From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from imap1.codethink.co.uk ([176.9.8.82]:40680 "EHLO
        imap1.codethink.co.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726457AbeLMSvW (ORCPT
        <rfc822;stable@vger.kernel.org>); Thu, 13 Dec 2018 13:51:22 -0500
Message-ID: <1544727079.19315.55.camel@codethink.co.uk>
Subject: Security fixes for 4.4
From: Ben Hutchings <ben.hutchings@codethink.co.uk>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Sasha Levin <Alexander.Levin@microsoft.com>
Cc: stable <stable@vger.kernel.org>
Date: Thu, 13 Dec 2018 18:51:19 +0000
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

I've backported a number of fixes for security issues affecting 4.4-
stable.  All of these are already fixed in the newer stable branches.

For the BPF fix, I verified that the self-tests (taken from 4.14)
didn't regress and temporarily added logging to check that the
mitigation is applied when needed.

For the KVM changes, I verified that IBPB/IBRS are now exposed to and
used by a guest on Intel hardware.

I also verified that the current self-tests for timers, usercopy and vm
didn't regress.

Ben.

-- 
Ben Hutchings, Software Developer                         Codethink Ltd
https://www.codethink.co.uk/                 Dale House, 35 Dale Street
                                     Manchester, M1 2HF, United Kingdom