From: Greg Kroah-Hartman Date: Wed, 7 Mar 2018 19:03:28 +0000 (-0800) Subject: drop kvm patch from 3.18.y X-Git-Tag: v4.14.25~14 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=418e2013965648d7bee44fb962e4db454ab18b8a;p=thirdparty%2Fkernel%2Fstable-queue.git drop kvm patch from 3.18.y --- diff --git a/queue-3.18/kvm-x86-fix-smram-accessing-even-if-vm-is-shutdown.patch b/queue-3.18/kvm-x86-fix-smram-accessing-even-if-vm-is-shutdown.patch deleted file mode 100644 index bce8081339c..00000000000 --- a/queue-3.18/kvm-x86-fix-smram-accessing-even-if-vm-is-shutdown.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 95e057e25892eaa48cad1e2d637b80d0f1a4fac5 Mon Sep 17 00:00:00 2001 -From: Wanpeng Li -Date: Thu, 8 Feb 2018 15:32:45 +0800 -Subject: KVM: X86: Fix SMRAM accessing even if VM is shutdown -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -From: Wanpeng Li - -commit 95e057e25892eaa48cad1e2d637b80d0f1a4fac5 upstream. - -Reported by syzkaller: - - WARNING: CPU: 6 PID: 2434 at arch/x86/kvm/vmx.c:6660 handle_ept_misconfig+0x54/0x1e0 [kvm_intel] - CPU: 6 PID: 2434 Comm: repro_test Not tainted 4.15.0+ #4 - RIP: 0010:handle_ept_misconfig+0x54/0x1e0 [kvm_intel] - Call Trace: - vmx_handle_exit+0xbd/0xe20 [kvm_intel] - kvm_arch_vcpu_ioctl_run+0xdaf/0x1d50 [kvm] - kvm_vcpu_ioctl+0x3e9/0x720 [kvm] - do_vfs_ioctl+0xa4/0x6a0 - SyS_ioctl+0x79/0x90 - entry_SYSCALL_64_fastpath+0x25/0x9c - -The testcase creates a first thread to issue KVM_SMI ioctl, and then creates -a second thread to mmap and operate on the same vCPU. This triggers a race -condition when running the testcase with multiple threads. Sometimes one thread -exits with a triple fault while another thread mmaps and operates on the same -vCPU. Because CS=0x3000/IP=0x8000 is not mapped, accessing the SMI handler -results in an EPT misconfig. This patch fixes it by returning RET_PF_EMULATE -in kvm_handle_bad_page(), which will go on to cause an emulation failure and an -exit with KVM_EXIT_INTERNAL_ERROR. - -Reported-by: syzbot+c1d9517cab094dae65e446c0c5b4de6c40f4dc58@syzkaller.appspotmail.com -Cc: Paolo Bonzini -Cc: Radim Krčmář -Cc: stable@vger.kernel.org -Signed-off-by: Wanpeng Li -Signed-off-by: Paolo Bonzini -Signed-off-by: Greg Kroah-Hartman - ---- - arch/x86/kvm/mmu.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/arch/x86/kvm/mmu.c -+++ b/arch/x86/kvm/mmu.c -@@ -2698,7 +2698,7 @@ static int kvm_handle_bad_page(struct kv - return 0; - } - -- return -EFAULT; -+ return RET_PF_EMULATE; - } - - static void transparent_hugepage_adjust(struct kvm_vcpu *vcpu, diff --git a/queue-3.18/series b/queue-3.18/series index 66cd6bd49f9..14fc730c50c 100644 --- a/queue-3.18/series +++ b/queue-3.18/series @@ -3,5 +3,4 @@ tpm_i2c_nuvoton-fix-potential-buffer-overruns-caused-by-bit-glitches-on-the-bus. alsa-usb-audio-add-a-quirck-for-b-w-px-headphones.patch cpufreq-s3c24xx-fix-broken-s3c_cpufreq_init.patch arm-mvebu-fix-broken-pl310_errata_753970-selects.patch -kvm-x86-fix-smram-accessing-even-if-vm-is-shutdown.patch net-fec-introduce-fec_ptp_stop-and-use-in-probe-fail-path.patch