Sync FSGSBASE patches in azure kernel with mainline
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-azure (Ubuntu) |
Fix Released
|
Medium
|
Marcelo Cerri | ||
Bionic |
Invalid
|
Undecided
|
Marcelo Cerri | ||
Focal |
Fix Released
|
Medium
|
Marcelo Cerri | ||
Groovy |
Invalid
|
Undecided
|
Marcelo Cerri | ||
linux-azure-4.15 (Ubuntu) |
In Progress
|
Medium
|
Marcelo Cerri | ||
Bionic |
Fix Released
|
Medium
|
Marcelo Cerri | ||
Focal |
Invalid
|
Undecided
|
Marcelo Cerri | ||
Groovy |
Invalid
|
Undecided
|
Marcelo Cerri |
Bug Description
[Impact]
To include the missing upstream patches to the 4.15 and 5.4 kernel.
* x86/entry/64: Do not use RDPID in paranoid entry to accommodate KVM:
- occasional random failure when running KVM
* x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_
- Google folks found this when running their fuzzy test cases. Don't know how realistic this can hit.
* x86/fsgsbase: Fix Xen PV support
* x86/process/64: Make save_fsgs_for_kvm() ready for FSGSBASE
- these two are for VMMs.
Some of these are already included in our azure kernels. 5.8 doesn't need them because we already synced with upstream while preparing it.
[Test Case]
Since we are syncing with mainline a boot test and a regression test in ACC instances should be enough to confirm the changes are working.
Since these instances are not publicly available yet, Msft is helping us to test this changes.
[Where problems could occur]
This affects the SGX driver that is only available on ACC instances (which is not widely used yet).
CVE References
Changed in linux-azure (Ubuntu Groovy): | |
status: | New → Invalid |
Changed in linux-azure-4.15 (Ubuntu Groovy): | |
status: | New → Invalid |
Changed in linux-azure-4.15 (Ubuntu Focal): | |
status: | New → Invalid |
Changed in linux-azure-4.15 (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → Medium |
Changed in linux-azure (Ubuntu): | |
importance: | Undecided → Medium |
Changed in linux-azure-4.15 (Ubuntu): | |
importance: | Undecided → Medium |
Changed in linux-azure (Ubuntu Bionic): | |
status: | New → Invalid |
Changed in linux-azure (Ubuntu Focal): | |
status: | New → In Progress |
Changed in linux-azure-4.15 (Ubuntu): | |
status: | New → In Progress |
Changed in linux-azure (Ubuntu Focal): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure-4.15 (Ubuntu Bionic): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure-4.15 (Ubuntu): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure (Ubuntu Bionic): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure (Ubuntu Groovy): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure-4.15 (Ubuntu Focal): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure-4.15 (Ubuntu Groovy): | |
assignee: | nobody → Marcelo Cerri (mhcerri) |
Changed in linux-azure (Ubuntu Focal): | |
importance: | Undecided → Medium |
description: | updated |
Changed in linux-azure-4.15 (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in linux-azure (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Submitted to SRU:
https:/ /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116803. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116804. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116805. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116806. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116807. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116808. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116809. html /lists. ubuntu. com/archives/ kernel- team/2021- January/ 116810. html
https:/
https:/
https:/
https:/
https:/
https:/
https:/