There are no XSAs because altp2m isn't security supported. However, it would be very nice to have it in a less broken state for 4.12.
Overall the risk of regression to other parts of Xen is minimal, as most of these changes are only in altp2m-enabled paths. Andrew Cooper (4): xen/common: Break domain_unmap_resources() out of domain_kill() x86/altp2m: Rework #VE enable/disable paths x86/vmx: Fix security issue when a guest balloons out the #VE info page x86/vmx: Properly flush the TLB when an altp2m is modified xen/arch/x86/domain.c | 7 ++++ xen/arch/x86/hvm/hvm.c | 19 ++-------- xen/arch/x86/hvm/vmx/vmx.c | 69 ++++++++++++++++++++++++------------ xen/arch/x86/mm/altp2m.c | 80 +++++++++++++++++++++++++++++++++++------- xen/common/domain.c | 16 +++++++-- xen/include/asm-x86/altp2m.h | 4 ++- xen/include/asm-x86/domain.h | 3 ++ xen/include/asm-x86/hvm/vcpu.h | 7 +++- xen/include/xen/domain.h | 4 +++ 9 files changed, 153 insertions(+), 56 deletions(-) -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
