diff --git a/debian/changelog b/debian/changelog index dc72468ff..800b4ec98 100644 --- a/debian/changelog +++ b/debian/changelog @@ -27,7 +27,6 @@ linux (4.19.67-2+deb10u2) UNRELEASED; urgency=medium - KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active - x86/bugs: Add ITLB_MULTIHIT bug infrastructure - cpu/speculation: Uninline and export CPU mitigations helpers - - x86/cpu: Add Tremont to the cpu vulnerability whitelist - kvm: mmu: ITLB_MULTIHIT mitigation - kvm: Add helper function for creating VM worker threads - kvm: x86: mmu: Recovery of shattered NX large pages diff --git a/debian/patches/bugfix/x86/itlb_multihit/0012-x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch b/debian/patches/bugfix/x86/itlb_multihit/0012-x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch deleted file mode 100644 index f9237aadb..000000000 --- a/debian/patches/bugfix/x86/itlb_multihit/0012-x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch +++ /dev/null @@ -1,30 +0,0 @@ -From: Pawan Gupta -Date: Mon, 4 Nov 2019 12:22:01 +0100 -Subject: x86/cpu: Add Tremont to the cpu vulnerability whitelist - -commit cad14885a8d32c1c0d8eaa7bf5c0152a22b6080e upstream - -Add the new cpu family ATOM_TREMONT_D to the cpu vunerability -whitelist. ATOM_TREMONT_D is not affected by X86_BUG_ITLB_MULTIHIT. - -ATOM_TREMONT_D might have mitigations against other issues as well, but -only the ITLB multihit mitigation is confirmed at this point. - -Signed-off-by: Pawan Gupta -Signed-off-by: Paolo Bonzini -Signed-off-by: Thomas Gleixner ---- - arch/x86/kernel/cpu/common.c | 2 ++ - 1 file changed, 2 insertions(+) - ---- a/arch/x86/kernel/cpu/common.c -+++ b/arch/x86/kernel/cpu/common.c -@@ -1000,6 +1000,8 @@ static const __initconst struct x86_cpu_ - * good enough for our purposes. - */ - -+ VULNWL_INTEL(ATOM_TREMONT_X, NO_ITLB_MULTIHIT), -+ - /* AMD Family 0xf - 0x12 */ - VULNWL_AMD(0x0f, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT), - VULNWL_AMD(0x10, NO_MELTDOWN | NO_SSB | NO_L1TF | NO_MDS | NO_SWAPGS | NO_ITLB_MULTIHIT), diff --git a/debian/patches/series b/debian/patches/series index 9cf67909f..27ee5a48f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -270,7 +270,6 @@ bugfix/x86/taa/0009-x86-speculation-taa-Add-documentation-for-TSX-Async-.patch bugfix/x86/taa/0010-x86-tsx-Add-config-options-to-set-tsx-on-off-auto.patch bugfix/x86/taa/0015-x86-speculation-taa-Fix-printing-of-TAA_MSG_SMT-on-I.patch bugfix/x86/itlb_multihit/0011-x86-bugs-Add-ITLB_MULTIHIT-bug-infrastructure.patch -bugfix/x86/itlb_multihit/0012-x86-cpu-Add-Tremont-to-the-cpu-vulnerability-whiteli.patch bugfix/x86/itlb_multihit/0013-cpu-speculation-Uninline-and-export-CPU-mitigations-.patch bugfix/x86/itlb_multihit/0014-Documentation-Add-ITLB_MULTIHIT-documentation.patch bugfix/x86/itlb_multihit/0016-kvm-x86-powerpc-do-not-allow-clearing-largepages-deb.patch