[SRU OEM-5.10/OEM-5.13 0/2] CVE-2021-3653/CVE-2021-3656
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Tue Aug 17 13:00:19 UTC 2021
There are two commits here as landed upstream. For 5.13, I backported from
mainline, just fixing context (removing lines that were not present on 5.13),
which ended up the same as the backports for upstream 5.13.y.
For 5.10, I picked the fix for CVE-2021-3653 from upstream 5.10.y, as there
were some struct member changes, besides the absent lines. For CVE-2021-3656,
it was only the absent lines so I picked the mainline version and backported
it. The end result is the same as picking only from 5.10.y.
The reason I preferred backporting the mainline ones is that it makes it easier
for the autotriage process, though I ended up with one extra commit ID that I
will have to work with.
As for testing, I tested that one can still launch L2 linux guests after the
fixes, so LP: #1940134 does not affect these backports. Also, one PoC was used
for testing that CVE-2021-3656 is fixed.
Maxim Levitsky (2):
KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
(CVE-2021-3653)
KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
arch/x86/include/asm/svm.h | 2 ++
arch/x86/kvm/svm/nested.c | 12 +++++++++---
arch/x86/kvm/svm/svm.c | 9 +++++----
3 files changed, 16 insertions(+), 7 deletions(-)
--
2.30.2
More information about the kernel-team
mailing list