From: Greg KH <gregkh@suse.de>
To: Ben Hutchings <ben@decadent.org.uk>
Cc: linux-kernel@vger.kernel.org, stable@kernel.org,
Gleb Natapov <gleb@redhat.com>, Avi Kivity <avi@redhat.com>,
akpm@linux-foundation.org, torvalds@linux-foundation.org,
stable-review@kernel.org, alan@lxorguk.ukuu.org.uk
Subject: Re: [Stable-review] [141/145] KVM: x86 emulator: Check CPL level during privilege instruction emulation
Date: Sat, 13 Mar 2010 14:16:45 -0800 [thread overview]
Message-ID: <20100313221645.GA21225@suse.de> (raw)
In-Reply-To: <1268512677.2664.23.camel@localhost>
On Sat, Mar 13, 2010 at 08:37:57PM +0000, Ben Hutchings wrote:
> On Fri, 2010-03-12 at 16:27 -0800, Greg KH wrote:
> > 2.6.32-stable review patch. If anyone has any objections, please let me know.
> >
> > ----------------
> > From: Gleb Natapov <gleb@redhat.com>
> >
> > commit e92805ac1228626c59c865f2f4e9059b9fb8c97b upstream.
> >
> > Add CPL checking in case emulator is tricked into emulating
> > privilege instruction from userspace.
>
> There were more security fixes released along with this, which surely
> belong in a stable update:
>
> 1871c6020d7308afb99127bba51f04548e7ca84e KVM: x86 emulator: fix memory access during x86 emulation
> f850e2e603bf5a05b0aee7901857cf85715aa694 KVM: x86 emulator: Check IOPL level during io instruction emulation
> d4c6a1549c056f1d817e8f6f2f97d8b44933472f KVM: x86 emulator: Fix popf emulation
Yes, there were a number of kvm patches that I could not apply either
because they did not apply, or because they caused build errors. These
are some of them. I have asked the KVM developers to properly backport
them as I know nothing about KVM. Hopefully that will be done for the
next round of stable releases.
thanks,
greg k-h
next prev parent reply other threads:[~2010-03-13 22:17 UTC|newest]
Thread overview: 159+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-13 0:28 [000/145] 2.6.32.10-stable review Greg KH
2010-03-13 0:25 ` [001/145] fix LOOKUP_FOLLOW on automount "symlinks" Greg KH
2010-03-13 0:25 ` [002/145] ARM: 5944/1: scsi: fix timer setup in fas216.c Greg KH
2010-03-13 0:25 ` [003/145] V4L/DVB: dvb: l64781.ko broken with gcc 4.5 Greg KH
2010-03-13 0:25 ` [004/145] [WATCHDOG] bfin: fix max timeout calculation Greg KH
2010-03-13 0:25 ` [005/145] V4L/DVB: Video : pwc : Fix regression in pwc_set_shutter_speed caused by bad constant => sizeof conversion Greg KH
2010-03-13 0:25 ` [006/145] V4L/DVB: bttv: Move I2C IR initialization Greg KH
2010-03-13 0:25 ` [007/145] V4L/DVB: cxusb: Select all required frontend and tuner modules Greg KH
2010-03-13 3:48 ` Ben Hutchings
2010-03-15 15:48 ` Greg KH
2010-03-13 0:25 ` [008/145] memcg: fix oom killing a child process in an other cgroup Greg KH
2010-03-13 0:25 ` [009/145] fs/exec.c: fix initial stack reservation Greg KH
2010-03-13 0:25 ` [010/145] iwlwifi: error checking for number of tfds in queue Greg KH
2010-03-13 0:25 ` [011/145] iwlwifi: set HT flags after channel in rxon Greg KH
2010-03-13 0:25 ` [012/145] iwlwifi: sanity check before counting number of tfds can be free Greg KH
2010-03-13 0:25 ` [013/145] netlabel: fix export of SELinux categories > 127 Greg KH
2010-03-13 0:25 ` [014/145] ahci: disable FPDMA auto-activate optimization on NVIDIA AHCI Greg KH
2010-03-13 0:25 ` [015/145] PCI hotplug: ibmphp: read the length of ebda and map entire ebda region Greg KH
2010-03-13 0:25 ` [016/145] PCI hotplug: check ioremap() return value in ibmphp_ebda.c Greg KH
2010-03-13 0:25 ` [017/145] ACPI: remove Asus P2B-DS from acpi=ht blacklist Greg KH
2010-03-13 0:25 ` [018/145] ACPI: fix "acpi=ht" boot option Greg KH
2010-03-13 0:25 ` [019/145] thinkpad-acpi: wrong thermal attribute_group removed in thermal_exit() Greg KH
2010-03-13 0:25 ` [020/145] ACPI, i915: blacklist Clevo M5x0N bad_lid state Greg KH
2010-03-13 0:25 ` [021/145] ACPI: Be in TS_POLLING state during mwait based C-state entry Greg KH
2010-03-13 0:25 ` [022/145] [SCSI] mpt2sas: Delete volume before HBA detach Greg KH
2010-03-13 0:25 ` [023/145] slab: initialize unused alien cache entry as NULL at alloc_alien_cache() Greg KH
2010-03-13 0:25 ` [024/145] mac80211: quit addba_resp_timer if Tx BA session is torn down Greg KH
2010-03-13 0:25 ` [025/145] V4L/DVB (13991): gspca_mr973010a: Fix cif type 1 cameras not streaming on UHCI controllers Greg KH
2010-03-13 0:25 ` [026/145] vfs: take f_lock on modifying f_mode after open time Greg KH
2010-03-13 0:26 ` [027/145] readahead: introduce FMODE_RANDOM for POSIX_FADV_RANDOM Greg KH
2010-03-13 0:26 ` [028/145] HID: remove TENX iBuddy from blacklist Greg KH
2010-03-13 0:26 ` [029/145] HID: add multi-input quirk for NextWindow Touchscreen Greg KH
2010-03-13 0:26 ` [030/145] HID: usbhid: introduce timeout for stuck ctrl/out URBs Greg KH
2010-03-13 0:26 ` [031/145] airo: fix setting zero length WEP key Greg KH
2010-03-13 0:26 ` [032/145] idr: fix a critical misallocation bug, take#2 Greg KH
2010-03-13 0:26 ` [033/145] Switch proc/self to nd_set_link() Greg KH
2010-03-13 0:26 ` [034/145] sparc: Align clone and signal stacks to 16 bytes Greg KH
2010-03-13 0:26 ` [035/145] sparc32: Fix page_to_phys() Greg KH
2010-03-13 0:26 ` [036/145] sparc32: Fix struct stat uid/gid types Greg KH
2010-03-13 0:26 ` [037/145] sparc: leds_resource.end assigned to itself in clock_board_probe() Greg KH
2010-03-13 0:26 ` [038/145] sparc64: Fix sun4u execute bit check in TSB I-TLB load Greg KH
2010-03-13 0:26 ` [039/145] net: Fix sysctl restarts Greg KH
2010-03-13 0:26 ` [040/145] net-sysfs: Use rtnl_trylock in wireless sysfs methods Greg KH
2010-03-13 0:26 ` [041/145] net: bug fix for vlan + gro issue Greg KH
2010-03-13 0:26 ` [042/145] inet: Remove bogus IGMPv3 report handling Greg KH
2010-03-13 0:26 ` [043/145] ipv6: conntrack: Add member of user to nf_ct_frag6_queue structure Greg KH
2010-11-22 10:24 ` Pascal Hambourg
2010-03-13 0:26 ` [044/145] drivers/net: ks8851_mll ethernet network driver Greg KH
2010-03-13 0:26 ` [045/145] sky2: fix transmit DMA map leakage Greg KH
2010-03-13 0:26 ` [046/145] drm/radeon/kms: Forbid creation of framebuffer with no valid GEM object Greg KH
2010-03-13 0:26 ` [047/145] drm/radeon/kms: r600/r700 dont test ib if ib initialization fails Greg KH
2010-03-13 0:26 ` [048/145] drm/radeon: r6xx/r7xx possible security issue, system ram access Greg KH
2010-03-13 0:26 ` [049/145] SCSI: qla2xxx: Obtain proper host structure during response-queue processing Greg KH
2010-03-13 0:26 ` [050/145] rtc-core: fix memory leak Greg KH
2010-03-13 0:26 ` [051/145] drm/i915: fix get_core_clock_speed for G33 class desktop chips Greg KH
2010-03-13 0:26 ` [052/145] drm/i915: disable TV hotplug status check Greg KH
2010-03-13 0:26 ` [053/145] offb: Add support for framebuffer handoff to offb Greg KH
2010-03-13 0:26 ` [054/145] tpm_tis: TPM_STS_DATA_EXPECT workaround Greg KH
2010-03-13 0:26 ` [055/145] rndis_wlan: handle NL80211_AUTHTYPE_AUTOMATIC Greg KH
2010-03-13 0:26 ` [056/145] rndis_wlan: fix buffer overflow in rndis_query_oid Greg KH
2010-03-13 0:26 ` [057/145] rndis_wlan: disable stall workaround Greg KH
2010-03-13 0:26 ` [058/145] net/via-rhine: Fix scheduling while atomic bugs Greg KH
2010-03-13 0:26 ` [059/145] clocksource: Fix up a registration/IRQ race in the sh drivers Greg KH
2010-03-13 0:26 ` [060/145] SCSI: qla1280: Drop host_lock while requesting firmware Greg KH
2010-03-13 0:26 ` [061/145] Staging: hv: add a pci device table Greg KH
2010-03-13 0:26 ` [062/145] Staging: hv: match on DMI values to know if we should run Greg KH
2010-03-13 0:26 ` [063/145] Staging: mimio: remove the mimio driver Greg KH
2010-03-13 0:26 ` [064/145] dvb-core: Fix DoS bug in ULE decapsulation code that can be triggered by an invalid Payload Pointer Greg KH
2010-03-13 0:26 ` [065/145] V4L/DVB (13148): uvcvideo: Handle V4L2_CTRL_TYPE_BUTTON control type in VIDIOC_QUERYCTRL Greg KH
2010-03-13 0:26 ` [066/145] PM / Hibernate: Fix preallocating of memory Greg KH
2010-03-13 0:26 ` [067/145] macintosh/therm_adt746x: Fix sysfs attributes lifetime Greg KH
2010-03-13 0:26 ` [068/145] macintosh/hwmon/ams: Fix device removal sequence Greg KH
2010-03-13 0:26 ` [069/145] oprofile/x86: fix perfctr nmi reservation for mulitplexing Greg KH
2010-03-13 0:26 ` [070/145] oprofile: remove tracing build dependency Greg KH
2010-03-13 0:26 ` [071/145] oprofile/x86: remove node check in AMD IBS initialization Greg KH
2010-03-13 0:26 ` [072/145] oprofile/x86: use kzalloc() instead of kmalloc() Greg KH
2010-03-13 0:26 ` [073/145] oprofile/x86: fix msr access to reserved counters Greg KH
2010-03-13 0:26 ` [074/145] ALSA: hda: Use 3stack quirk for Toshiba Satellite L40-10Q Greg KH
2010-03-13 0:26 ` [075/145] ALSA: via82xx: add quirk for D1289 motherboard Greg KH
2010-03-13 0:26 ` [076/145] ALSA: pcm core - fix fifo_size channels interval check Greg KH
2010-03-13 0:26 ` [077/145] ALSA: USB MIDI support for Access Music VirusTI Greg KH
2010-03-13 0:26 ` [078/145] ALSA: hda: Use LPIB for Dell Latitude 131L Greg KH
2010-03-13 0:26 ` [079/145] ALSA: hda: Use LPIB for a Biostar Microtech board Greg KH
2010-03-13 0:26 ` [080/145] ALSA: hda - Add a position_fix quirk for MSI Wind U115 Greg KH
2010-03-13 0:26 ` [081/145] ALSA: hda - Add position_fix quirk for HP dv3 Greg KH
2010-03-13 0:26 ` [082/145] ALSA: hda-intel: Add position_fix quirk for ASUS M2V-MX SE Greg KH
2010-03-13 0:26 ` [083/145] ASoC: fix ak4104 register array access Greg KH
2010-03-13 0:26 ` [084/145] driver-core: fix race condition in get_device_parent() Greg KH
2010-03-13 0:26 ` [085/145] Driver-Core: devtmpfs - reset inode permissions before unlinking Greg KH
2010-03-13 0:26 ` [086/145] tty: Fix the ldisc hangup race Greg KH
2010-03-13 0:27 ` [087/145] serial: imx: fix NULL dereference Oops when pdata == NULL Greg KH
2010-03-13 0:27 ` [088/145] USB: serial: sierra driver indat_callback fix Greg KH
2010-03-13 0:27 ` [089/145] USB: SIS USB2VGA DRIVER: support KAIRENs USB VGA adaptor USB20SVGA-MB-PLUS Greg KH
2010-03-13 0:27 ` [090/145] USB: fix I2C API usage in ohci-pnx4008 Greg KH
2010-03-13 0:27 ` [091/145] p54usb: Add the USB ID for Belkin (Accton) FD7050E ver 1010ec Greg KH
2010-03-13 0:27 ` [092/145] p54pci: handle dma mapping errors Greg KH
2010-03-13 0:27 ` [093/145] gpiolib: Actually set output state in wm831x_gpio_direction_output() Greg KH
2010-03-13 0:27 ` [094/145] hwmon: (tmp421) Fix temperature conversions Greg KH
2010-03-13 0:27 ` [095/145] hwmon: (tmp421) Restore missing inputs Greg KH
2010-03-13 0:27 ` [096/145] pata_hpt3x2n: always stretch UltraDMA timing Greg KH
2010-03-13 0:27 ` [097/145] scm: Only support SCM_RIGHTS on unix domain sockets Greg KH
2010-03-13 0:27 ` [098/145] ath9k: fix beacon timer restart after a card reset Greg KH
2010-03-13 0:27 ` [099/145] ath9k: fix rate control fallback rate selection Greg KH
2010-03-13 0:27 ` [100/145] ath9k: disable RIFS search for AR91xx based chips Greg KH
2010-03-13 0:27 ` [101/145] ath5k: use correct packet type when transmitting Greg KH
2010-03-13 0:27 ` [102/145] b43/b43legacy: Wake queues in wireless_core_start Greg KH
2010-03-13 0:27 ` [103/145] netfilter: xt_recent: fix buffer overflow Greg KH
2010-03-13 0:27 ` [104/145] netfilter: xt_recent: fix false match Greg KH
2010-03-13 6:24 ` [Stable-review] " Willy Tarreau
2010-03-13 14:40 ` Tim Gardner
2010-03-13 17:01 ` Willy Tarreau
2010-03-13 0:27 ` [105/145] sunxvr500: Additional PCI id for sunxvr500 driver Greg KH
2010-03-13 0:27 ` [106/145] thinkpad-acpi: fix poll thread auto-start Greg KH
2010-03-13 0:27 ` [107/145] thinkpad-acpi: R52 brightness_mode has been confirmed Greg KH
2010-03-13 0:27 ` [108/145] thinkpad-acpi: document HKEY event 3006 Greg KH
2010-03-13 0:27 ` [109/145] thinkpad-acpi: make driver events work in NVRAM poll mode Greg KH
2010-03-13 0:27 ` [110/145] thinkpad-acpi: fix bluetooth/wwan resume Greg KH
2010-03-13 0:27 ` [111/145] ocfs2: Only bug out in direct io write for reflinked extent Greg KH
2010-03-13 0:27 ` [112/145] x86, ia32_aout: do not kill argument mapping Greg KH
2010-03-13 0:27 ` [113/145] x86: Add iMac9,1 to pci_reboot_dmi_table Greg KH
2010-03-13 0:27 ` [114/145] x86, xen: Disable highmem PTE allocation even when CONFIG_HIGHPTE=y Greg KH
2010-03-13 0:27 ` Greg KH
2010-03-13 0:27 ` [115/145] x86: Avoid race condition in pci_enable_msix() Greg KH
2010-03-13 0:27 ` [116/145] x86: Fix SCI on IOAPIC != 0 Greg KH
2010-03-13 0:27 ` [117/145] USB: xhci: Fix finding extended capabilities registers Greg KH
2010-03-13 0:27 ` [118/145] USB: fix the idProduct value for USB-3.0 root hubs Greg KH
2010-03-13 0:27 ` [119/145] USB: fix crash in uhci_scan_schedule Greg KH
2010-03-13 0:27 ` [120/145] USB: remove debugging message for uevent constructions Greg KH
2010-03-13 0:27 ` [121/145] USB: Move hcd free_dev call into usb_disconnect to fix oops Greg KH
2010-03-13 0:27 ` [122/145] USB: ftdi_sio: isolate all device IDs to new ftdi_sio_ids.h header Greg KH
2010-03-13 0:27 ` [123/145] USB: ftdi_sio: sort PID/VID entries in " Greg KH
2010-03-13 0:27 ` [124/145] USB: ftdi_sio: new device id for papouch AD4USB Greg KH
2010-03-13 0:27 ` [125/145] USB: ftdi_sio: add device IDs (several ELV, one Mindstorms NXT) Greg KH
2010-03-13 0:27 ` [126/145] USB: add new ftdi_sio device ids Greg KH
2010-03-13 0:27 ` [127/145] USB: serial: ftdi: add CONTEC vendor and product id Greg KH
2010-03-13 0:27 ` [128/145] USB: cp210x: Add 81E8 (Zephyr Bioharness) Greg KH
2010-03-13 0:27 ` [129/145] USB: unusual_devs: Add support for multiple Option 3G sticks Greg KH
2010-03-13 0:27 ` [130/145] drm/i915: Use a dmi quirk to skip a broken SDVO TV output Greg KH
2010-03-13 0:27 ` [131/145] drm/ttm: handle OOM in ttm_tt_swapout Greg KH
2010-03-13 0:27 ` [132/145] sunrpc: remove unnecessary svc_xprt_put Greg KH
2010-03-13 0:27 ` [133/145] SUNRPC: Handle EINVAL error returns from the TCP connect operation Greg KH
2010-03-13 0:27 ` [134/145] s3cmci: s3cmci_card_present: Use no_detect to decide whether there is a card detect pin Greg KH
2010-03-13 0:27 ` Greg KH
2010-03-13 0:27 ` [135/145] rtc-coh901331: fix braces in resume code Greg KH
2010-03-13 0:27 ` [136/145] NFS: Fix an allocation-under-spinlock bug Greg KH
2010-03-13 0:27 ` [137/145] dm: free dm_io before bio_endio not after Greg KH
2010-03-13 0:27 ` [138/145] KVM: x86 emulator: Add group8 instruction decoding Greg KH
2010-03-13 0:27 ` [139/145] KVM: x86 emulator: Forbid modifying CS segment register by mov instruction Greg KH
2010-03-13 0:27 ` [140/145] KVM: x86 emulator: Add group9 instruction decoding Greg KH
2010-03-13 0:27 ` [141/145] KVM: x86 emulator: Check CPL level during privilege instruction emulation Greg KH
2010-03-13 20:37 ` [Stable-review] " Ben Hutchings
2010-03-13 22:16 ` Greg KH [this message]
2010-03-14 18:22 ` Stefan Bader
2010-03-13 0:27 ` [142/145] sched: Fix sched_mv_power_savings for !SMT Greg KH
2010-03-13 0:27 ` [143/145] sched: Fix SMT scheduler regression in find_busiest_queue() Greg KH
2010-03-13 0:27 ` [144/145] sched: Dont use possibly stale sched_class Greg KH
2010-03-13 0:27 ` [145/145] x86, mm: Allow highmem user page tables to be disabled at boot time Greg KH
2010-03-13 2:58 ` [000/145] 2.6.32.10-stable review Grant Coady
2010-03-13 3:27 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100313221645.GA21225@suse.de \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=avi@redhat.com \
--cc=ben@decadent.org.uk \
--cc=gleb@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable-review@kernel.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.