Commits · 48103c87e76e612103f4aade870982eb9f021b22 · Kirill Smelkov / linux

05 Feb, 2018 38 commits

Revert "x86/feature: Report presence of IBPB and IBRS control" · 48103c87

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 7de295e2.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

48103c87

Revert "x86/enter: MACROS to set/clear IBRS and set IBPB" · cadfe559

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit f011884a.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

cadfe559

Revert "x86/enter: Use IBRS on syscall and interrupts" · b42e547c

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 0e2f6c3e.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

b42e547c

Revert "x86/idle: Disable IBRS entering idle and enable it on wakeup" · 10e23462

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit e231ae74.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

10e23462

Revert "x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup" · 2870f7d2

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 92e0b0d6.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

2870f7d2

Revert "x86/mm: Set IBPB upon context switch" · 6720aabf

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 49bb7a3c.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

6720aabf

Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current thread" · 260de686

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit b0c3e8bd.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

260de686

Revert "x86/entry: Stuff RSB for entry to kernel for non-SMEP platform" · a6fa5ed0

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 47a07600.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

a6fa5ed0

Revert "x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm" · 30fd5229

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 70be2dd8.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

30fd5229

Revert "x86/kvm: Set IBPB when switching VM" · ac0d4eae

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 30907f82.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

ac0d4eae

Revert "x86/kvm: Toggle IBRS on VM entry and exit" · ceea78e2

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit e233ec08.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

ceea78e2

Revert "x86/kvm: Pad RSB on VM transition" · 55600a10

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit ba5013cf.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

55600a10

Revert "x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature" · b3685465

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 5e7fa023.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

b3685465

Revert "x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control" · 1089af8d

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit ff2699c9.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

1089af8d

Revert "x86/syscall: Clear unused extra registers on syscall entrance" · 6f3f333c

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 0f76330e.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

6f3f333c

Revert "x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance" · b1c038b1

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 70df98e2.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

b1c038b1

Revert "x86/entry: Use retpoline for syscall's indirect calls" · 684a6a68

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit f3fd3c0a.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

684a6a68

Revert "x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR" · b4385abd

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 44c314e1.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

b4385abd

Revert "x86/cpu/AMD: Add speculative control support for AMD" · 688d5160

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 0c42069d.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

688d5160

Revert "x86/microcode: Extend post microcode reload to support IBPB feature" · a9a8b5fa

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 88b00371.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

a9a8b5fa

Revert "KVM: SVM: Do not intercept new speculative control MSRs" · b094e69c

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 750beb6c.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

b094e69c

Revert "x86/svm: Set IBRS value on VM entry and exit" · 4347e8cd

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit d3d0f0a2.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

4347e8cd

Revert "x86/svm: Set IBPB when running a different VCPU" · 7dc92117

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 8c36ea34.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

7dc92117

Revert "KVM: x86: Add speculative control CPUID support for guests" · ef09993f

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 8339cae2.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

ef09993f

Revert "x86/svm: Add code to clobber the RSB on VM exit" · 6ef9b7c8

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit b554560f.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

6ef9b7c8

Revert "x86/svm: Add code to clear registers on VM exit" · c41c9703

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit a1c61c3a.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

c41c9703

Revert "x86/cpu/AMD: Make the LFENCE instruction serialized" · c7888374

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 92763281.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

c7888374

Revert "x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature" · 0521946e

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 844132fe.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

0521946e

Revert "powerpc: add gmb barrier" · 50e3470e

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit b6ea5c00.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

50e3470e

Revert "s390/spinlock: add gmb memory barrier" · fd13dba7

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 087580bf.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

fd13dba7

Revert "UBUNTU: SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit" · ec2f7a85

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit e8d5c968.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

ec2f7a85

Revert "arm64: no gmb() implementation yet" · 35c9a81c

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 4e1b8db1.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

35c9a81c

Revert "arm: no gmb() implementation yet" · 0038751c

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit bf2fe22f.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

0038751c

Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to support... · fb79fa3f

Andy Whitcroft authored Jan 31, 2018

Revert "UBUNTU: SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature -- repair missmerge"

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 06afd4f0.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

fb79fa3f

Revert "Revert "x86/svm: Add code to clear registers on VM exit"" · f6e803bb

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit fc26acce.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

f6e803bb

Revert "kvm: vmx: Scrub hardware GPRs at VM-exit" · eb7b4d9b

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 6f13941a.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

eb7b4d9b

Revert "x86/cpuid: Provide get_scattered_cpuid_leaf()" · d79ad9c8

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 36c867e8.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

d79ad9c8

Revert "UBUNTU: SAUCE: Fix spec_ctrl support in KVM" · 742a2c5a

Andy Whitcroft authored Jan 31, 2018

CVE-2017-5753 (revert embargoed)
CVE-2017-5715 (revert embargoed)

This reverts commit 86d33097.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

742a2c5a

02 Feb, 2018 1 commit

net: ipv4: fix for a race condition in raw_sendmsg · 63da13a9

Mohamed Ghannam authored Dec 10, 2017

inet->hdrincl is racy, and could lead to uninitialized stack pointer
usage, so its value should be read only once.

Fixes: c008ba5b ("ipv4: Avoid reading user iov twice after raw_probe_proto_opt")
Signed-off-by: Mohamed Ghannam <simo.ghannam@gmail.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

CVE-2017-17712
(backported from commit 8f659a03 upstream)
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Acked-by: Khalid Elmously <khalid.elmously@canonical.com>
Acked-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

63da13a9

29 Jan, 2018 1 commit

UBUNTU: [Packaging] update urgency to medium by default · 355335ee

Andy Whitcroft authored Jan 25, 2018

BugLink: http://bugs.launchpad.net/bugs/1745338Signed-off-by: Andy Whitcroft <apw@canonical.com>
Acked-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Seth Forshee <seth.forshee@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>

355335ee