICpyOwogICAgICAgICB2Z2ljX3VubG9j a19yYW5rKHYsIHJhbmspOwogICAgICAgICByZXR1cm4gMTsKCgoK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Thu Apr 24 14:13:33 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 24 Apr 2014 14:13:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WdKN6-0003Do-01; Thu, 24 Apr 2014 14:11:28 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WdKMo-0003BE-Jf for xen-announce@lists.xen.org; Thu, 24 Apr 2014 14:11:10 +0000 Received: from [85.158.143.35:60803] by server-3.bemta-4.messagelabs.com id 54/C2-13602-D7B19535; Thu, 24 Apr 2014 14:11:09 +0000 X-Env-Sender: lars.kurth.xen@gmail.com X-Msg-Ref: server-14.tower-21.messagelabs.com!1398348667!811362!1 X-Originating-IP: [209.85.160.176] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20466 invoked from network); 24 Apr 2014 14:11:09 -0000 Received: from mail-yk0-f176.google.com (HELO mail-yk0-f176.google.com) (209.85.160.176) by server-14.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 24 Apr 2014 14:11:09 -0000 Received: by mail-yk0-f176.google.com with SMTP id 19so2079196ykq.21 for ; Thu, 24 Apr 2014 07:11:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:reply-to:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=K7zCKz7ckaEx6rDfWr7GUqGMlVjPu0G5711Fh23yBrM=; b=O3AkppWkyUkwew1ol9xlRjz52FKR66wdevKLKXa6ql+97tHEkMqHTt156EazHhGUpe H/i/RlL7CimUOHbMY5AzwiqpAkoHjYohwfsdxbnXMukdWFGkGQAvd9AYbOkd5bQ5ZQNO enA7TMyveZXebPntfu1RxdEysLczkJ067a/7WnJXHq5bBjB2QQW+oG4WxJmb/V9IfW0J vrBxfgJLwAAv0yrRrFWCO0+tJGklTB1Wcr/CkhyCRLAyqw9O1h0fwCnTsdNX0QN5xIr1 8OXYVpNazvwFHV3d94mSMoczBed0/UF4yC1aXzsC5KJ7NIQtaysXuWK1HsyfwwILBZGK AWew== X-Received: by 10.236.91.67 with SMTP id g43mr2682911yhf.146.1398348667649; Thu, 24 Apr 2014 07:11:07 -0700 (PDT) Received: from [172.16.25.10] ([185.25.64.249]) by mx.google.com with ESMTPSA id t42sm7751544yhn.12.2014.04.24.07.11.06 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 24 Apr 2014 07:11:07 -0700 (PDT) Message-ID: <53591B79.8010607@xen.org> Date: Thu, 24 Apr 2014 15:11:05 +0100 From: Lars Kurth User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: xen-announce@lists.xen.org X-Mailman-Approved-At: Thu, 24 Apr 2014 14:11:27 +0000 Subject: [Xen-announce] Upcoming Xen Project Developer and User Summit CfPs (May 2nd and 31st) X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: lars.kurth@xen.org List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org Dear community members, this is a gentle reminder that the the CfPs for the Xen Project Developer Summits and User Summits are drawing to a close. Best Regards Lars == Xen Project Developer Summit, August 18-19, Chicago, IL : CfP closes May 2nd == Call for Submissions for the Xen Project Developer Summit closes on May 2nd. For more information see http://events.linuxfoundation.org/events/xen-project-developer-summit/program/cfp ... To get a sense of what is covered at Xen Project Developer Summits, check out last years presentations at http://xenproject.org/component/content/article/9-uncategorised/159-xen-project-developer-summit-2013-videos-and-presentations.html == Xen Project User Summit, September 15, NYC : CfP closes May 31st == Call for Submissions for the User Summit close on May 31st. For more information see http://events.linuxfoundation.org/events/xen-project-user-summit/program/cfp == Sponsoring a Xen Project Summit in 2014 == In previous years, our Developer and User summits were pre-dominantly organized by a single contributor within the Xen Project developer community. As a result, there were no sponsorship opportunities for vendors in the Xen Project eco-system. Since the Xen Project is now a Linux Foundation Collaborative project and events are organized by the Linux Foundation, we do have sponsorship opportunities at different price points. For more information see 1) Sponsorship Opportunities for the Xen Project Developer Summit at http://events.linuxfoundation.org/events/xen-project-developer-summit/sponsor/sponsorship-opps 2) Sponsorship Opportunities for the Xen Project User Summit at http://events.linuxfoundation.org/events/xen-project-user-summit/sponsor/sponsorship-opportunities At both events you will reach 150 - 200 of Xen Project core developers and/or power users. For more information, contact lars.kurth@xenproject.org (Developer Summit) and russell.pavlicek@xenproject.org (User Summit). _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce From xen-announce-bounces@lists.xen.org Thu Apr 24 14:13:33 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 24 Apr 2014 14:13:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WdKN6-0003Do-01; Thu, 24 Apr 2014 14:11:28 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WdKMo-0003BE-Jf for xen-announce@lists.xen.org; Thu, 24 Apr 2014 14:11:10 +0000 Received: from [85.158.143.35:60803] by server-3.bemta-4.messagelabs.com id 54/C2-13602-D7B19535; Thu, 24 Apr 2014 14:11:09 +0000 X-Env-Sender: lars.kurth.xen@gmail.com X-Msg-Ref: server-14.tower-21.messagelabs.com!1398348667!811362!1 X-Originating-IP: [209.85.160.176] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20466 invoked from network); 24 Apr 2014 14:11:09 -0000 Received: from mail-yk0-f176.google.com (HELO mail-yk0-f176.google.com) (209.85.160.176) by server-14.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 24 Apr 2014 14:11:09 -0000 Received: by mail-yk0-f176.google.com with SMTP id 19so2079196ykq.21 for ; Thu, 24 Apr 2014 07:11:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:reply-to:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=K7zCKz7ckaEx6rDfWr7GUqGMlVjPu0G5711Fh23yBrM=; b=O3AkppWkyUkwew1ol9xlRjz52FKR66wdevKLKXa6ql+97tHEkMqHTt156EazHhGUpe H/i/RlL7CimUOHbMY5AzwiqpAkoHjYohwfsdxbnXMukdWFGkGQAvd9AYbOkd5bQ5ZQNO enA7TMyveZXebPntfu1RxdEysLczkJ067a/7WnJXHq5bBjB2QQW+oG4WxJmb/V9IfW0J vrBxfgJLwAAv0yrRrFWCO0+tJGklTB1Wcr/CkhyCRLAyqw9O1h0fwCnTsdNX0QN5xIr1 8OXYVpNazvwFHV3d94mSMoczBed0/UF4yC1aXzsC5KJ7NIQtaysXuWK1HsyfwwILBZGK AWew== X-Received: by 10.236.91.67 with SMTP id g43mr2682911yhf.146.1398348667649; Thu, 24 Apr 2014 07:11:07 -0700 (PDT) Received: from [172.16.25.10] ([185.25.64.249]) by mx.google.com with ESMTPSA id t42sm7751544yhn.12.2014.04.24.07.11.06 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 24 Apr 2014 07:11:07 -0700 (PDT) Message-ID: <53591B79.8010607@xen.org> Date: Thu, 24 Apr 2014 15:11:05 +0100 From: Lars Kurth User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-Version: 1.0 To: xen-announce@lists.xen.org X-Mailman-Approved-At: Thu, 24 Apr 2014 14:11:27 +0000 Subject: [Xen-announce] Upcoming Xen Project Developer and User Summit CfPs (May 2nd and 31st) X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: lars.kurth@xen.org List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org Dear community members, this is a gentle reminder that the the CfPs for the Xen Project Developer Summits and User Summits are drawing to a close. Best Regards Lars == Xen Project Developer Summit, August 18-19, Chicago, IL : CfP closes May 2nd == Call for Submissions for the Xen Project Developer Summit closes on May 2nd. For more information see http://events.linuxfoundation.org/events/xen-project-developer-summit/program/cfp ... To get a sense of what is covered at Xen Project Developer Summits, check out last years presentations at http://xenproject.org/component/content/article/9-uncategorised/159-xen-project-developer-summit-2013-videos-and-presentations.html == Xen Project User Summit, September 15, NYC : CfP closes May 31st == Call for Submissions for the User Summit close on May 31st. For more information see http://events.linuxfoundation.org/events/xen-project-user-summit/program/cfp == Sponsoring a Xen Project Summit in 2014 == In previous years, our Developer and User summits were pre-dominantly organized by a single contributor within the Xen Project developer community. As a result, there were no sponsorship opportunities for vendors in the Xen Project eco-system. Since the Xen Project is now a Linux Foundation Collaborative project and events are organized by the Linux Foundation, we do have sponsorship opportunities at different price points. For more information see 1) Sponsorship Opportunities for the Xen Project Developer Summit at http://events.linuxfoundation.org/events/xen-project-developer-summit/sponsor/sponsorship-opps 2) Sponsorship Opportunities for the Xen Project User Summit at http://events.linuxfoundation.org/events/xen-project-user-summit/sponsor/sponsorship-opportunities At both events you will reach 150 - 200 of Xen Project core developers and/or power users. For more information, contact lars.kurth@xenproject.org (Developer Summit) and russell.pavlicek@xenproject.org (User Summit). _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce From xen-announce-bounces@lists.xen.org Tue Apr 29 12:24:14 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 29 Apr 2014 12:24:14 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf73I-0006cS-Gt; Tue, 29 Apr 2014 12:22:24 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf73G-0006c5-3a; Tue, 29 Apr 2014 12:22:22 +0000 Received: from [85.158.137.68:6640] by server-10.bemta-3.messagelabs.com id C9/3A-16608-D799F535; Tue, 29 Apr 2014 12:22:21 +0000 X-Env-Sender: ianc@xenbits.xen.org X-Msg-Ref: server-7.tower-31.messagelabs.com!1398774138!793361!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16615 invoked from network); 29 Apr 2014 12:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-31.messagelabs.com with AES256-SHA encrypted SMTP; 29 Apr 2014 12:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf734-00078B-2q; Tue, 29 Apr 2014 12:22:10 +0000 Received: from ianc by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wf733-0000ed-Td; Tue, 29 Apr 2014 12:22:09 +0000 Date: Tue, 29 Apr 2014 12:22:09 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 92 - HVMOP_set_mem_type allows invalid P2M entries to be created X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-92 version 2 HVMOP_set_mem_type allows invalid P2M entries to be created UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= The implementation in Xen of the HVMOP_set_mem_type HVM control operations attempts to exclude transitioning a page from an inappropriate memory type. However, only an inadequate subset of memory types is excluded. There are certain other types that don't correspond to a particular valid page, whose page table translation can be inappropriately changed (by HVMOP_set_mem_type) from not-present (due to the lack of valid memory page) to present. If this occurs, an invalid translation will be established. IMPACT ====== In a configuration where device models run with limited privilege (for example, stubdom device models), a guest attacker who successfully finds and exploits an unfixed security flaw in qemu-dm could leverage the other flaw into a Denial of Service affecting the whole host. In the more general case, in more abstract terms: a malicious administrator of a domain privileged with regard to an HVM guest can cause Xen to crash leading to a Denial of Service. Arbitrary code execution, and therefore privilege escalation, cannot be entirely excluded: On a system with a RAM page present immediately below the 52-bit address boundary, this would be possible. However, we are not aware of any systems with such a memory layout. VULNERABLE SYSTEMS ================== All Xen versions from 4.1 onwards are vulnerable. The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). In the case of HVM guests whose device model is running in an unrestricted dom0 process, qemu-dm already has the ability to cause problems for the whole system. So in that case the vulnerability is not applicable. The situation is more subtle for an HVM guest with a stub qemu-dm. That is, where the device model runs in a separate domain (in the case of xl, as requested by "device_model_stubdomain_override=1" in the xl domain configuration file). The same applies with a qemu-dm in a dom0 process subjected to some kind kernel-based process privilege limitation (eg the chroot technique as found in some versions of XCP/XenServer). In those latter situations this issue means that the extra isolation does not provide as good a defence (against denial of service) as intended. That is the essence of this vulnerability. However, the security is still better than with a qemu-dm running as an unrestricted dom0 process. Therefore users with these configurations should not switch to an unrestricted dom0 qemu-dm. Finally, in a radically disaggregated system: where the HVM service domain software (probably, the device model domain image) is not always supplied by the host administrator, a malicious service domain administrator can exercise this vulnerability. MITIGATION ========== Running only PV guests will avoid this vulnerability. In a radically disaggregated system, restricting HVM service domains to software images approved by the host administrator will avoid the vulnerability. CREDITS ======= This issue was discovered by Jan Beulich. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa92.patch xen-unstable, Xen 4.4.x, Xen 4.3.x xsa92-4.2.patch Xen 4.2.x xsa92-4.1.patch Xen 4.1.x $ sha256sum xsa92*.patch 184dcb88dfb4540fca33016ffcfe0f4f557449ab5b4ec6a4bf486c75926d23f3 xsa92.patch 76905398958dfcec98fb5bde2a68c0e86a3ccc9f442a8a658e972937fd75534a xsa92-4.1.patch bca98827834f807c787fceb6c719d9d4fe3c40786cb087156829e5e6fb5700d6 xsa92-4.2.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTX2euAAoJEIP+FMlX6CvZx3EIAIzdz8WxP0NPPDbY9QaM6nz7 H0kq8MxB1wcC2mTREPa+B5/vzC52VEC5JLEfWNs/6sMc6nBmbe+F+EqiIpgbuuTA kq9L0ycPjBsEqKKwZDuqDzHVlnpjEX7oNb7x32eafrR3jWp1CIKTt4dmQqQn/PNR 3CVg7nc+lMmusXElJeqHA8a+pqQgBXFAKVbQiBqRIDwPRdBCbJmwbkhsbfa4zF3T Fyzm1am52T3nhml0opNb32rkK3VblJbLGJ6jkyWweTYqiVLZc9pOF58W7t6L3QS2 BmnhRdwy9b+cHn5eLI3529KBmkrWhZ26Fn8mPwgXWm7p08ybfGEFMZKp2G5rYE8= =r7s4 -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa92.patch" Content-Disposition: attachment; filename="xsa92.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtNDU0MSwxMiArNDU0MSwxMCBAQCBsb25n IGRvX2h2bV9vcCh1bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAg ICAgICAgICAgcmMgPSAtRUlOVkFMOwogICAgICAgICAgICAgICAgIGdvdG8g cGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9IAotICAgICAgICAgICAgaWYg KCBwMm1faXNfZ3JhbnQodCkgKQorICAgICAgICAgICAgaWYgKCAhcDJtX2lz X3JhbSh0KSAmJgorICAgICAgICAgICAgICAgICAoIXAybV9pc19ob2xlKHQp IHx8IGEuaHZtbWVtX3R5cGUgIT0gSFZNTUVNX21taW9fZG0pICkKICAgICAg ICAgICAgIHsKICAgICAgICAgICAgICAgICBwdXRfZ2ZuKGQsIHBmbik7Ci0g ICAgICAgICAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAg ICAgICAgICAgICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAlI2x4IGNoYW5n ZWQgdG8gZ3JhbnQgd2hpbGUgIgotICAgICAgICAgICAgICAgICAgICAgICAg ICJ3ZSB3ZXJlIHdvcmtpbmc/XG4iLCBwZm4pOwogICAgICAgICAgICAgICAg IGdvdG8gcGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9CiAgICAgICAgICAg ICBlbHNlCg== --=separator Content-Type: application/octet-stream; name="xsa92-4.1.patch" Content-Disposition: attachment; filename="xsa92-4.1.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtMzY2NiwxMyArMzY2Niw5IEBAIGxvbmcg ZG9faHZtX29wKHVuc2lnbmVkIGxvbmcgb3AsIFhFTl9HVUUKICAgICAgICAg ICAgICAgICByYyA9IC1FSU5WQUw7CiAgICAgICAgICAgICAgICAgZ290byBw YXJhbV9mYWlsNDsKICAgICAgICAgICAgIH0gCi0gICAgICAgICAgICBpZiAo IHAybV9pc19ncmFudCh0KSApCi0gICAgICAgICAgICB7Ci0gICAgICAgICAg ICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAgICAgICAgICAg ICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAweCVseCBjaGFuZ2VkIHRvIGdy YW50IHdoaWxlICIKLSAgICAgICAgICAgICAgICAgICAgICAgICAid2Ugd2Vy ZSB3b3JraW5nP1xuIiwgcGZuKTsKKyAgICAgICAgICAgIGlmICggIXAybV9p c19yYW0odCkgJiYKKyAgICAgICAgICAgICAgICAgKCFwMm1faXNfaG9sZSh0 KSB8fCBhLmh2bW1lbV90eXBlICE9IEhWTU1FTV9tbWlvX2RtKSApCiAgICAg ICAgICAgICAgICAgZ290byBwYXJhbV9mYWlsNDsKLSAgICAgICAgICAgIH0K ICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgIHsKICAgICAgICAgICAg ICAgICBudCA9IHAybV9jaGFuZ2VfdHlwZShwMm0sIHBmbiwgdCwgbWVtdHlw ZVthLmh2bW1lbV90eXBlXSk7Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv cDJtLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLXg4Ni9wMm0uaApAQCAtMTM0 LDYgKzEzNCwxMyBAQCB0eXBlZGVmIGVudW0gewogICAgICAgICAgICAgICAg ICAgICAgICB8IHAybV90b19tYXNrKHAybV9yYW1fcGFnaW5nX2luKSAgICAg ICBcCiAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJt X3JhbV9zaGFyZWQpKQogCisvKiBUeXBlcyB0aGF0IHJlcHJlc2VudCBhIHBo eXNtYXAgaG9sZS4gKi8KKyNkZWZpbmUgUDJNX0hPTEVfVFlQRVMgKHAybV90 b19tYXNrKHAybV9tbWlvX2RtKSAgICAgICAgICAgICAgIFwKKyAgICAgICAg ICAgICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJtX2ludmFsaWQpICAg ICAgICAgICAgIFwKKyAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3Rv X21hc2socDJtX3JhbV9wYWdpbmdfaW5fc3RhcnQpIFwKKyAgICAgICAgICAg ICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJtX3JhbV9wYWdpbmdfaW4p ICAgICAgIFwKKyAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3RvX21h c2socDJtX3JhbV9wYWdlZCkpCisKIC8qIEdyYW50IG1hcHBpbmcgdHlwZXMs IHdoaWNoIG1hcCB0byBhIHJlYWwgbWFjaGluZSBmcmFtZSBpbiBhbm90aGVy CiAgKiBWTSAqLwogI2RlZmluZSBQMk1fR1JBTlRfVFlQRVMgKHAybV90b19t YXNrKHAybV9ncmFudF9tYXBfcncpICBcCkBAIC0xNzAsNiArMTc3LDcgQEAg dHlwZWRlZiBlbnVtIHsKIAogLyogVXNlZnVsIHByZWRpY2F0ZXMgKi8KICNk ZWZpbmUgcDJtX2lzX3JhbShfdCkgKHAybV90b19tYXNrKF90KSAmIFAyTV9S QU1fVFlQRVMpCisjZGVmaW5lIHAybV9pc19ob2xlKF90KSAocDJtX3RvX21h c2soX3QpICYgUDJNX0hPTEVfVFlQRVMpCiAjZGVmaW5lIHAybV9pc19tbWlv KF90KSAocDJtX3RvX21hc2soX3QpICYgUDJNX01NSU9fVFlQRVMpCiAjZGVm aW5lIHAybV9pc19yZWFkb25seShfdCkgKHAybV90b19tYXNrKF90KSAmIFAy TV9ST19UWVBFUykKICNkZWZpbmUgcDJtX2lzX21hZ2ljKF90KSAocDJtX3Rv X21hc2soX3QpICYgUDJNX01BR0lDX1RZUEVTKQo= --=separator Content-Type: application/octet-stream; name="xsa92-4.2.patch" Content-Disposition: attachment; filename="xsa92-4.2.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtNDI0NSwxMiArNDI0NSwxMCBAQCBsb25n IGRvX2h2bV9vcCh1bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAg ICAgICAgICAgcmMgPSAtRUlOVkFMOwogICAgICAgICAgICAgICAgIGdvdG8g cGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9IAotICAgICAgICAgICAgaWYg KCBwMm1faXNfZ3JhbnQodCkgKQorICAgICAgICAgICAgaWYgKCAhcDJtX2lz X3JhbSh0KSAmJgorICAgICAgICAgICAgICAgICAoIXAybV9pc19ob2xlKHQp IHx8IGEuaHZtbWVtX3R5cGUgIT0gSFZNTUVNX21taW9fZG0pICkKICAgICAg ICAgICAgIHsKICAgICAgICAgICAgICAgICBwdXRfZ2ZuKGQsIHBmbik7Ci0g ICAgICAgICAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAg ICAgICAgICAgICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAweCVseCBjaGFu Z2VkIHRvIGdyYW50IHdoaWxlICIKLSAgICAgICAgICAgICAgICAgICAgICAg ICAid2Ugd2VyZSB3b3JraW5nP1xuIiwgcGZuKTsKICAgICAgICAgICAgICAg ICBnb3RvIHBhcmFtX2ZhaWw0OwogICAgICAgICAgICAgfQogICAgICAgICAg ICAgZWxzZQo= --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Tue Apr 29 12:24:14 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 29 Apr 2014 12:24:14 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf73I-0006cS-Gt; Tue, 29 Apr 2014 12:22:24 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf73G-0006c5-3a; Tue, 29 Apr 2014 12:22:22 +0000 Received: from [85.158.137.68:6640] by server-10.bemta-3.messagelabs.com id C9/3A-16608-D799F535; Tue, 29 Apr 2014 12:22:21 +0000 X-Env-Sender: ianc@xenbits.xen.org X-Msg-Ref: server-7.tower-31.messagelabs.com!1398774138!793361!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16615 invoked from network); 29 Apr 2014 12:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-31.messagelabs.com with AES256-SHA encrypted SMTP; 29 Apr 2014 12:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Wf734-00078B-2q; Tue, 29 Apr 2014 12:22:10 +0000 Received: from ianc by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Wf733-0000ed-Td; Tue, 29 Apr 2014 12:22:09 +0000 Date: Tue, 29 Apr 2014 12:22:09 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 92 - HVMOP_set_mem_type allows invalid P2M entries to be created X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-92 version 2 HVMOP_set_mem_type allows invalid P2M entries to be created UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= The implementation in Xen of the HVMOP_set_mem_type HVM control operations attempts to exclude transitioning a page from an inappropriate memory type. However, only an inadequate subset of memory types is excluded. There are certain other types that don't correspond to a particular valid page, whose page table translation can be inappropriately changed (by HVMOP_set_mem_type) from not-present (due to the lack of valid memory page) to present. If this occurs, an invalid translation will be established. IMPACT ====== In a configuration where device models run with limited privilege (for example, stubdom device models), a guest attacker who successfully finds and exploits an unfixed security flaw in qemu-dm could leverage the other flaw into a Denial of Service affecting the whole host. In the more general case, in more abstract terms: a malicious administrator of a domain privileged with regard to an HVM guest can cause Xen to crash leading to a Denial of Service. Arbitrary code execution, and therefore privilege escalation, cannot be entirely excluded: On a system with a RAM page present immediately below the 52-bit address boundary, this would be possible. However, we are not aware of any systems with such a memory layout. VULNERABLE SYSTEMS ================== All Xen versions from 4.1 onwards are vulnerable. The vulnerability is only exposed to service domains for HVM guests which have privilege over the guest. In a usual configuration that means only device model emulators (qemu-dm). In the case of HVM guests whose device model is running in an unrestricted dom0 process, qemu-dm already has the ability to cause problems for the whole system. So in that case the vulnerability is not applicable. The situation is more subtle for an HVM guest with a stub qemu-dm. That is, where the device model runs in a separate domain (in the case of xl, as requested by "device_model_stubdomain_override=1" in the xl domain configuration file). The same applies with a qemu-dm in a dom0 process subjected to some kind kernel-based process privilege limitation (eg the chroot technique as found in some versions of XCP/XenServer). In those latter situations this issue means that the extra isolation does not provide as good a defence (against denial of service) as intended. That is the essence of this vulnerability. However, the security is still better than with a qemu-dm running as an unrestricted dom0 process. Therefore users with these configurations should not switch to an unrestricted dom0 qemu-dm. Finally, in a radically disaggregated system: where the HVM service domain software (probably, the device model domain image) is not always supplied by the host administrator, a malicious service domain administrator can exercise this vulnerability. MITIGATION ========== Running only PV guests will avoid this vulnerability. In a radically disaggregated system, restricting HVM service domains to software images approved by the host administrator will avoid the vulnerability. CREDITS ======= This issue was discovered by Jan Beulich. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa92.patch xen-unstable, Xen 4.4.x, Xen 4.3.x xsa92-4.2.patch Xen 4.2.x xsa92-4.1.patch Xen 4.1.x $ sha256sum xsa92*.patch 184dcb88dfb4540fca33016ffcfe0f4f557449ab5b4ec6a4bf486c75926d23f3 xsa92.patch 76905398958dfcec98fb5bde2a68c0e86a3ccc9f442a8a658e972937fd75534a xsa92-4.1.patch bca98827834f807c787fceb6c719d9d4fe3c40786cb087156829e5e6fb5700d6 xsa92-4.2.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTX2euAAoJEIP+FMlX6CvZx3EIAIzdz8WxP0NPPDbY9QaM6nz7 H0kq8MxB1wcC2mTREPa+B5/vzC52VEC5JLEfWNs/6sMc6nBmbe+F+EqiIpgbuuTA kq9L0ycPjBsEqKKwZDuqDzHVlnpjEX7oNb7x32eafrR3jWp1CIKTt4dmQqQn/PNR 3CVg7nc+lMmusXElJeqHA8a+pqQgBXFAKVbQiBqRIDwPRdBCbJmwbkhsbfa4zF3T Fyzm1am52T3nhml0opNb32rkK3VblJbLGJ6jkyWweTYqiVLZc9pOF58W7t6L3QS2 BmnhRdwy9b+cHn5eLI3529KBmkrWhZ26Fn8mPwgXWm7p08ybfGEFMZKp2G5rYE8= =r7s4 -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa92.patch" Content-Disposition: attachment; filename="xsa92.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtNDU0MSwxMiArNDU0MSwxMCBAQCBsb25n IGRvX2h2bV9vcCh1bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAg ICAgICAgICAgcmMgPSAtRUlOVkFMOwogICAgICAgICAgICAgICAgIGdvdG8g cGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9IAotICAgICAgICAgICAgaWYg KCBwMm1faXNfZ3JhbnQodCkgKQorICAgICAgICAgICAgaWYgKCAhcDJtX2lz X3JhbSh0KSAmJgorICAgICAgICAgICAgICAgICAoIXAybV9pc19ob2xlKHQp IHx8IGEuaHZtbWVtX3R5cGUgIT0gSFZNTUVNX21taW9fZG0pICkKICAgICAg ICAgICAgIHsKICAgICAgICAgICAgICAgICBwdXRfZ2ZuKGQsIHBmbik7Ci0g ICAgICAgICAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAg ICAgICAgICAgICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAlI2x4IGNoYW5n ZWQgdG8gZ3JhbnQgd2hpbGUgIgotICAgICAgICAgICAgICAgICAgICAgICAg ICJ3ZSB3ZXJlIHdvcmtpbmc/XG4iLCBwZm4pOwogICAgICAgICAgICAgICAg IGdvdG8gcGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9CiAgICAgICAgICAg ICBlbHNlCg== --=separator Content-Type: application/octet-stream; name="xsa92-4.1.patch" Content-Disposition: attachment; filename="xsa92-4.1.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtMzY2NiwxMyArMzY2Niw5IEBAIGxvbmcg ZG9faHZtX29wKHVuc2lnbmVkIGxvbmcgb3AsIFhFTl9HVUUKICAgICAgICAg ICAgICAgICByYyA9IC1FSU5WQUw7CiAgICAgICAgICAgICAgICAgZ290byBw YXJhbV9mYWlsNDsKICAgICAgICAgICAgIH0gCi0gICAgICAgICAgICBpZiAo IHAybV9pc19ncmFudCh0KSApCi0gICAgICAgICAgICB7Ci0gICAgICAgICAg ICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAgICAgICAgICAg ICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAweCVseCBjaGFuZ2VkIHRvIGdy YW50IHdoaWxlICIKLSAgICAgICAgICAgICAgICAgICAgICAgICAid2Ugd2Vy ZSB3b3JraW5nP1xuIiwgcGZuKTsKKyAgICAgICAgICAgIGlmICggIXAybV9p c19yYW0odCkgJiYKKyAgICAgICAgICAgICAgICAgKCFwMm1faXNfaG9sZSh0 KSB8fCBhLmh2bW1lbV90eXBlICE9IEhWTU1FTV9tbWlvX2RtKSApCiAgICAg ICAgICAgICAgICAgZ290byBwYXJhbV9mYWlsNDsKLSAgICAgICAgICAgIH0K ICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgIHsKICAgICAgICAgICAg ICAgICBudCA9IHAybV9jaGFuZ2VfdHlwZShwMm0sIHBmbiwgdCwgbWVtdHlw ZVthLmh2bW1lbV90eXBlXSk7Ci0tLSBhL3hlbi9pbmNsdWRlL2FzbS14ODYv cDJtLmgKKysrIGIveGVuL2luY2x1ZGUvYXNtLXg4Ni9wMm0uaApAQCAtMTM0 LDYgKzEzNCwxMyBAQCB0eXBlZGVmIGVudW0gewogICAgICAgICAgICAgICAg ICAgICAgICB8IHAybV90b19tYXNrKHAybV9yYW1fcGFnaW5nX2luKSAgICAg ICBcCiAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJt X3JhbV9zaGFyZWQpKQogCisvKiBUeXBlcyB0aGF0IHJlcHJlc2VudCBhIHBo eXNtYXAgaG9sZS4gKi8KKyNkZWZpbmUgUDJNX0hPTEVfVFlQRVMgKHAybV90 b19tYXNrKHAybV9tbWlvX2RtKSAgICAgICAgICAgICAgIFwKKyAgICAgICAg ICAgICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJtX2ludmFsaWQpICAg ICAgICAgICAgIFwKKyAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3Rv X21hc2socDJtX3JhbV9wYWdpbmdfaW5fc3RhcnQpIFwKKyAgICAgICAgICAg ICAgICAgICAgICAgIHwgcDJtX3RvX21hc2socDJtX3JhbV9wYWdpbmdfaW4p ICAgICAgIFwKKyAgICAgICAgICAgICAgICAgICAgICAgIHwgcDJtX3RvX21h c2socDJtX3JhbV9wYWdlZCkpCisKIC8qIEdyYW50IG1hcHBpbmcgdHlwZXMs IHdoaWNoIG1hcCB0byBhIHJlYWwgbWFjaGluZSBmcmFtZSBpbiBhbm90aGVy CiAgKiBWTSAqLwogI2RlZmluZSBQMk1fR1JBTlRfVFlQRVMgKHAybV90b19t YXNrKHAybV9ncmFudF9tYXBfcncpICBcCkBAIC0xNzAsNiArMTc3LDcgQEAg dHlwZWRlZiBlbnVtIHsKIAogLyogVXNlZnVsIHByZWRpY2F0ZXMgKi8KICNk ZWZpbmUgcDJtX2lzX3JhbShfdCkgKHAybV90b19tYXNrKF90KSAmIFAyTV9S QU1fVFlQRVMpCisjZGVmaW5lIHAybV9pc19ob2xlKF90KSAocDJtX3RvX21h c2soX3QpICYgUDJNX0hPTEVfVFlQRVMpCiAjZGVmaW5lIHAybV9pc19tbWlv KF90KSAocDJtX3RvX21hc2soX3QpICYgUDJNX01NSU9fVFlQRVMpCiAjZGVm aW5lIHAybV9pc19yZWFkb25seShfdCkgKHAybV90b19tYXNrKF90KSAmIFAy TV9ST19UWVBFUykKICNkZWZpbmUgcDJtX2lzX21hZ2ljKF90KSAocDJtX3Rv X21hc2soX3QpICYgUDJNX01BR0lDX1RZUEVTKQo= --=separator Content-Type: application/octet-stream; name="xsa92-4.2.patch" Content-Disposition: attachment; filename="xsa92-4.2.patch" Content-Transfer-Encoding: base64 eDg2L0hWTTogcmVzdHJpY3QgSFZNT1Bfc2V0X21lbV90eXBlCgpQZXJtaXR0 aW5nIGFyYml0cmFyeSB0eXBlIGNoYW5nZXMgaGVyZSBoYXMgdGhlIHBvdGVu dGlhbCBvZiBjcmVhdGluZwpwcmVzZW50IFAyTSAoYW5kIGhlbmNlIEVQVC9O UFQvSU9NTVUpIGVudHJpZXMgcG9pbnRpbmcgdG8gYW4gaW52YWxpZApNRk4g KElOVkFMSURfTUZOIHRydW5jYXRlZCB0byB0aGUgcmVzcGVjdGl2ZSBoYXJk d2FyZSBzdHJ1Y3R1cmUgZmllbGQncwp3aWR0aCkuIFRoaXMgd291bGQgYmVj b21lIGEgcHJvYmxlbSB0aGUgbGF0ZXN0IHdoZW4gc29tZXRoaW5nIHJlYWwg c2F0CmF0IHRoZSBlbmQgb2YgdGhlIHBoeXNpY2FsIGFkZHJlc3Mgc3BhY2U7 IEknbSBzdXNwZWN0aW5nIHRob3VnaCB0aGF0Cm90aGVyIHRoaW5ncyBtaWdo dCBicmVhayB3aXRoIHN1Y2ggYm9ndXMgZW50cmllcy4KCkFsb25nIHdpdGgg dGhhdCBkcm9wIGEgYm9ndXMgKGFuZCBvdGhlcndpc2UgYmVjb21pbmcgc3Rh bGUpIGxvZwptZXNzYWdlLgoKQWZhaWN0IHRoZSBzaW1pbGFyIG9wZXJhdGlv biBpbiBwMm1fc2V0X21lbV9hY2Nlc3MoKSBpcyBzYWZlLgoKVGhpcyBpcyBY U0EtOTIuCgpTaWduZWQtb2ZmLWJ5OiBKYW4gQmV1bGljaCA8amJldWxpY2hA c3VzZS5jb20+ClJldmlld2VkLWJ5OiBUaW0gRGVlZ2FuIDx0aW1AeGVuLm9y Zz4KCi0tLSBhL3hlbi9hcmNoL3g4Ni9odm0vaHZtLmMKKysrIGIveGVuL2Fy Y2gveDg2L2h2bS9odm0uYwpAQCAtNDI0NSwxMiArNDI0NSwxMCBAQCBsb25n IGRvX2h2bV9vcCh1bnNpZ25lZCBsb25nIG9wLCBYRU5fR1VFCiAgICAgICAg ICAgICAgICAgcmMgPSAtRUlOVkFMOwogICAgICAgICAgICAgICAgIGdvdG8g cGFyYW1fZmFpbDQ7CiAgICAgICAgICAgICB9IAotICAgICAgICAgICAgaWYg KCBwMm1faXNfZ3JhbnQodCkgKQorICAgICAgICAgICAgaWYgKCAhcDJtX2lz X3JhbSh0KSAmJgorICAgICAgICAgICAgICAgICAoIXAybV9pc19ob2xlKHQp IHx8IGEuaHZtbWVtX3R5cGUgIT0gSFZNTUVNX21taW9fZG0pICkKICAgICAg ICAgICAgIHsKICAgICAgICAgICAgICAgICBwdXRfZ2ZuKGQsIHBmbik7Ci0g ICAgICAgICAgICAgICAgZ2RwcmludGsoWEVOTE9HX1dBUk5JTkcsCi0gICAg ICAgICAgICAgICAgICAgICAgICAgInR5cGUgZm9yIHBmbiAweCVseCBjaGFu Z2VkIHRvIGdyYW50IHdoaWxlICIKLSAgICAgICAgICAgICAgICAgICAgICAg ICAid2Ugd2VyZSB3b3JraW5nP1xuIiwgcGZuKTsKICAgICAgICAgICAgICAg ICBnb3RvIHBhcmFtX2ZhaWw0OwogICAgICAgICAgICAgfQogICAgICAgICAg ICAgZWxzZQo= --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 30 12:18:11 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 30 Apr 2014 12:18:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTRC-0002y5-C7; Wed, 30 Apr 2014 12:16:34 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTRB-0002xl-AM; Wed, 30 Apr 2014 12:16:33 +0000 Received: from [85.158.143.35:48384] by server-2.bemta-4.messagelabs.com id 05/21-06539-0A9E0635; Wed, 30 Apr 2014 12:16:32 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1398860190!1987989!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11061 invoked from network); 30 Apr 2014 12:16:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 30 Apr 2014 12:16:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTQy-0005TD-Ry; Wed, 30 Apr 2014 12:16:20 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WfTQw-0003kR-8R; Wed, 30 Apr 2014 12:16:19 +0000 Date: Wed, 30 Apr 2014 12:16:18 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 91 - Hardware timer context is not properly context switched on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-91 version 2 Hardware timer context is not properly context switched on ARM UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not context switching the CNTKCTL_EL1 register, which is used by the guest kernel to control access by userspace processes to the hardware timers. This meant that any guest can reconfigure these settings for the entire system. IMPACT ====== A malicious guest kernel can reconfigure CNTKCTL_EL1 to block userspace access to the timer hardware for all domains, including control domains. Depending on the other guest kernels in use this may cause an unexpected exception in those guests which may lead to a kernel crash and therefore a denial of service. 64-bit ARM Linux is known to be susceptible to crashing in this way. A malicious guest kernel can also enable userspace access to the timer control registers, which may not be expected by kernels running in other domains. This can allow user processes to reprogram timer interrupts and therefore lead to unexpected behaviour, potentially up to and including crashing the guest. Userspace processes will also be able to read the current timestamp value for the domain perhaps leaking information to those processes. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. CREDITS ======= Chen Baozi discovered this issue as a bug which was then diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa91-unstable.patch xen-unstable xsa91-4.4.patch Xen 4.4.x $ sha256sum xsa91*.patch 8a3dc1f001274550acfe929a0a443b09f8164001f6eea76821bd87292b8732e0 xsa91-4.4.patch 327ccd88f2d9bc21daf51f3e5c81cbae2e779a6f997715d9d0d95285c509ecbd xsa91-unstable.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTYMejAAoJEIP+FMlX6CvZ3oMH/j+7Ln89gf0rvyvwUAwK7EUj AD2fR/OSXQJVs4g0fZDSft4wgsIpbnbvcCl06tK98XAZH8Cyr0burQV4rXgQbM9e rWYRpfy4mWt7RNvwdgeBYecuEYvFIULmMC1hI+eJRtJTrB8UnpCvXLPbFktp2zXP Z+pPjck/dAjS8HKJZckL5ciy9ctTr1R50NmpqvW9FfeZAVhahmbmMiz3A5izQEQ0 BppXWdRad2J5vcR2u8k3uxweUfWM1Yg/eQAmMVvWPS45ceH+UHgqaGngBzWlM9oV SwqCDl0/8DjcQziFnKx5cdYcXfFbTzqV7SP5OzcV2BRoSvGZOVDowaXsqvt1jME= =LkmE -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa91-4.4.patch" Content-Disposition: attachment; filename="xsa91-4.4.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogQ29ycmVjdGx5IHNhdmUvcmVzdG9yZSBDTlRLQ1RMX0VMMQoK Q05US0NUTF9FTDEgaXMgdXNlZCBieSB0aGUgZ3Vlc3QgdG8gY29udHJvbCBh Y2Nlc3MgdG8gdGhlIHRpbWVyIGZyb20KdXNlcnNwYWNlLiAgSXQgdGhlcmVm b3JlIG5lZWRzIHRvIGJlIHNhdmUvcmVzdG9yZWQgYnkgWGVuIGFzIHBhcnQg b2YKdGhlIFZDUFUgc3RhdGUuCgpCeSBkZWZhdWx0IExpbnV4IG9uIEFSTTY0 IGV4cG9zZXMgdGhlIHRpbWVyIHRvIHVzZXJzcGFjZS4gIEZ1cnRoZXJtb3Jl IG9uCkFSTTY0LCBMaW51eCBwcm92aWRlcyBoZWxwZXJzIGluIGEgVkRTTyAo Z2V0dGltZW9mZGF5L19fZG9fZ2V0X3RzcGVjKQp0aGF0IHVzZSB0aGUgdGlt ZXIgY291bnRlci4gIENvbnZlcnNlbHksIGR1cmluZyBDUFUgYnJpbmcgdXAs IFhlbiB3aWxsCnNldCBDTlRLQ1RMX0VMMSB0byAwIChpLmUgZGlzYWxsb3cg dGltZXIgYWNjZXNzIHRvIHRoZSB1c2Vyc3BhY2UpLiAgQXMKYSByZXN1bHQs IGN1cnJlbnRseSwgaWYgZG9tMCBoYXMgMSBWQ1BVIHdoaWNoIGlzIG1pZ3Jh dGVkIHRvIGFub3RoZXIKUENQVSwgaW5pdCBtaWdodCBjcmFzaC4KCkFsdGVy bmF0aXZlbHksIGEgZ3Vlc3QgKG1hbGljaW91cyBvciBub3QpIG1pZ2h0IGRl Y2lkZSB0byBkaXNhYmxlCmFjY2VzcyB0byB0aGUgdGltZXIgZnJvbSB1c2Vy c3BhY2UuICBJZiB0aGUgcmVnaXN0ZXIgaXMgbm90CnNhdmUvcmVzdG9yZWQs IHdoZW4gYSBET00wIFZDUFUgcnVucyBhZ2FpbiwgYSBzaW1pbGFyIGNyYXNo IHdvdWxkCnJlc3VsdC4KCkFsc28sIGRyb3AgQ05US0NUTF9FTDEgaW5pdGlh bGl6YXRpb24gaW4gaW5pdF90aW1lcl9pbnRlcnJ1cHQuICBYZW4Kc2hvdWxk IGxldCB0aGUgZ3Vlc3QgZGVhbCB3aXRoIHRoaXMgcmVnaXN0ZXIuCgpSZXBv cnRlZC1ieTogQ2hlbiBCYW96aSA8YmFvemljaEBnbWFpbC5jb20+ClNpZ25l ZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxsQGxpbmFyby5v cmc+ClNpZ25lZC1vZmYtYnk6IElhbiBKYWNrc29uIDxpYW4uamFja3NvbkBl dS5jaXRyaXguY29tPgpBY2tlZC1ieTogSWFuIENhbXBiZWxsIDxpYW4uY2Ft cGJlbGxAY2l0cml4LmNvbT4KCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0v ZG9tYWluLmMgYi94ZW4vYXJjaC9hcm0vZG9tYWluLmMKaW5kZXggM2E2Y2M1 MC4uZGI0YjYwZCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL2RvbWFpbi5j CisrKyBiL3hlbi9hcmNoL2FybS9kb21haW4uYwpAQCAtNzIsNiArNzIsNyBA QCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF9mcm9tKHN0cnVjdCB2Y3B1ICpw KQogICAgIHAtPmFyY2gudHBpZHJfZWwxID0gUkVBRF9TWVNSRUcoVFBJRFJf RUwxKTsKIAogICAgIC8qIEFyY2ggdGltZXIgKi8KKyAgICBwLT5hcmNoLmNu dGtjdGwgPSBSRUFEX1NZU1JFRzMyKENOVEtDVExfRUwxKTsKICAgICB2aXJ0 X3RpbWVyX3NhdmUocCk7CiAKICAgICBpZiAoIGlzX3B2MzJfZG9tYWluKHAt PmRvbWFpbikgJiYgY3B1X2hhc190aHVtYmVlICkKQEAgLTIyNCw2ICsyMjUs NyBAQCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF90byhzdHJ1Y3QgdmNwdSAq bikKIAogICAgIC8qIFRoaXMgaXMgY291bGQgdHJpZ2dlciBhbiBoYXJkd2Fy ZSBpbnRlcnJ1cHQgZnJvbSB0aGUgdmlydHVhbAogICAgICAqIHRpbWVyLiBU aGUgaW50ZXJydXB0IG5lZWRzIHRvIGJlIGluamVjdGVkIGludG8gdGhlIGd1 ZXN0LiAqLworICAgIFdSSVRFX1NZU1JFRzMyKG4tPmFyY2guY250a2N0bCwg Q05US0NUTF9FTDEpOwogICAgIHZpcnRfdGltZXJfcmVzdG9yZShuKTsKIH0K IApkaWZmIC0tZ2l0IGEveGVuL2FyY2gvYXJtL3RpbWUuYyBiL3hlbi9hcmNo L2FybS90aW1lLmMKaW5kZXggNmJiZTk4MC4uZmNhMTM4NyAxMDA2NDQKLS0t IGEveGVuL2FyY2gvYXJtL3RpbWUuYworKysgYi94ZW4vYXJjaC9hcm0vdGlt ZS5jCkBAIC0yMzQsNyArMjM0LDYgQEAgdm9pZCBfX2NwdWluaXQgaW5pdF90 aW1lcl9pbnRlcnJ1cHQodm9pZCkKIHsKICAgICAvKiBTZW5zaWJsZSBkZWZh dWx0cyAqLwogICAgIFdSSVRFX1NZU1JFRzY0KDAsIENOVFZPRkZfRUwyKTsg ICAgIC8qIE5vIFZNLXNwZWNpZmljIG9mZnNldCAqLwotICAgIFdSSVRFX1NZ U1JFRzMyKDAsIENOVEtDVExfRUwxKTsgICAgIC8qIE5vIHVzZXItbW9kZSBh Y2Nlc3MgKi8KICNpZiBVU0VfSFlQX1RJTUVSCiAgICAgLyogRG8gbm90IGxl dCB0aGUgVk1zIHByb2dyYW0gdGhlIHBoeXNpY2FsIHRpbWVyLCBvbmx5IHJl YWQgdGhlIHBoeXNpY2FsIGNvdW50ZXIgKi8KICAgICBXUklURV9TWVNSRUcz MihDTlRIQ1RMX1BBLCBDTlRIQ1RMX0VMMik7CmRpZmYgLS1naXQgYS94ZW4v aW5jbHVkZS9hc20tYXJtL2RvbWFpbi5oIGIveGVuL2luY2x1ZGUvYXNtLWFy bS9kb21haW4uaAppbmRleCA1MGI5YjU0Li40ZGMxZDVhIDEwMDY0NAotLS0g YS94ZW4vaW5jbHVkZS9hc20tYXJtL2RvbWFpbi5oCisrKyBiL3hlbi9pbmNs dWRlL2FzbS1hcm0vZG9tYWluLmgKQEAgLTI4Myw2ICsyODMsOSBAQCBzdHJ1 Y3QgYXJjaF92Y3B1CiAgICAgICAgIHNwaW5sb2NrX3QgbG9jazsKICAgICB9 IHZnaWM7CiAKKyAgICAvKiBUaW1lciByZWdpc3RlcnMgICovCisgICAgdWlu dDMyX3QgY250a2N0bDsKKwogICAgIHN0cnVjdCB2dGltZXIgcGh5c190aW1l cjsKICAgICBzdHJ1Y3QgdnRpbWVyIHZpcnRfdGltZXI7CiB9ICBfX2NhY2hl bGluZV9hbGlnbmVkOwo= --=separator Content-Type: application/octet-stream; name="xsa91-unstable.patch" Content-Disposition: attachment; filename="xsa91-unstable.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogQ29ycmVjdGx5IHNhdmUvcmVzdG9yZSBDTlRLQ1RMX0VMMQoK Q05US0NUTF9FTDEgaXMgdXNlZCBieSB0aGUgZ3Vlc3QgdG8gY29udHJvbCBh Y2Nlc3MgdG8gdGhlIHRpbWVyIGZyb20KdXNlcnNwYWNlLiAgSXQgdGhlcmVm b3JlIG5lZWRzIHRvIGJlIHNhdmUvcmVzdG9yZWQgYnkgWGVuIGFzIHBhcnQg b2YKdGhlIFZDUFUgc3RhdGUuCgpCeSBkZWZhdWx0IExpbnV4IG9uIEFSTTY0 IGV4cG9zZXMgdGhlIHRpbWVyIHRvIHVzZXJzcGFjZS4gIEZ1cnRoZXJtb3Jl IG9uCkFSTTY0LCBMaW51eCBwcm92aWRlcyBoZWxwZXJzIGluIGEgVkRTTyAo Z2V0dGltZW9mZGF5L19fZG9fZ2V0X3RzcGVjKQp0aGF0IHVzZSB0aGUgdGlt ZXIgY291bnRlci4gIENvbnZlcnNlbHksIGR1cmluZyBDUFUgYnJpbmcgdXAs IFhlbiB3aWxsCnNldCBDTlRLQ1RMX0VMMSB0byAwIChpLmUgZGlzYWxsb3cg dGltZXIgYWNjZXNzIHRvIHRoZSB1c2Vyc3BhY2UpLiAgQXMKYSByZXN1bHQs IGN1cnJlbnRseSwgaWYgZG9tMCBoYXMgMSBWQ1BVIHdoaWNoIGlzIG1pZ3Jh dGVkIHRvIGFub3RoZXIKUENQVSwgaW5pdCBtaWdodCBjcmFzaC4KCkFsdGVy bmF0aXZlbHksIGEgZ3Vlc3QgKG1hbGljaW91cyBvciBub3QpIG1pZ2h0IGRl Y2lkZSB0byBkaXNhYmxlCmFjY2VzcyB0byB0aGUgdGltZXIgZnJvbSB1c2Vy c3BhY2UuICBJZiB0aGUgcmVnaXN0ZXIgaXMgbm90CnNhdmUvcmVzdG9yZWQs IHdoZW4gYSBET00wIFZDUFUgcnVucyBhZ2FpbiwgYSBzaW1pbGFyIGNyYXNo IHdvdWxkCnJlc3VsdC4KCkFsc28sIGRyb3AgQ05US0NUTF9FTDEgaW5pdGlh bGl6YXRpb24gaW4gaW5pdF90aW1lcl9pbnRlcnJ1cHQuICBYZW4Kc2hvdWxk IGxldCB0aGUgZ3Vlc3QgZGVhbCB3aXRoIHRoaXMgcmVnaXN0ZXIuCgpSZXBv cnRlZC1ieTogQ2hlbiBCYW96aSA8YmFvemljaEBnbWFpbC5jb20+ClNpZ25l ZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxsQGxpbmFyby5v cmc+ClNpZ25lZC1vZmYtYnk6IElhbiBKYWNrc29uIDxpYW4uamFja3NvbkBl dS5jaXRyaXguY29tPgpBY2tlZC1ieTogSWFuIENhbXBiZWxsIDxpYW4uY2Ft cGJlbGxAY2l0cml4LmNvbT4KCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0v ZG9tYWluLmMgYi94ZW4vYXJjaC9hcm0vZG9tYWluLmMKaW5kZXggM2E2Y2M1 MC4uZGI0YjYwZCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL2RvbWFpbi5j CisrKyBiL3hlbi9hcmNoL2FybS9kb21haW4uYwpAQCAtNzMsNiArNzMsNyBA QCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF9mcm9tKHN0cnVjdCB2Y3B1ICpw KQogICAgIHAtPmFyY2gudHBpZHJfZWwxID0gUkVBRF9TWVNSRUcoVFBJRFJf RUwxKTsKIAogICAgIC8qIEFyY2ggdGltZXIgKi8KKyAgICBwLT5hcmNoLmNu dGtjdGwgPSBSRUFEX1NZU1JFRzMyKENOVEtDVExfRUwxKTsKICAgICB2aXJ0 X3RpbWVyX3NhdmUocCk7CiAKICAgICBpZiAoIGlzXzMyYml0X2RvbWFpbihw LT5kb21haW4pICYmIGNwdV9oYXNfdGh1bWJlZSApCkBAIC0yMDksNiArMjEw LDcgQEAgc3RhdGljIHZvaWQgY3R4dF9zd2l0Y2hfdG8oc3RydWN0IHZjcHUg Km4pCiAKICAgICAvKiBUaGlzIGlzIGNvdWxkIHRyaWdnZXIgYW4gaGFyZHdh cmUgaW50ZXJydXB0IGZyb20gdGhlIHZpcnR1YWwKICAgICAgKiB0aW1lci4g VGhlIGludGVycnVwdCBuZWVkcyB0byBiZSBpbmplY3RlZCBpbnRvIHRoZSBn dWVzdC4gKi8KKyAgICBXUklURV9TWVNSRUczMihuLT5hcmNoLmNudGtjdGws IENOVEtDVExfRUwxKTsKICAgICB2aXJ0X3RpbWVyX3Jlc3RvcmUobik7CiB9 CiAKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90aW1lLmMgYi94ZW4vYXJj aC9hcm0vdGltZS5jCmluZGV4IDZiYmU5ODAuLmZjYTEzODcgMTAwNjQ0Ci0t LSBhL3hlbi9hcmNoL2FybS90aW1lLmMKKysrIGIveGVuL2FyY2gvYXJtL3Rp bWUuYwpAQCAtMjIzLDcgKzIyMyw2IEBAIHZvaWQgX19jcHVpbml0IGluaXRf dGltZXJfaW50ZXJydXB0KHZvaWQpCiB7CiAgICAgLyogU2Vuc2libGUgZGVm YXVsdHMgKi8KICAgICBXUklURV9TWVNSRUc2NCgwLCBDTlRWT0ZGX0VMMik7 ICAgICAvKiBObyBWTS1zcGVjaWZpYyBvZmZzZXQgKi8KLSAgICBXUklURV9T WVNSRUczMigwLCBDTlRLQ1RMX0VMMSk7ICAgICAvKiBObyB1c2VyLW1vZGUg YWNjZXNzICovCiAjaWYgVVNFX0hZUF9USU1FUgogICAgIC8qIERvIG5vdCBs ZXQgdGhlIFZNcyBwcm9ncmFtIHRoZSBwaHlzaWNhbCB0aW1lciwgb25seSBy ZWFkIHRoZSBwaHlzaWNhbCBjb3VudGVyICovCiAgICAgV1JJVEVfU1lTUkVH MzIoQ05USENUTF9QQSwgQ05USENUTF9FTDIpOwpkaWZmIC0tZ2l0IGEveGVu L2luY2x1ZGUvYXNtLWFybS9kb21haW4uaCBiL3hlbi9pbmNsdWRlL2FzbS1h cm0vZG9tYWluLmgKaW5kZXggNTBiOWI1NC4uNGRjMWQ1YSAxMDA2NDQKLS0t IGEveGVuL2luY2x1ZGUvYXNtLWFybS9kb21haW4uaAorKysgYi94ZW4vaW5j bHVkZS9hc20tYXJtL2RvbWFpbi5oCkBAIC0yODksNiArMjg5LDkgQEAgc3Ry dWN0IGFyY2hfdmNwdQogICAgICAgICBzcGlubG9ja190IGxvY2s7CiAgICAg fSB2Z2ljOwogCisgICAgLyogVGltZXIgcmVnaXN0ZXJzICAqLworICAgIHVp bnQzMl90IGNudGtjdGw7CisKICAgICBzdHJ1Y3QgdnRpbWVyIHBoeXNfdGlt ZXI7CiAgICAgc3RydWN0IHZ0aW1lciB2aXJ0X3RpbWVyOwogfSAgX19jYWNo ZWxpbmVfYWxpZ25lZDsK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator-- From xen-announce-bounces@lists.xen.org Wed Apr 30 12:18:11 2014 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 30 Apr 2014 12:18:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTRC-0002y5-C7; Wed, 30 Apr 2014 12:16:34 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTRB-0002xl-AM; Wed, 30 Apr 2014 12:16:33 +0000 Received: from [85.158.143.35:48384] by server-2.bemta-4.messagelabs.com id 05/21-06539-0A9E0635; Wed, 30 Apr 2014 12:16:32 +0000 X-Env-Sender: iwj@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1398860190!1987989!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11061 invoked from network); 30 Apr 2014 12:16:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 30 Apr 2014 12:16:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WfTQy-0005TD-Ry; Wed, 30 Apr 2014 12:16:20 +0000 Received: from iwj by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1WfTQw-0003kR-8R; Wed, 30 Apr 2014 12:16:19 +0000 Date: Wed, 30 Apr 2014 12:16:18 +0000 Message-Id: Content-Type: multipart/mixed; boundary="=separator"; charset="utf-8" Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) To: xen-announce@lists.xen.org, xen-devel@lists.xen.org, xen-users@lists.xen.org, oss-security@lists.openwall.com From: Xen.org security team Cc: "Xen.org security team" Subject: [Xen-announce] Xen Security Advisory 91 - Hardware timer context is not properly context switched on ARM X-BeenThere: xen-announce@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Xen announcements \(low volume\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-announce-bounces@lists.xen.org Errors-To: xen-announce-bounces@lists.xen.org --=separator Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory XSA-91 version 2 Hardware timer context is not properly context switched on ARM UPDATES IN VERSION 2 ==================== Public release. ISSUE DESCRIPTION ================= When running on an ARM platform Xen was not context switching the CNTKCTL_EL1 register, which is used by the guest kernel to control access by userspace processes to the hardware timers. This meant that any guest can reconfigure these settings for the entire system. IMPACT ====== A malicious guest kernel can reconfigure CNTKCTL_EL1 to block userspace access to the timer hardware for all domains, including control domains. Depending on the other guest kernels in use this may cause an unexpected exception in those guests which may lead to a kernel crash and therefore a denial of service. 64-bit ARM Linux is known to be susceptible to crashing in this way. A malicious guest kernel can also enable userspace access to the timer control registers, which may not be expected by kernels running in other domains. This can allow user processes to reprogram timer interrupts and therefore lead to unexpected behaviour, potentially up to and including crashing the guest. Userspace processes will also be able to read the current timestamp value for the domain perhaps leaking information to those processes. VULNERABLE SYSTEMS ================== Both 32- and 64-bit ARM systems are vulnerable from Xen 4.4 onwards. x86 systems are not vulnerable. MITIGATION ========== None. CREDITS ======= Chen Baozi discovered this issue as a bug which was then diagnosed by Julien Grall. RESOLUTION ========== Applying the appropriate attached patch resolves this issue. xsa91-unstable.patch xen-unstable xsa91-4.4.patch Xen 4.4.x $ sha256sum xsa91*.patch 8a3dc1f001274550acfe929a0a443b09f8164001f6eea76821bd87292b8732e0 xsa91-4.4.patch 327ccd88f2d9bc21daf51f3e5c81cbae2e779a6f997715d9d0d95285c509ecbd xsa91-unstable.patch $ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJTYMejAAoJEIP+FMlX6CvZ3oMH/j+7Ln89gf0rvyvwUAwK7EUj AD2fR/OSXQJVs4g0fZDSft4wgsIpbnbvcCl06tK98XAZH8Cyr0burQV4rXgQbM9e rWYRpfy4mWt7RNvwdgeBYecuEYvFIULmMC1hI+eJRtJTrB8UnpCvXLPbFktp2zXP Z+pPjck/dAjS8HKJZckL5ciy9ctTr1R50NmpqvW9FfeZAVhahmbmMiz3A5izQEQ0 BppXWdRad2J5vcR2u8k3uxweUfWM1Yg/eQAmMVvWPS45ceH+UHgqaGngBzWlM9oV SwqCDl0/8DjcQziFnKx5cdYcXfFbTzqV7SP5OzcV2BRoSvGZOVDowaXsqvt1jME= =LkmE -----END PGP SIGNATURE----- --=separator Content-Type: application/octet-stream; name="xsa91-4.4.patch" Content-Disposition: attachment; filename="xsa91-4.4.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogQ29ycmVjdGx5IHNhdmUvcmVzdG9yZSBDTlRLQ1RMX0VMMQoK Q05US0NUTF9FTDEgaXMgdXNlZCBieSB0aGUgZ3Vlc3QgdG8gY29udHJvbCBh Y2Nlc3MgdG8gdGhlIHRpbWVyIGZyb20KdXNlcnNwYWNlLiAgSXQgdGhlcmVm b3JlIG5lZWRzIHRvIGJlIHNhdmUvcmVzdG9yZWQgYnkgWGVuIGFzIHBhcnQg b2YKdGhlIFZDUFUgc3RhdGUuCgpCeSBkZWZhdWx0IExpbnV4IG9uIEFSTTY0 IGV4cG9zZXMgdGhlIHRpbWVyIHRvIHVzZXJzcGFjZS4gIEZ1cnRoZXJtb3Jl IG9uCkFSTTY0LCBMaW51eCBwcm92aWRlcyBoZWxwZXJzIGluIGEgVkRTTyAo Z2V0dGltZW9mZGF5L19fZG9fZ2V0X3RzcGVjKQp0aGF0IHVzZSB0aGUgdGlt ZXIgY291bnRlci4gIENvbnZlcnNlbHksIGR1cmluZyBDUFUgYnJpbmcgdXAs IFhlbiB3aWxsCnNldCBDTlRLQ1RMX0VMMSB0byAwIChpLmUgZGlzYWxsb3cg dGltZXIgYWNjZXNzIHRvIHRoZSB1c2Vyc3BhY2UpLiAgQXMKYSByZXN1bHQs IGN1cnJlbnRseSwgaWYgZG9tMCBoYXMgMSBWQ1BVIHdoaWNoIGlzIG1pZ3Jh dGVkIHRvIGFub3RoZXIKUENQVSwgaW5pdCBtaWdodCBjcmFzaC4KCkFsdGVy bmF0aXZlbHksIGEgZ3Vlc3QgKG1hbGljaW91cyBvciBub3QpIG1pZ2h0IGRl Y2lkZSB0byBkaXNhYmxlCmFjY2VzcyB0byB0aGUgdGltZXIgZnJvbSB1c2Vy c3BhY2UuICBJZiB0aGUgcmVnaXN0ZXIgaXMgbm90CnNhdmUvcmVzdG9yZWQs IHdoZW4gYSBET00wIFZDUFUgcnVucyBhZ2FpbiwgYSBzaW1pbGFyIGNyYXNo IHdvdWxkCnJlc3VsdC4KCkFsc28sIGRyb3AgQ05US0NUTF9FTDEgaW5pdGlh bGl6YXRpb24gaW4gaW5pdF90aW1lcl9pbnRlcnJ1cHQuICBYZW4Kc2hvdWxk IGxldCB0aGUgZ3Vlc3QgZGVhbCB3aXRoIHRoaXMgcmVnaXN0ZXIuCgpSZXBv cnRlZC1ieTogQ2hlbiBCYW96aSA8YmFvemljaEBnbWFpbC5jb20+ClNpZ25l ZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxsQGxpbmFyby5v cmc+ClNpZ25lZC1vZmYtYnk6IElhbiBKYWNrc29uIDxpYW4uamFja3NvbkBl dS5jaXRyaXguY29tPgpBY2tlZC1ieTogSWFuIENhbXBiZWxsIDxpYW4uY2Ft cGJlbGxAY2l0cml4LmNvbT4KCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0v ZG9tYWluLmMgYi94ZW4vYXJjaC9hcm0vZG9tYWluLmMKaW5kZXggM2E2Y2M1 MC4uZGI0YjYwZCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL2RvbWFpbi5j CisrKyBiL3hlbi9hcmNoL2FybS9kb21haW4uYwpAQCAtNzIsNiArNzIsNyBA QCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF9mcm9tKHN0cnVjdCB2Y3B1ICpw KQogICAgIHAtPmFyY2gudHBpZHJfZWwxID0gUkVBRF9TWVNSRUcoVFBJRFJf RUwxKTsKIAogICAgIC8qIEFyY2ggdGltZXIgKi8KKyAgICBwLT5hcmNoLmNu dGtjdGwgPSBSRUFEX1NZU1JFRzMyKENOVEtDVExfRUwxKTsKICAgICB2aXJ0 X3RpbWVyX3NhdmUocCk7CiAKICAgICBpZiAoIGlzX3B2MzJfZG9tYWluKHAt PmRvbWFpbikgJiYgY3B1X2hhc190aHVtYmVlICkKQEAgLTIyNCw2ICsyMjUs NyBAQCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF90byhzdHJ1Y3QgdmNwdSAq bikKIAogICAgIC8qIFRoaXMgaXMgY291bGQgdHJpZ2dlciBhbiBoYXJkd2Fy ZSBpbnRlcnJ1cHQgZnJvbSB0aGUgdmlydHVhbAogICAgICAqIHRpbWVyLiBU aGUgaW50ZXJydXB0IG5lZWRzIHRvIGJlIGluamVjdGVkIGludG8gdGhlIGd1 ZXN0LiAqLworICAgIFdSSVRFX1NZU1JFRzMyKG4tPmFyY2guY250a2N0bCwg Q05US0NUTF9FTDEpOwogICAgIHZpcnRfdGltZXJfcmVzdG9yZShuKTsKIH0K IApkaWZmIC0tZ2l0IGEveGVuL2FyY2gvYXJtL3RpbWUuYyBiL3hlbi9hcmNo L2FybS90aW1lLmMKaW5kZXggNmJiZTk4MC4uZmNhMTM4NyAxMDA2NDQKLS0t IGEveGVuL2FyY2gvYXJtL3RpbWUuYworKysgYi94ZW4vYXJjaC9hcm0vdGlt ZS5jCkBAIC0yMzQsNyArMjM0LDYgQEAgdm9pZCBfX2NwdWluaXQgaW5pdF90 aW1lcl9pbnRlcnJ1cHQodm9pZCkKIHsKICAgICAvKiBTZW5zaWJsZSBkZWZh dWx0cyAqLwogICAgIFdSSVRFX1NZU1JFRzY0KDAsIENOVFZPRkZfRUwyKTsg ICAgIC8qIE5vIFZNLXNwZWNpZmljIG9mZnNldCAqLwotICAgIFdSSVRFX1NZ U1JFRzMyKDAsIENOVEtDVExfRUwxKTsgICAgIC8qIE5vIHVzZXItbW9kZSBh Y2Nlc3MgKi8KICNpZiBVU0VfSFlQX1RJTUVSCiAgICAgLyogRG8gbm90IGxl dCB0aGUgVk1zIHByb2dyYW0gdGhlIHBoeXNpY2FsIHRpbWVyLCBvbmx5IHJl YWQgdGhlIHBoeXNpY2FsIGNvdW50ZXIgKi8KICAgICBXUklURV9TWVNSRUcz MihDTlRIQ1RMX1BBLCBDTlRIQ1RMX0VMMik7CmRpZmYgLS1naXQgYS94ZW4v aW5jbHVkZS9hc20tYXJtL2RvbWFpbi5oIGIveGVuL2luY2x1ZGUvYXNtLWFy bS9kb21haW4uaAppbmRleCA1MGI5YjU0Li40ZGMxZDVhIDEwMDY0NAotLS0g YS94ZW4vaW5jbHVkZS9hc20tYXJtL2RvbWFpbi5oCisrKyBiL3hlbi9pbmNs dWRlL2FzbS1hcm0vZG9tYWluLmgKQEAgLTI4Myw2ICsyODMsOSBAQCBzdHJ1 Y3QgYXJjaF92Y3B1CiAgICAgICAgIHNwaW5sb2NrX3QgbG9jazsKICAgICB9 IHZnaWM7CiAKKyAgICAvKiBUaW1lciByZWdpc3RlcnMgICovCisgICAgdWlu dDMyX3QgY250a2N0bDsKKwogICAgIHN0cnVjdCB2dGltZXIgcGh5c190aW1l cjsKICAgICBzdHJ1Y3QgdnRpbWVyIHZpcnRfdGltZXI7CiB9ICBfX2NhY2hl bGluZV9hbGlnbmVkOwo= --=separator Content-Type: application/octet-stream; name="xsa91-unstable.patch" Content-Disposition: attachment; filename="xsa91-unstable.patch" Content-Transfer-Encoding: base64 eGVuL2FybTogQ29ycmVjdGx5IHNhdmUvcmVzdG9yZSBDTlRLQ1RMX0VMMQoK Q05US0NUTF9FTDEgaXMgdXNlZCBieSB0aGUgZ3Vlc3QgdG8gY29udHJvbCBh Y2Nlc3MgdG8gdGhlIHRpbWVyIGZyb20KdXNlcnNwYWNlLiAgSXQgdGhlcmVm b3JlIG5lZWRzIHRvIGJlIHNhdmUvcmVzdG9yZWQgYnkgWGVuIGFzIHBhcnQg b2YKdGhlIFZDUFUgc3RhdGUuCgpCeSBkZWZhdWx0IExpbnV4IG9uIEFSTTY0 IGV4cG9zZXMgdGhlIHRpbWVyIHRvIHVzZXJzcGFjZS4gIEZ1cnRoZXJtb3Jl IG9uCkFSTTY0LCBMaW51eCBwcm92aWRlcyBoZWxwZXJzIGluIGEgVkRTTyAo Z2V0dGltZW9mZGF5L19fZG9fZ2V0X3RzcGVjKQp0aGF0IHVzZSB0aGUgdGlt ZXIgY291bnRlci4gIENvbnZlcnNlbHksIGR1cmluZyBDUFUgYnJpbmcgdXAs IFhlbiB3aWxsCnNldCBDTlRLQ1RMX0VMMSB0byAwIChpLmUgZGlzYWxsb3cg dGltZXIgYWNjZXNzIHRvIHRoZSB1c2Vyc3BhY2UpLiAgQXMKYSByZXN1bHQs IGN1cnJlbnRseSwgaWYgZG9tMCBoYXMgMSBWQ1BVIHdoaWNoIGlzIG1pZ3Jh dGVkIHRvIGFub3RoZXIKUENQVSwgaW5pdCBtaWdodCBjcmFzaC4KCkFsdGVy bmF0aXZlbHksIGEgZ3Vlc3QgKG1hbGljaW91cyBvciBub3QpIG1pZ2h0IGRl Y2lkZSB0byBkaXNhYmxlCmFjY2VzcyB0byB0aGUgdGltZXIgZnJvbSB1c2Vy c3BhY2UuICBJZiB0aGUgcmVnaXN0ZXIgaXMgbm90CnNhdmUvcmVzdG9yZWQs IHdoZW4gYSBET00wIFZDUFUgcnVucyBhZ2FpbiwgYSBzaW1pbGFyIGNyYXNo IHdvdWxkCnJlc3VsdC4KCkFsc28sIGRyb3AgQ05US0NUTF9FTDEgaW5pdGlh bGl6YXRpb24gaW4gaW5pdF90aW1lcl9pbnRlcnJ1cHQuICBYZW4Kc2hvdWxk IGxldCB0aGUgZ3Vlc3QgZGVhbCB3aXRoIHRoaXMgcmVnaXN0ZXIuCgpSZXBv cnRlZC1ieTogQ2hlbiBCYW96aSA8YmFvemljaEBnbWFpbC5jb20+ClNpZ25l ZC1vZmYtYnk6IEp1bGllbiBHcmFsbCA8anVsaWVuLmdyYWxsQGxpbmFyby5v cmc+ClNpZ25lZC1vZmYtYnk6IElhbiBKYWNrc29uIDxpYW4uamFja3NvbkBl dS5jaXRyaXguY29tPgpBY2tlZC1ieTogSWFuIENhbXBiZWxsIDxpYW4uY2Ft cGJlbGxAY2l0cml4LmNvbT4KCmRpZmYgLS1naXQgYS94ZW4vYXJjaC9hcm0v ZG9tYWluLmMgYi94ZW4vYXJjaC9hcm0vZG9tYWluLmMKaW5kZXggM2E2Y2M1 MC4uZGI0YjYwZCAxMDA2NDQKLS0tIGEveGVuL2FyY2gvYXJtL2RvbWFpbi5j CisrKyBiL3hlbi9hcmNoL2FybS9kb21haW4uYwpAQCAtNzMsNiArNzMsNyBA QCBzdGF0aWMgdm9pZCBjdHh0X3N3aXRjaF9mcm9tKHN0cnVjdCB2Y3B1ICpw KQogICAgIHAtPmFyY2gudHBpZHJfZWwxID0gUkVBRF9TWVNSRUcoVFBJRFJf RUwxKTsKIAogICAgIC8qIEFyY2ggdGltZXIgKi8KKyAgICBwLT5hcmNoLmNu dGtjdGwgPSBSRUFEX1NZU1JFRzMyKENOVEtDVExfRUwxKTsKICAgICB2aXJ0 X3RpbWVyX3NhdmUocCk7CiAKICAgICBpZiAoIGlzXzMyYml0X2RvbWFpbihw LT5kb21haW4pICYmIGNwdV9oYXNfdGh1bWJlZSApCkBAIC0yMDksNiArMjEw LDcgQEAgc3RhdGljIHZvaWQgY3R4dF9zd2l0Y2hfdG8oc3RydWN0IHZjcHUg Km4pCiAKICAgICAvKiBUaGlzIGlzIGNvdWxkIHRyaWdnZXIgYW4gaGFyZHdh cmUgaW50ZXJydXB0IGZyb20gdGhlIHZpcnR1YWwKICAgICAgKiB0aW1lci4g VGhlIGludGVycnVwdCBuZWVkcyB0byBiZSBpbmplY3RlZCBpbnRvIHRoZSBn dWVzdC4gKi8KKyAgICBXUklURV9TWVNSRUczMihuLT5hcmNoLmNudGtjdGws IENOVEtDVExfRUwxKTsKICAgICB2aXJ0X3RpbWVyX3Jlc3RvcmUobik7CiB9 CiAKZGlmZiAtLWdpdCBhL3hlbi9hcmNoL2FybS90aW1lLmMgYi94ZW4vYXJj aC9hcm0vdGltZS5jCmluZGV4IDZiYmU5ODAuLmZjYTEzODcgMTAwNjQ0Ci0t LSBhL3hlbi9hcmNoL2FybS90aW1lLmMKKysrIGIveGVuL2FyY2gvYXJtL3Rp bWUuYwpAQCAtMjIzLDcgKzIyMyw2IEBAIHZvaWQgX19jcHVpbml0IGluaXRf dGltZXJfaW50ZXJydXB0KHZvaWQpCiB7CiAgICAgLyogU2Vuc2libGUgZGVm YXVsdHMgKi8KICAgICBXUklURV9TWVNSRUc2NCgwLCBDTlRWT0ZGX0VMMik7 ICAgICAvKiBObyBWTS1zcGVjaWZpYyBvZmZzZXQgKi8KLSAgICBXUklURV9T WVNSRUczMigwLCBDTlRLQ1RMX0VMMSk7ICAgICAvKiBObyB1c2VyLW1vZGUg YWNjZXNzICovCiAjaWYgVVNFX0hZUF9USU1FUgogICAgIC8qIERvIG5vdCBs ZXQgdGhlIFZNcyBwcm9ncmFtIHRoZSBwaHlzaWNhbCB0aW1lciwgb25seSBy ZWFkIHRoZSBwaHlzaWNhbCBjb3VudGVyICovCiAgICAgV1JJVEVfU1lTUkVH MzIoQ05USENUTF9QQSwgQ05USENUTF9FTDIpOwpkaWZmIC0tZ2l0IGEveGVu L2luY2x1ZGUvYXNtLWFybS9kb21haW4uaCBiL3hlbi9pbmNsdWRlL2FzbS1h cm0vZG9tYWluLmgKaW5kZXggNTBiOWI1NC4uNGRjMWQ1YSAxMDA2NDQKLS0t IGEveGVuL2luY2x1ZGUvYXNtLWFybS9kb21haW4uaAorKysgYi94ZW4vaW5j bHVkZS9hc20tYXJtL2RvbWFpbi5oCkBAIC0yODksNiArMjg5LDkgQEAgc3Ry dWN0IGFyY2hfdmNwdQogICAgICAgICBzcGlubG9ja190IGxvY2s7CiAgICAg fSB2Z2ljOwogCisgICAgLyogVGltZXIgcmVnaXN0ZXJzICAqLworICAgIHVp bnQzMl90IGNudGtjdGw7CisKICAgICBzdHJ1Y3QgdnRpbWVyIHBoeXNfdGlt ZXI7CiAgICAgc3RydWN0IHZ0aW1lciB2aXJ0X3RpbWVyOwogfSAgX19jYWNo ZWxpbmVfYWxpZ25lZDsK --=separator Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-announce mailing list Xen-announce@lists.xen.org http://lists.xen.org/xen-announce --=separator--