From 4f4c93c29b3fe7f27044cacb5a3536a9e0e2f0e0 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Thu, 29 Jan 2015 04:51:00 +0000 Subject: [PATCH] [x86] Revert "KVM: Fix of previously incomplete fix for CVE-2014-8480" as that issue does not affect 3.16 svn path=/dists/sid/linux/; revision=22303 --- debian/changelog | 2 ++ ...reviously-incomplete-fix-for-cve-201.patch | 28 ------------------- debian/patches/series | 1 - 3 files changed, 2 insertions(+), 29 deletions(-) delete mode 100644 debian/patches/bugfix/x86/kvm-x86-fix-of-previously-incomplete-fix-for-cve-201.patch diff --git a/debian/changelog b/debian/changelog index 26443a1aa..e7634b177 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ linux (3.16.7-ckt4-3) UNRELEASED; urgency=medium * [sh4] ftrace: Remove -m32 option from recordmcount.pl (Closes: #775611) + * [x86] Revert "KVM: Fix of previously incomplete fix for CVE-2014-8480" + as that issue does not affect 3.16 -- Ben Hutchings Wed, 28 Jan 2015 17:52:39 +0000 diff --git a/debian/patches/bugfix/x86/kvm-x86-fix-of-previously-incomplete-fix-for-cve-201.patch b/debian/patches/bugfix/x86/kvm-x86-fix-of-previously-incomplete-fix-for-cve-201.patch deleted file mode 100644 index 70d9484f8..000000000 --- a/debian/patches/bugfix/x86/kvm-x86-fix-of-previously-incomplete-fix-for-cve-201.patch +++ /dev/null @@ -1,28 +0,0 @@ -From: Nadav Amit -Date: Thu, 8 Jan 2015 11:59:03 +0100 -Subject: KVM: x86: Fix of previously incomplete fix for CVE-2014-8480 -Origin: https://git.kernel.org/linus/63ea0a49ae0b145b91ff2b070c01b66fc75854b9 - -STR and SLDT with rip-relative operand can cause a host kernel oops. -Mark them as DstMem as well. - -Cc: stable@vger.linux.org -Signed-off-by: Nadav Amit -Signed-off-by: Paolo Bonzini ---- - arch/x86/kvm/emulate.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - ---- a/arch/x86/kvm/emulate.c -+++ b/arch/x86/kvm/emulate.c -@@ -3737,8 +3737,8 @@ static const struct opcode group5[] = { - }; - - static const struct opcode group6[] = { -- DI(Prot, sldt), -- DI(Prot, str), -+ DI(Prot | DstMem, sldt), -+ DI(Prot | DstMem, str), - II(Prot | Priv | SrcMem16, em_lldt, lldt), - II(Prot | Priv | SrcMem16, em_ltr, ltr), - N, N, N, N, diff --git a/debian/patches/series b/debian/patches/series index 4c30e86ed..9c98fb2e2 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -492,6 +492,5 @@ bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch bugfix/all/crypto-include-crypto-module-prefix-in-template.patch bugfix/all/crypto-add-missing-crypto-module-aliases.patch -bugfix/x86/kvm-x86-fix-of-previously-incomplete-fix-for-cve-201.patch bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch bugfix/sh4/scripts-recordmcount.pl-there-is-no-m32-option-on-super-h.patch