debian/patches/bugfix/x86/itlb_multihit/0006-kvm-x86-mmu-Recovery-of-shattered-NX-large-pages.patch · fbee2a8a14d5fa93ce8daf09e23601670f039753 · Kali Linux / Packages / linux

Import Debian changes 5.3.9-3 · fa1f3e12

Ben Hutchings authored Nov 19, 2019 and

Sophie Brun committed Nov 20, 2019

linux (5.3.9-3) unstable; urgency=medium

  * [arm64,armhf,powerpc*,s390x] KVM: Add more exports to ABI ignore list
    (fixes FTBFS)

linux (5.3.9-2) unstable; urgency=medium

  * [x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135):
    - x86/msr: Add the IA32_TSX_CTRL MSR
    - x86/cpu: Add a helper function x86_read_arch_cap_msr()
    - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
    - x86/speculation/taa: Add mitigation for TSX Async Abort
    - x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
    - x86/tsx: Add "auto" option to the tsx= cmdline parameter
    - x86/speculation/taa: Add documentation for TSX Async Abort
    - x86/tsx: Add config options to set tsx=on|off|auto
    - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
    TSX is now disabled by default; see
    Documentation/admin-guide/hw-vuln/tsx_async_abort.rst
  * [x86] KVM: Add mitigation for Machine Check Error on Page Size Change
    (aka iTLB multi-hit, CVE-2018-12207):
    - kvm: x86, powerpc: do not allow clearing largepages debugfs entry
    - x86/bugs: Add ITLB_MULTIHIT bug infrastructure
    - x86/cpu: Add Tremont to the cpu vulnerability whitelist
    - cpu/speculation: Uninline and export CPU mitigations helpers
    - kvm: mmu: ITLB_MULTIHIT mitigation
    - kvm: Add helper function for creating VM worker threads
    - kvm: x86: mmu: Recovery of shattered NX large pages
    - Documentation: Add ITLB_MULTIHIT documentation
  * [x86] i915: Mitigate local privilege escalation on gen9 (CVE-2019-0155):
    - drm/i915: Rename gen7 cmdparser tables
    - drm/i915: Disable Secure Batches for gen6+
    - drm/i915: Remove Master tables from cmdparser
    - drm/i915: Add support for mandatory cmdparsing
    - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
    - drm/i915: Allow parsing of unsized batches
    - drm/i915: Add gen9 BCS cmdparsing
    - drm/i915/cmdparser: Use explicit goto for error paths
    - drm/i915/cmdparser: Add support for backward jumps
    - drm/i915/cmdparser: Ignore Length operands during command matching
    - drm/i915/cmdparser: Fix jump whitelist clearing
  * [x86] i915: Mitigate local denial-of-service on gen8/gen9 (CVE-2019-0154):
    - drm/i915: Lower RM timeout to avoid DSI hard hangs
    - drm/i915/gen8+: Add RC6 CTX corruption WA

fa1f3e12