patch #1 ~ #9 prepare for fix CVEs patch #10 ~ #14 fixes: CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 Juergen Gross (14): xen/netback: avoid race in xenvif_rx_ring_slots_available() xen: sync include/xen/interface/io/ring.h with Xen's newest version xen/blkfront: read response from backend only once xen/blkfront: don't take local copy of a request from the ring page xen/blkfront: don't trust the backend response data blindly xen/netfront: read response from backend only once xen/netfront: don't read data from request on the ring page xen/netfront: disentangle tx_skb_freelist xen/netfront: don't trust the backend response data blindly xen/blkfront: harden blkfront against event channel storms xen/netfront: harden netfront against event channel storms xen/console: harden hvc_xen against event channel storms xen/netback: fix rx queue stall detection xen/netback: don't queue unlimited number of packages drivers/block/xen-blkfront.c | 141 ++++++++---- drivers/net/xen-netback/common.h | 1 + drivers/net/xen-netback/rx.c | 70 ++++-- drivers/net/xen-netfront.c | 372 ++++++++++++++++++++----------- drivers/tty/hvc/hvc_xen.c | 30 ++- include/xen/interface/io/ring.h | 293 +++++++++++++----------- 6 files changed, 575 insertions(+), 332 deletions(-) -- 2.25.1