diff --git a/debian/changelog b/debian/changelog index bc7fb0a3f..16689447c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +linux (4.3.1-1~exp1) UNRELEASED; urgency=medium + + * New upstream stable update: + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.1 + + -- Ben Hutchings Wed, 09 Dec 2015 23:20:32 +0000 + linux (4.3-1~exp2) experimental; urgency=medium [ Ben Hutchings ] diff --git a/debian/patches/bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch b/debian/patches/bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch deleted file mode 100644 index b8ffd077f..000000000 --- a/debian/patches/bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch +++ /dev/null @@ -1,38 +0,0 @@ -Subject: KVM x86 SVM: intercept #AC to avoid guest->host exploit - ---- -M arch/x86/kvm/svm.c -1 file changed, 8 insertions(+), 0 deletions(-) - - ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -1106,6 +1106,7 @@ static void init_vmcb(struct vcpu_svm *s - set_exception_intercept(svm, PF_VECTOR); - set_exception_intercept(svm, UD_VECTOR); - set_exception_intercept(svm, MC_VECTOR); -+ set_exception_intercept(svm, AC_VECTOR); - - set_intercept(svm, INTERCEPT_INTR); - set_intercept(svm, INTERCEPT_NMI); -@@ -1795,6 +1796,12 @@ static int ud_interception(struct vcpu_s - return 1; - } - -+static int ac_interception(struct vcpu_svm *svm) -+{ -+ kvm_queue_exception_e(&svm->vcpu, AC_VECTOR, 0); -+ return 1; -+} -+ - static void svm_fpu_activate(struct kvm_vcpu *vcpu) - { - struct vcpu_svm *svm = to_svm(vcpu); -@@ -3369,6 +3376,7 @@ static int (*const svm_exit_handlers[])( - [SVM_EXIT_EXCP_BASE + PF_VECTOR] = pf_interception, - [SVM_EXIT_EXCP_BASE + NM_VECTOR] = nm_interception, - [SVM_EXIT_EXCP_BASE + MC_VECTOR] = mc_interception, -+ [SVM_EXIT_EXCP_BASE + AC_VECTOR] = ac_interception, - [SVM_EXIT_INTR] = intr_interception, - [SVM_EXIT_NMI] = nmi_interception, - [SVM_EXIT_SMI] = nop_on_interception, diff --git a/debian/patches/bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch b/debian/patches/bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch deleted file mode 100644 index 79ed6243d..000000000 --- a/debian/patches/bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch +++ /dev/null @@ -1,34 +0,0 @@ -From: Eric Northup -Date: Thu Sep 10 11:36:28 2015 -0700 -Subject: KVM x86 vmx: avoid guest->host DOS by intercepting #AC - -A pathological (or malicious) guest can hang a host core by -mis-configuring its GDT/IDT and enabling alignment checks. - -[bwh: Forward-ported to 4.2: AC_VECTOR is already defined so don't add it] - ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -1567,7 +1567,7 @@ static void update_exception_bitmap(stru - u32 eb; - - eb = (1u << PF_VECTOR) | (1u << UD_VECTOR) | (1u << MC_VECTOR) | -- (1u << NM_VECTOR) | (1u << DB_VECTOR); -+ (1u << NM_VECTOR) | (1u << DB_VECTOR) | (1u << AC_VECTOR); - if ((vcpu->guest_debug & - (KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP)) == - (KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP)) -@@ -5146,6 +5146,13 @@ static int handle_exception(struct kvm_v - kvm_run->debug.arch.pc = vmcs_readl(GUEST_CS_BASE) + rip; - kvm_run->debug.arch.exception = ex_no; - break; -+ case AC_VECTOR: -+ /* -+ * We have already enabled interrupts and pre-emption, so -+ * it's OK to loop here if that is what will happen. -+ */ -+ kvm_queue_exception_e(vcpu, AC_VECTOR, error_code); -+ return 1; - default: - kvm_run->exit_reason = KVM_EXIT_EXCEPTION; - kvm_run->ex.exception = ex_no; diff --git a/debian/patches/series b/debian/patches/series index 8c104897b..7c917d70b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -87,8 +87,6 @@ bugfix/all/selftests-vm-try-harder-to-allocate-huge-pages.patch bugfix/all/selftests-breakpoints-actually-build-it.patch bugfix/all/rds-fix-race-condition-when-sending-a-message-on-unbound-socket.patch bugfix/all/media-media-vivid-osd-fix-info-leak-in-ioctl.patch -bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch -bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch bugfix/x86/kvm-x86-rename-update_db_bp_intercept-to-update_bp_i.patch bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch