4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 4a28bfe3267b68e22c663ac26185aa16c9b879ef upstream
Combine the various logic which goes through all those
x86_cpu_id matching structures in one function.
Suggested-
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Linus Torvalds
commit 1aa7a5735a41418d8e01fa7c9565eb2657e2ea3f upstream
The macro is not type safe and I did look for why that "g" constraint for
the asm doesn't work: it's because the asm is m
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 1b86883ccb8d5d9506529d42dbe1a5257cb30b18 upstream
The 336996-Speculative-Execution-Side-Channel-Mitigations.pdf refers to all
the other bits as reserved. The Intel
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit d1059518b4789cabe34bb4b714d07e6089c82ca1 upstream
Those SysFS functions have a similar preamble, as such make common
code to handle them.
Suggested-by: Borislav Pe
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 0cc5fa00b0a88dad140b4e5c2cead9951ad36822 upstream
Add the CPU feature bit CPUID.7.0.EDX[31] which indicates whether the CPU
supports Reduced Data Speculation.
[ tg
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 772439717dbf703b39990be58d8d4e3e4ad0598a upstream
Intel CPUs expose methods to:
- Detect whether RDS capability is available via CPUID.7.0.EDX[31],
- The SPEC_C
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 24f7fc83b9204d20f878c57cb77d261ae825e033 upstream
Contemporary high performance processors use a common industry-wide
optimization known as "Speculative Store Bypas
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 1115a859f33276fe8afb31c60cf9d8e657872558 upstream
Intel and AMD SPEC_CTRL (0x48) MSR semantics may differ in the
future (or in fact use different MSRs for the same
On Mon, May 21, 2018 at 2:57 PM, Yisheng Xie wrote:
> Andy introduce helper function match_string() which can be used to return
> the index of array for a matching string. so we can use it in many places
> intead of open coded variant.
You forgot to Cc that Andy.
For the patches I didn't comment
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Nicholas Piggin
commit c1d2a31397ec51f0370f6bd17b19b39152c263cb upstream.
Similarly to opal_event_shutdown, opal_nvram_write can be called in
the crash path with irqs disabled. Special case the
Hi,
On May 21 2018 20:58, Yisheng Xie wrote:
match_string() returns the index of an array for a matching string,
which can be used intead of open coded variant.
Cc: Clemens Ladisch
Cc: Jaroslav Kysela
Cc: Takashi Iwai
Cc: alsa-de...@alsa-project.org
Signed-off-by: Yisheng Xie
---
sound/fi
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
commit ab1e8d8960b68f54af42b6484b5950bd13a4054b upstream.
It is unsafe to do virtual to physical translations before mm_init() is
called if struct page is needed in order to dete
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 28a2775217b17208811fa43a9e96bd1fdf417b86 upstream
Having everything in nospec-branch.h creates a hell of dependencies when
adding the prctl based switching mechanism. Mov
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit b617cfc858161140d69cc0b5cc211996b557a1c7 upstream
Add two new prctls to control aspects of speculation related vulnerabilites
and their mitigations to provide finer grain
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Julian Wiedmann
commit e521813468f786271a87e78e8644243bead48fad upstream.
Ever since CQ/QAOB support was added, calling qdio_free() straight after
qdio_alloc() results in qdio_release_memory()
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Julian Wiedmann
commit 2e68adcd2fb21b7188ba449f0fab3bee2910e500 upstream.
Calling qdio_release_memory() on error is just plain wrong. It frees
the main qdio_irq struct, when following code stil
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kyle Huey
commit b9894a2f5bd18b1691cb6872c9afe32b148d0132 upstream
The debug control MSR is "highly magical" as the blockstep bit can be
cleared by hardware under not well documented circumstan
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Dave Hansen
commit 0a0b152083cfc44ec1bb599b57b7aab41327f998 upstream.
I got a bug report that the following code (roughly) was
causing a SIGSEGV:
mprotect(ptr, size, PROT_EXEC);
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Martin Schwidefsky
commit 9f18fff63cfd6f559daa1eaae60640372c65f84b upstream.
The inline assembly to call __do_softirq on the irq stack uses
an indirect branch. This can be replaced with a norma
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 885f82bfbc6fefb6664ea27965c3ab9ac4194b8c upstream
The Speculative Store Bypass vulnerability can be mitigated with the
Reduced Data Speculation (RDS) feature. To allow fi
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
> + int ret = match_string(bq_mode_name, ARRAY_SIZE(bq_mode_name), name);
Rather split and move an assignment to the
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit f21b53b20c754021935ea43364dbf53778eeba32 upstream
Unless explicitly opted out of, anything running under seccomp will have
SSB mitigations enabled. Choosing the "prctl" mode wi
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
> static int max98088_get_channel(struct snd_soc_component *component, const
> char *name)
> {
> + int ret = match_
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 8bf37d8c067bb7eb8e7c381bdadf9bd89182b6bc upstream
The migitation control is simpler to implement in architecture code as it
avoids the extra function call to check the mo
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit e96f46ee8587607a828f783daa6eb5b44d25004d upstream
The style for the 'status' file is CamelCase or this. _.
Fixes: fae1fa0fc ("proc: Provide details on speculation
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit d66d8ff3d21667b41eddbe86b35ab411e40d8c5f upstream
__ssb_select_mitigation() returns one of the members of enum ssb_mitigation,
not ssb_mitigation_cmd; fix the prototype to re
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Jiri Kosina
commit 7bb4d366cba992904bffa4820d24e70a3de93e76 upstream
cpu_show_common() is not used outside of arch/x86/kernel/cpu/bugs.c, so
make it static.
Signed-off-by: Jiri Kosina
Signed-
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 15e6c22fd8e5a42c5ed6d487b7c9fe44c2517765 upstream
svm_vcpu_run() invokes x86_spec_ctrl_restore_host() after VMEXIT, but
before the host GS is restored. x86_spec_ctrl_rest
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Borislav Petkov
commit dd0792699c4058e63c0715d9a7c2d40226fcdddc upstream
Fix some typos, improve formulations, end sentences with a fullstop.
Signed-off-by: Borislav Petkov
Signed-off-by: Tho
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
>
> Cc: Clemens Ladisch
> Cc: Jaroslav Kysela
> Cc: Takashi Iwai
> Cc: alsa-de...@alsa-project.org
> Signed-off-by: Yisheng
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 7eb8956a7fec3c1f0abc2a5517dada99ccc8a961 upstream
The availability of the SPEC_CTRL MSR is enumerated by a CPUID bit on
Intel and implied by IBRS or STIBP support on AMD.
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit d1035d971829dcf80e8686ccde26f94b0a069472 upstream
Add a ZEN feature bit so family-dependent static_cpu_has() optimizations
can be built for ZEN.
Signed-off-by: Thomas Gl
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 52817587e706686fcdb27f14c1b000c92f266c96 upstream
The SSBD enumeration is similarly to the other bits magically shared
between Intel and AMD though the mechanisms are dif
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit ccbcd2674472a978b48c91c1fbfb66c0ff959f24 upstream
AMD is proposing a VIRT_SPEC_CTRL MSR to handle the Speculative Store
Bypass Disable via MSR_AMD64_LS_CFG so that guests
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Tom Lendacky
commit 11fb0683493b2da112cd64c9dada221b52463bf7 upstream
Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a
On Mon, May 21, 2018 at 09:56:11AM -0700, Jesse Brandeburg wrote:
> On Mon, 21 May 2018 17:04:31 +0800 Jason wrote:
> > This patch implement build XDP buffers in vhost_net. The idea is do
> > userspace copy in vhost_net and build XDP buff based on the
> > page. Vhost_net can then submit one or an a
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit 7bbf1373e228840bb0295a2ca26d548ef37f448e upstream
Adjust arch_prctl_get/set_spec_ctrl() to operate on tasks other than
current.
This is needed both for /proc/$pid/status queri
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 0270be3e34efb05a88bc4c422572ece038ef3608 upstream
The upcoming support for the virtual SPEC_CTRL MSR on AMD needs to reuse
speculative_store_bypass_update() to avoid code
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Borislav Petkov
commit cc69b34989210f067b2c51d5539b5f96ebcc3a01 upstream
Function bodies are very similar and are going to grow more almost
identical code. Add a bool arg to determine whether S
On Mon, May 21, 2018 at 2:57 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
> - int err, i;
> + int ret;
int err;
would still work.
--
With Best Regards,
Andy Shevchenko
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 4b59bdb569453a60b752b274ca61f009e37f4dae upstream
x86_spec_ctrl_set() is only used in bugs.c and the extra mask checks there
provide no real value as both call sites can
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Tom Lendacky
commit bc226f07dcd3c9ef0b7f6236fe356ea4a9cb4769 upstream
Expose the new virtualized architectural mechanism, VIRT_SSBD, for using
speculative store bypass disable (SSBD) under SVM.
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit be6fcb5478e95bb1c91f489121238deb3abca46a upstream
x86_spec_ctrL_mask is intended to mask out bits from a MSR_SPEC_CTRL value
which are not to be modified. However the imp
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit f9544b2b076ca90d887c5ae5d74fab4c21bb7c13 upstream
There's no reason for these to be changed after boot.
Signed-off-by: Kees Cook
Signed-off-by: Thomas Gleixner
Signed-off-by
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit fae1fa0fc6cca8beee3ab8ed71d54f9a78fa3f64 upstream
As done with seccomp and no_new_privs, also show speculation flaw
mitigation state in /proc/$pid/status.
Signed-off-by: Kees
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 240da953fcc6a9008c92fae5b1f727ee5ed167ab upstream
The "336996 Speculative Execution Side Channel Mitigations" from
May defines this as SSB_NO, hence lets sync-up.
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee upstream
For certain use cases it is desired to enforce mitigations so they cannot
be undone afterwards. That's important for loa
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit 5c3070890d06ff82eecb808d02d2ca39169533ef upstream
When speculation flaw mitigations are opt-in (via prctl), using seccomp
will automatically opt-in to these protections, since
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 5a920155e388ec22a22e0532fb695b9215c9b34d upstream
Provide and use a toggle helper instead of doing it with a branch.
x86_64: arch/x86/kernel/process.o
text data
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit 00a02d0c502a06d15e07b857f8ff921e3e402675 upstream
If a seccomp user is not interested in Speculative Store Bypass mitigation
by default, it can set the new SECCOMP_FILTER_FLAG_
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Kamal Dasu
commit 5eb9a07a4ae1008b67d8bcd47bddb3dae97456b7 upstream.
Added fix for probing of spi-nor device non-zero chip selects. Set
MSPI_CDRAM_PCS (peripheral chip select) with spi master
4.9-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit b849a812f7eb92e96d1c8239b06581b2cfd8b275 upstream
Use PR_SPEC_FORCE_DISABLE in seccomp() because seccomp does not allow to
widen restrictions.
Signed-off-by: Thomas Glei
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andre Przywara
commit bf308242ab98b5d1648c3663e753556bef9bec01 upstream.
kvm_read_guest() will eventually look up in kvm_memslots(), which requires
either to hold the kvm->slots_lock or to be
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andre Przywara
commit 711702b57cc3c50b84bd648de0f1ca0a378805be upstream.
kvm_read_guest() will eventually look up in kvm_memslots(), which requires
either to hold the kvm->slots_lock or to be
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan
commit 28b68acc4a88dcf91fd1dcf2577371dc9bf574cc upstream.
Refine probe and disconnect debug msgs to be useful and say what is
in progress.
Signed-off-by: Shuah Khan
Cc: stable
Si
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Kamal Dasu
commit 602805fb618b018b7a41fbb3f93c1992b078b1ae upstream.
Always confirm the BSPI_MAST_N_BOOT_CTRL bit when enabling
or disabling BSPI transfers.
Fixes: 4e3b2d236fe00 ("spi: bcm-qs
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Halil Pasic
commit d66a7355717ec903d455277a550d930ba13df4a8 upstream.
If the translation of a channel program fails, we may end up attempting
to clean up (free, unpin) stuff that never got tra
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Florian Westphal
commit 569ccae68b38654f04b6842b034aa33857f605fe upstream.
rules in nftables a free'd using kfree, but protected by rcu, i.e. we
must wait for a grace period to elapse.
Normal
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Jann Horn
commit bb765d1c331f62b59049d35607ed2e365802bef9 upstream.
Bump the file's refcount before moving the reference into the fd table,
not afterwards. The old code could drop the file's r
On Wed, May 16, 2018 at 12:15 PM, Yisheng Xie wrote:
> The helper returns index of the matching string in an array,
> use it to simpler the code.
IIRC I sent the patch with the same semantics week or so ago against this file.
>
> Signed-off-by: Yisheng Xie
> ---
> drivers/hwtracing/intel_th/pt
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Haneen Mohammed
commit 7f6df440b8623c441c42d070bf592e2d2c1fa9bb upstream.
This patch matches the sysfs name used in the unlinking with the
linking function. Otherwise, remove_compat_control_li
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Florian Westphal
commit 2f6adf481527c8ab8033c601f55bfb5b3712b2ac upstream.
set->name must be free'd here in case ops->init fails.
Fixes: 387454901bd6 ("netfilter: nf_tables: Allow set names o
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
>
> Cc: Ingo Molnar
> Cc: Peter Zijlstra
> Signed-off-by: Yisheng Xie
> ---
> kernel/sched/debug.c | 20 +-
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nicholas Piggin
commit c1d2a31397ec51f0370f6bd17b19b39152c263cb upstream.
Similarly to opal_event_shutdown, opal_nvram_write can be called in
the crash path with irqs disabled. Special case th
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Ross Zwisler
commit 9f418224e8114156d995b98fa4e0f4fd21f685fe upstream.
Fix a race in the multi-order iteration code which causes the kernel to
hit a GP fault. This was first seen with a produ
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Pavel Tatashin
commit ab1e8d8960b68f54af42b6484b5950bd13a4054b upstream.
It is unsafe to do virtual to physical translations before mm_init() is
called if struct page is needed in order to det
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Julian Wiedmann
commit e521813468f786271a87e78e8644243bead48fad upstream.
Ever since CQ/QAOB support was added, calling qdio_free() straight after
qdio_alloc() results in qdio_release_memory()
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan (Samsung OSG)
commit 7510df3f29d44685bab7b1918b61a8ccd57126a9 upstream.
After removing usbip_host module, devices it releases are left without
a driver. For example, when a keyboard
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Shuah Khan (Samsung OSG)
commit c171654caa875919be3c533d3518da8be5be966e upstream.
stub_probe() calls put_busid_priv() in an error path when device isn't
found in the busid_table. Fix it by ma
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Michel Thierry
commit b579f924a90f42fa561afd8201514fc216b71949 upstream.
Factor in clear values wherever required while updating destination
min/max.
References: HSDES#160184
Signed-off-b
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Julian Wiedmann
commit 2e68adcd2fb21b7188ba449f0fab3bee2910e500 upstream.
Calling qdio_release_memory() on error is just plain wrong. It frees
the main qdio_irq struct, when following code sti
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Hans de Goede
commit c8beccc19b92f5172994c0732db689c08f4f98e5 upstream.
Power-saving is causing loud plops on the Lenovo C50 All in one, add it
to the blacklist.
BugLink: https://bugzilla.red
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Dave Hansen
commit 0a0b152083cfc44ec1bb599b57b7aab41327f998 upstream.
I got a bug report that the following code (roughly) was
causing a SIGSEGV:
mprotect(ptr, size, PROT_EXEC);
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Misono Tomohiro
commit 1a63c198ddb810c790101d693c7071cca703b3c7 upstream.
Incompat flag of LZO/ZSTD compression should be set at:
1. mount time (-o compress/compress-force)
2. when defrag i
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Filipe Manana
commit 9a8fca62aacc1599fea8e813d01e1955513e4fad upstream.
If a file has xattrs, we fsync it, to ensure we clear the flags
BTRFS_INODE_NEEDS_FULL_SYNC and BTRFS_INODE_COPY_EVERYTH
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Andy Shevchenko
commit efc4a13724b852ddaa3358402a8dec024ffbcb17 upstream.
Currently the 32-bit device address only is supported for DMA. However,
starting from Intel Sunrisepoint PCH the DMA a
On Mon, 21 May 2018, Song Liu wrote:
> khugepaged_enter_vma_merge() is using a different approach to check
> whether a vma is valid for khugepaged_enter():
>
> if (!vma->anon_vma)
> /*
> * Not yet faulted in so we will register later in the
> * page fault
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nikolay Borisov
commit 2b8773313494ede83a26fb372466e634564002ed upstream.
This is in preparation of fixing delalloc inodes leakage on transaction
abort. Also export the new function.
Signed-o
This is the start of the stable review cycle for the 4.14.43 release.
There are 95 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Tue May 22 21:04:09 UTC 2018.
Anything receiv
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Nikolay Borisov
commit fe816d0f1d4c31c4c31d42ca78a87660565fc800 upstream.
When a transaction is aborted btrfs_cleanup_transaction is called to
cleanup all the various in-flight bits and pieces
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 4a28bfe3267b68e22c663ac26185aa16c9b879ef upstream
Combine the various logic which goes through all those
x86_cpu_id matching structures in one function.
Suggested
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
http://kernsec.org/pipermail/linux-security-module-archi
> Cc: John Johansen
> Cc: James Morris
> Cc: "Serge E. Hallyn"
>
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Dave Hansen
commit 2fa9d1cfaf0e02f8abef0757002bff12dfcfa4e6 upstream.
mm_pkey_is_allocated() treats pkey 0 as unallocated. That is
inconsistent with the manpages, and also inconsistent with
m
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 1b86883ccb8d5d9506529d42dbe1a5257cb30b18 upstream
The 336996-Speculative-Execution-Side-Channel-Mitigations.pdf refers to all
the other bits as reserved. The Intel
On Mon, May 21, 2018 at 11:47:42AM -0400, David Miller wrote:
> From: Jason Wang
> Date: Fri, 18 May 2018 21:00:43 +0800
>
> > We return -EIO on device down but can not raise EPOLLOUT after it was
> > up. This may confuse user like vhost which expects tuntap to raise
> > EPOLLOUT to re-enable its
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 0cc5fa00b0a88dad140b4e5c2cead9951ad36822 upstream
Add the CPU feature bit CPUID.7.0.EDX[31] which indicates whether the CPU
supports Reduced Data Speculation.
[ t
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 5cf687548705412da47c9cec342fd952d71ed3d5 upstream
A guest may modify the SPEC_CTRL MSR from the value used by the
kernel. Since the kernel doesn't use IBRS, this m
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 772439717dbf703b39990be58d8d4e3e4ad0598a upstream
Intel CPUs expose methods to:
- Detect whether RDS capability is available via CPUID.7.0.EDX[31],
- The SPEC_
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit 1115a859f33276fe8afb31c60cf9d8e657872558 upstream
Intel and AMD SPEC_CTRL (0x48) MSR semantics may differ in the
future (or in fact use different MSRs for the same
On Sat, May 19, 2018 at 09:09:11AM +0800, Jason Wang wrote:
>
>
> On 2018年05月18日 22:46, Michael S. Tsirkin wrote:
> > On Fri, May 18, 2018 at 10:11:54PM +0800, Jason Wang wrote:
> > >
> > > On 2018年05月18日 22:06, Michael S. Tsirkin wrote:
> > > > On Fri, May 18, 2018 at 10:00:31PM +0800, Jason Wa
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit c456442cd3a59eeb1d60293c26cbe2ff2c4e42cf upstream
Add the sysfs file for the new vulerability. It does not do much except
show the words 'Vulnerable' for recent x8
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Konrad Rzeszutek Wilk
commit da39556f66f5cfe8f9c989206974f1cb16ca5d7c upstream
Expose the CPUID.7.EDX[31] bit to the guest, and also guard against various
combinations of SPEC_CTRL MSR values.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 28a2775217b17208811fa43a9e96bd1fdf417b86 upstream
Having everything in nospec-branch.h creates a hell of dependencies when
adding the prctl based switching mechanism. Mo
On Mon, May 21, 2018 at 2:58 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
https://patchwork.kernel.org/patch/10382377/
> Cc: Gustavo Padovan
> Cc: Maarten Lankhorst
> Cc: Sean Paul
> Cc: David Ai
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Ard Biesheuvel
commit 0b3225ab9407f557a8e20f23f37aa7236c10a9b1 upstream.
Mixed mode allows a kernel built for x86_64 to interact with 32-bit
EFI firmware, but requires us to define all struct
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit 885f82bfbc6fefb6664ea27965c3ab9ac4194b8c upstream
The Speculative Store Bypass vulnerability can be mitigated with the
Reduced Data Speculation (RDS) feature. To allow f
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Kees Cook
commit 7bbf1373e228840bb0295a2ca26d548ef37f448e upstream
Adjust arch_prctl_get/set_spec_ctrl() to operate on tasks other than
current.
This is needed both for /proc/$pid/status quer
On Mon, May 21, 2018 at 2:57 PM, Yisheng Xie wrote:
> match_string() returns the index of an array for a matching string,
> which can be used intead of open coded variant.
https://patchwork.kernel.org/patch/10382323/
> Cc: Jani Nikula
> Cc: Joonas Lahtinen
> Cc: Rodrigo Vivi
> Cc: David Airli
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit a73ec77ee17ec556fe7f165d00314cb7c047b1ac upstream
Add prctl based control for Speculative Store Bypass mitigation and make it
the default mitigation for Intel and AMD.
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Masami Hiramatsu
commit 69af7e23a6870df2ea6fa79ca16493d59b3eebeb upstream.
Since get_kprobe_ctlblk() uses smp_processor_id() to access
per-cpu variable, it hits smp_processor_id sanity check a
201 - 300 of 1205 matches
Mail list logo