[3.13.y.z extended stable] Patch "KVM: x86: Emulator does not decode clflush well" has been added to staging queue
Nadav Amit
nadav.amit at gmail.com
Mon Nov 3 20:22:58 UTC 2014
> On Nov 3, 2014, at 19:36, Luis Henriques <luis.henriques at canonical.com> wrote:
>
> On Fri, Oct 31, 2014 at 01:53:45PM -0700, Kamal Mostafa wrote:
>> This is a note to let you know that I have just added a patch titled
>>
>> KVM: x86: Emulator does not decode clflush well
>>
>> to the linux-3.13.y-queue branch of the 3.13.y.z extended stable tree
>> which can be found at:
>>
>> http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.13.y-queue
>>
>> This patch is scheduled to be released in version 3.13.11.11.
>>
>> If you, or anyone else, feels it should not be added to this tree, please
>> reply to this email.
>>
>> For more information about the 3.13.y.z tree, see
>> https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable
>>
>> Thanks.
>> -Kamal
>>
>> ------
>>
>> From 3cf1cc997f89242c852dca2469ca4303348d29a5 Mon Sep 17 00:00:00 2001
>> From: Nadav Amit <namit at cs.technion.ac.il>
>> Date: Mon, 13 Oct 2014 13:04:13 +0300
>> Subject: KVM: x86: Emulator does not decode clflush well
>>
>> commit 13e457e0eebf0a0c82c38ceb890d93eb826d62a6 upstream.
>>
>> Currently, all group15 instructions are decoded as clflush (e.g., mfence,
>> xsave). In addition, the clflush instruction requires no prefix (66/f2/f3)
>> would exist. If prefix exists it may encode a different instruction (e.g.,
>> clflushopt).
>>
>> Creating a group for clflush, and different group for each prefix.
>>
>> This has been the case forever, but the next patch needs the cflush group
>> in order to fix a bug introduced in 3.17.
>
> Given the above ^^^
>
>> Fixes: 41061cdb98a0bec464278b4db8e894a3121671f5
>
> And the fact that this commit isn't present in 3.13, I'm not sure this
> patch is relevant for this stable kernel. Could someone confirm this
> please?
Yes. IMO this patch should not be required for 3.13 as a security patch.
Note that it still improves the emulation of guest code, but we did not see a real-life scenario that should be affected.
Nadav
More information about the kernel-team
mailing list