Home Home > GIT Browse > SLE12-SP4
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Thumshirn <jthumshirn@suse.de>2019-05-15 09:26:12 +0200
committerJohannes Thumshirn <jthumshirn@suse.de>2019-05-15 09:26:12 +0200
commitb4d96a1835629320a142e9f51980b15700e9ec37 (patch)
treece2515faa64136a6cba9ff16b19057cabdb6c8f3
parentefaf05db39f2eb6582d53d0ab26255ad2b2d489a (diff)
parent1da26c73b40b5043711956004407340002ace405 (diff)
Merge branch 'SLE12-SP4-G4' into SLE12-SP4SLE12-SP4
Merge SLE12-SP4 G4 branch back into base. Conflicts: patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch patches.arch/x86-msr-index-cleanup-bit-defines.patch patches.arch/x86-speculation-consolidate-cpu-whitelists.patch patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch patches.arch/x86-speculation-mds-add-bug_msbds_only.patch patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch patches.arch/x86-speculation-mds-add-smt-warning-message.patch patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch
-rw-r--r--patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch2
-rw-r--r--patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch2
-rw-r--r--patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch2
-rw-r--r--patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch2
-rw-r--r--patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch2
-rw-r--r--patches.arch/x86-msr-index-cleanup-bit-defines.patch2
-rw-r--r--patches.arch/x86-speculation-consolidate-cpu-whitelists.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-bug_msbds_only.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-smt-warning-message.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch2
-rw-r--r--patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch2
-rw-r--r--patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch2
-rw-r--r--patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch2
-rw-r--r--patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch2
21 files changed, 21 insertions, 21 deletions
diff --git a/patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch b/patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch
index bec39883f1..cf5063beee 100644
--- a/patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch
+++ b/patches.arch/kvm-x86-report-stibp-on-get_supported_cpuid.patch
@@ -3,7 +3,7 @@ Date: Wed, 5 Dec 2018 17:19:56 -0200
Subject: kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
Git-commit: d7b09c827a6cf291f66637a36f46928dd1423184
Patch-mainline: v5.0-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Months ago, we have added code to allow direct access to MSR_IA32_SPEC_CTRL
to the guest, which makes STIBP available to guests. This was implemented
diff --git a/patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch b/patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch
index e431bdf60d..cec803db31 100644
--- a/patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch
+++ b/patches.arch/locking-atomics-asm-generic-move-some-macros-from-linux-bitops-h-to-a-new-linux-bits-h-file.patch
@@ -4,7 +4,7 @@ Subject: locking/atomics, asm-generic: Move some macros from <linux/bitops.h>
to a new <linux/bits.h> file
Git-commit: 8bd9cb51daac89337295b6f037b0486911e1b408
Patch-mainline: v4.19-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
In preparation for implementing the asm-generic atomic bitops in terms
of atomic_long_*(), we need to prevent <asm/atomic.h> implementations from
diff --git a/patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch b/patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch
index 5cdecdb444..70223a4371 100644
--- a/patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch
+++ b/patches.arch/x86-cpu-sanitize-fam6_atom-naming.patch
@@ -3,7 +3,7 @@ Date: Tue, 7 Aug 2018 10:17:27 -0700
Subject: x86/cpu: Sanitize FAM6_ATOM naming
Git-commit: f2c4db1bd80720cd8cb2a5aa220d9bc9f374f04e
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
commit f2c4db1bd80720cd8cb2a5aa220d9bc9f374f04e upstream
diff --git a/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch b/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
index ef439ddf46..8c82273415 100644
--- a/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
+++ b/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
@@ -3,7 +3,7 @@ Date: Fri, 18 Jan 2019 16:50:23 -0800
Subject: x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
Git-commit: 6c4dbbd14730c43f4ed808a9c42ca41625925c22
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
X86_FEATURE_MD_CLEAR is a new CPUID bit which is set when microcode
provides the mechanism to invoke a flush of various exploitable CPU buffers
diff --git a/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch b/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
index 72dc41269e..92d1e7ac68 100644
--- a/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
+++ b/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
@@ -3,7 +3,7 @@ Date: Wed, 27 Feb 2019 12:48:14 +0100
Subject: x86/kvm/vmx: Add MDS protection when L1D Flush is not active
Git-commit: 650b68a0622f933444a6d66936abb3103029413b
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
CPUs which are affected by L1TF and MDS mitigate MDS with the L1D Flush on
VMENTER when updated microcode is installed.
diff --git a/patches.arch/x86-msr-index-cleanup-bit-defines.patch b/patches.arch/x86-msr-index-cleanup-bit-defines.patch
index 4fed2b84e7..6f134cb78c 100644
--- a/patches.arch/x86-msr-index-cleanup-bit-defines.patch
+++ b/patches.arch/x86-msr-index-cleanup-bit-defines.patch
@@ -3,7 +3,7 @@ Date: Thu, 21 Feb 2019 12:36:50 +0100
Subject: x86/msr-index: Cleanup bit defines
Git-commit: d8eabc37310a92df40d07c5a8afc53cebf996716
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Greg pointed out that speculation related bit defines are using (1 << N)
format instead of BIT(N). Aside of that (1 << N) is wrong as it should use
diff --git a/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch b/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
index a8953a02a2..2d9c602b0e 100644
--- a/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
+++ b/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
@@ -3,7 +3,7 @@ Date: Wed, 27 Feb 2019 10:10:23 +0100
Subject: x86/speculation: Consolidate CPU whitelists
Git-commit: 36ad35131adacc29b328b9c8b6277a8bf0d6fd5d
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
The CPU vulnerability whitelists have some overlap and there are more
whitelists coming along.
diff --git a/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch b/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
index 3b673bacec..94f91fb43e 100644
--- a/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
@@ -3,7 +3,7 @@ Date: Fri, 18 Jan 2019 16:50:16 -0800
Subject: x86/speculation/mds: Add basic bug infrastructure for MDS
Git-commit: ed5194c2732c8084af9fd159c146ea92bf137128
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Microarchitectural Data Sampling (MDS), is a class of side channel attacks
on internal buffers in Intel CPUs. The variants are:
diff --git a/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch b/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
index b6ebab3b9e..e789b6b1be 100644
--- a/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
+++ b/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
@@ -3,7 +3,7 @@ Date: Fri, 1 Mar 2019 20:21:08 +0100
Subject: x86/speculation/mds: Add BUG_MSBDS_ONLY
Git-commit: e261f209c3666e842fd645a1e31f001c3a26def9
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
This bug bit is set on CPUs which are only affected by Microarchitectural
Store Buffer Data Sampling (MSBDS) and not by any other MDS variant.
diff --git a/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch b/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
index d3303c9f25..ace13f6551 100644
--- a/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
+++ b/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
@@ -4,7 +4,7 @@ Subject: x86/speculation/mds: Add mds=full,nosmt cmdline option
Git-repo: tip/tip
Git-commit: d71eb0ce109a124b0fa714832823b9452f2762cf
Patch-mainline: Queued in a subsystem tree
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Add the mds=full,nosmt cmdline option. This is like mds=full, but with
SMT disabled if the CPU is vulnerable.
diff --git a/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch b/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
index 3d563bb801..be7aa07101 100644
--- a/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
+++ b/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
@@ -3,7 +3,7 @@ Date: Mon, 18 Feb 2019 23:13:06 +0100
Subject: x86/speculation/mds: Add mds_clear_cpu_buffers()
Git-commit: 6a9e529272517755904b7afa639f6db59ddb793e
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
The Microarchitectural Data Sampling (MDS) vulernabilities are mitigated by
clearing the affected CPU buffers. The mechanism for clearing the buffers
diff --git a/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch b/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
index 0cc8bfbf56..5ba6fa6b6f 100644
--- a/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
@@ -3,7 +3,7 @@ Date: Mon, 18 Feb 2019 22:04:08 +0100
Subject: x86/speculation/mds: Add mitigation control for MDS
Git-commit: bc1241700acd82ec69fde98c5763ce51086269f8
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Now that the mitigations are in place, add a command line parameter to
control the mitigation, a mitigation selector function and a SMT update
diff --git a/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch b/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
index 4f0e1f0f07..2892354690 100644
--- a/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
@@ -3,7 +3,7 @@ Date: Wed, 20 Feb 2019 09:40:40 +0100
Subject: x86/speculation/mds: Add mitigation mode VMWERV
Git-commit: 22dd8365088b6403630b82423cf906491859b65e
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
In virtualized environments it can happen that the host has the microcode
update which utilizes the VERW instruction to clear CPU buffers, but the
diff --git a/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch b/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
index 4405b7c895..ee8d12f86b 100644
--- a/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
@@ -4,7 +4,7 @@ Subject: x86/speculation/mds: Add 'mitigations=' support for MDS
Git-repo: tip/tip
Git-commit: 5c14068f87d04adc73ba3f41c2a303d3c3d1fa12
Patch-mainline: Queued in a subsystem tree
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Add MDS to the new 'mitigations=' cmdline option.
diff --git a/patches.arch/x86-speculation-mds-add-smt-warning-message.patch b/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
index 0ba3c2f544..bb34433e23 100644
--- a/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
+++ b/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
@@ -4,7 +4,7 @@ Subject: x86/speculation/mds: Add SMT warning message
Git-commit: 39226ef02bfb43248b7db12a4fdccb39d95318e3
Git-repo: tip/tip
Patch-mainline: Queued in a subsystem tree
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
MDS is vulnerable with SMT. Make that clear with a one-time printk
whenever SMT first gets enabled.
diff --git a/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch b/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
index 2a1c7ad669..90f30b7b44 100644
--- a/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
@@ -3,7 +3,7 @@ Date: Mon, 18 Feb 2019 22:51:43 +0100
Subject: x86/speculation/mds: Add sysfs reporting for MDS
Git-commit: 8a4b06d391b0a42a373808979b5028f5c84d9c6a
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Add the sysfs reporting file for MDS. It exposes the vulnerability and
mitigation state similar to the existing files for the other speculative
diff --git a/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch b/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
index 8501ae91ae..bcdf46ff31 100644
--- a/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
+++ b/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
@@ -3,7 +3,7 @@ Date: Mon, 18 Feb 2019 23:42:51 +0100
Subject: x86/speculation/mds: Clear CPU buffers on exit to user
Git-commit: 04dcbdb8057827b043b3c71aa397c4c63e67d086
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Add a static key which controls the invocation of the CPU buffer clear
mechanism on exit to user space and add the call into
diff --git a/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch b/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
index e55065d925..9102f2349d 100644
--- a/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
+++ b/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
@@ -3,7 +3,7 @@ Date: Mon, 18 Feb 2019 23:04:01 +0100
Subject: x86/speculation/mds: Conditionally clear CPU buffers on idle entry
Git-commit: 07f07f55a29cb705e221eda7894dd67ab81ef343
Patch-mainline: v5.1-rc1
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Add a static key which controls the invocation of the CPU buffer clear
mechanism on idle entry. This is independent of other MDS mitigations
diff --git a/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch b/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
index c9762dddd2..ef3abeb1f2 100644
--- a/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
+++ b/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
@@ -4,7 +4,7 @@ Subject: x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
Git-repo: tip/tip
Git-commit: e2c3c94788b08891dcf3dbe608f9880523ecd71b
Patch-mainline: Queued in a subsystem tree
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
This code is only for CPUs which are affected by MSBDS, but are *not*
affected by the other two MDS issues.
diff --git a/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch b/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
index cfcda3d0e4..c8c1edd2a8 100644
--- a/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
+++ b/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
@@ -4,7 +4,7 @@ Subject: x86/speculation: Move arch_smt_update() call to after mitigation decis
Git-repo: tip/tip
Git-commit: 7c3658b20194a5b3209a143f63bc9c643c6a3ae2
Patch-mainline: Queued in a subsystem tree
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
arch_smt_update() now has a dependency on both Spectre v2 and MDS
mitigations. Move its initial call to after all the mitigation decisions
diff --git a/patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch b/patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch
index 2ca003db81..1182e16ed4 100644
--- a/patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch
+++ b/patches.arch/x86-speculation-simplify-the-cpu-bug-detection-logic.patch
@@ -3,7 +3,7 @@ Date: Tue, 22 May 2018 11:05:39 +0200
Subject: x86/speculation: Simplify the CPU bug detection logic
Git-commit: 8ecc4979b1bd9c94168e6fc92960033b7a951336
Patch-mainline: v4.17-rc7
-References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
+References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Only CPUs which speculate can speculate. Therefore, it seems prudent
to test for cpu_no_speculation first and only then determine whether