From: Greg Kroah-Hartman Date: Wed, 15 Aug 2018 12:25:52 +0000 (+0200) Subject: some 4.18 commit ids X-Git-Tag: v4.18.1~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1701caf21a869f0ce3f09c63e3baf62c14a708a1;p=thirdparty%2Fkernel%2Fstable-queue.git some 4.18 commit ids --- diff --git a/queue-4.18/x86-speculation-l1tf-change-order-of-offset-type-in-swap-entry.patch b/queue-4.18/x86-speculation-l1tf-change-order-of-offset-type-in-swap-entry.patch index eac76152b75..01d9750d906 100644 --- a/queue-4.18/x86-speculation-l1tf-change-order-of-offset-type-in-swap-entry.patch +++ b/queue-4.18/x86-speculation-l1tf-change-order-of-offset-type-in-swap-entry.patch @@ -5,6 +5,8 @@ Subject: x86/speculation/l1tf: Change order of offset/type in swap entry From: Linus Torvalds +commit 50896e180c6aa3a9c61a26ced99e15d602666a4c upstream. + If pages are swapped out, the swap entry is stored in the corresponding PTE, which has the Present bit cleared. CPUs vulnerable to L1TF speculate on PTE entries which have the present bit set and would treat the swap diff --git a/queue-4.18/x86-speculation-l1tf-increase-32bit-pae-__physical_page_shift.patch b/queue-4.18/x86-speculation-l1tf-increase-32bit-pae-__physical_page_shift.patch index 70e835d4214..309f596335c 100644 --- a/queue-4.18/x86-speculation-l1tf-increase-32bit-pae-__physical_page_shift.patch +++ b/queue-4.18/x86-speculation-l1tf-increase-32bit-pae-__physical_page_shift.patch @@ -5,6 +5,8 @@ Subject: x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT From: Andi Kleen +commit 50896e180c6aa3a9c61a26ced99e15d602666a4c upstream. + L1 Terminal Fault (L1TF) is a speculation related vulnerability. The CPU speculates on PTE entries which do not have the PRESENT bit set, if the content of the resulting physical address is available in the L1D cache. diff --git a/queue-4.18/x86-speculation-l1tf-protect-swap-entries-against-l1tf.patch b/queue-4.18/x86-speculation-l1tf-protect-swap-entries-against-l1tf.patch index 407ade09add..9ee67e46894 100644 --- a/queue-4.18/x86-speculation-l1tf-protect-swap-entries-against-l1tf.patch +++ b/queue-4.18/x86-speculation-l1tf-protect-swap-entries-against-l1tf.patch @@ -5,6 +5,8 @@ Subject: x86/speculation/l1tf: Protect swap entries against L1TF From: Linus Torvalds +commit bcd11afa7adad8d720e7ba5ef58bdcd9775cf45f upstream. + With L1 terminal fault the CPU speculates into unmapped PTEs, and resulting side effects allow to read the memory the PTE is pointing too, if its values are still in the L1 cache.