Ubuntu
linux package

~smb/ubuntu/+source/linux/+git/focal:master-next

Last commit made on 2021-08-17

Get this branch:: git clone -b master-next https://git.launchpad.net/~smb/ubuntu/+source/linux/+git/focal

Only Stefan Bader can upload to this branch. If you are Stefan Bader please log in for upload directions.

Branch merges

Branch information

Name:: master-next

Repository:: lp:~smb/ubuntu/+source/linux/+git/focal

Recent commits

3027eac... by Stefan Bader on 2021-08-17

UBUNTU: Ubuntu-5.4.0-83.93

Signed-off-by: Stefan Bader <email address hidden>

a3a6890... by Stefan Bader on 2021-08-17

UBUNTU: link-to-tracker: update tracking bug

BugLink: https://bugs.launchpad.net/bugs/1940159
Properties: no-test-build
Signed-off-by: Stefan Bader <email address hidden>

47aa927... by Maxim Levitsky <email address hidden> on 2021-08-16

KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)

BugLink: https://bugs.launchpad.net/bugs/1940134

commit 0f923e07124df069ba68d8bb12324398f4b6b709 upstream.

* Invert the mask of bits that we pick from L2 in
nested_vmcb02_prepare_control

* Invert and explicitly use VIRQ related bits bitmask in svm_clear_vintr

This fixes a security issue that allowed a malicious L1 to run L2 with
AVIC enabled, which allowed the L2 to exploit the uninitialized and enabled
AVIC to read/write the host physical memory at some offsets.

Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler")
Signed-off-by: Maxim Levitsky <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
Signed-off-by: Greg Kroah-Hartman <email address hidden>
(cherry picked from commit 4d9059df57cb3b8ff07cea55ba439fa3c846ef80 linux-5.4.y)
CVE-2021-3653
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Kamal Mostafa <email address hidden>
Acked-by: Ian May <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>

9e4079b... by Thadeu Lima de Souza Cascardo on 2021-08-16

UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl"

BugLink: https://bugs.launchpad.net/bugs/1940134

This reverts commit ba798c67f196aa2719a0ca1544d2d7c72b713d05.

When launching L2 Linux guests on systems with VGIF support, they would
fail to boot, not showing any console output.

Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Kamal Mostafa <email address hidden>
Acked-by: Ian May <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>

1d6d4e3... by Stefan Bader on 2021-08-17

UBUNTU: Start new release

Ignore: yes
Signed-off-by: Stefan Bader <email address hidden>

62539d6... by Stefan Bader on 2021-08-13

UBUNTU: Ubuntu-5.4.0-82.92

Signed-off-by: Stefan Bader <email address hidden>

2c7d759... by Stefan Bader on 2021-08-13

UBUNTU: debian/dkms-versions -- update from kernel-versions (main/2021.08.16)

BugLink: https://bugs.launchpad.net/bugs/1786013
Signed-off-by: Stefan Bader <email address hidden>

3016003... by Stefan Bader on 2021-08-13

UBUNTU: link-to-tracker: update tracking bug

BugLink: https://bugs.launchpad.net/bugs/1939799
Properties: no-test-build
Signed-off-by: Stefan Bader <email address hidden>

001ba8e... by Maxim Levitsky <email address hidden> on 2021-07-29

UBUNTU: SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

If L1 disables VMLOAD/VMSAVE intercepts, and doesn't enable
Virtual VMLOAD/VMSAVE (currently not supported for the nested hypervisor),
then VMLOAD/VMSAVE must operate on the L1 physical memory, which is only
possible by making L0 intercept these instructions.

Failure to do so allowed the nested guest to run VMLOAD/VMSAVE unintercepted,
and thus read/write portions of the host physical memory.

This fixes CVE-2021-3656, which was discovered by Maxim Levitsky and
Paolo Bonzini.

Fixes: 89c8a4984fc9 ("KVM: SVM: Enable Virtual VMLOAD VMSAVE feature")
Signed-off-by: Maxim Levitsky <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
CVE-2021-3656
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Stefan Bader <email address hidden>
Acked-by: Ben Romer <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>

ba798c6... by Maxim Levitsky <email address hidden> on 2021-07-29

UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl

This fixes CVE-2021-3653 that allowed a malicious L1 to run L2 with
AVIC enabled, which allowed the L2 to exploit the uninitialized and enabled
AVIC to read/write the host physical memory at some offsets.

The bug was discovered by Maxim Levitsky.

Fixes: 3d6368ef580a ("KVM: SVM: Add VMRUN handler")
Signed-off-by: Maxim Levitsky <email address hidden>
Signed-off-by: Paolo Bonzini <email address hidden>
CVE-2021-3653
Signed-off-by: Thadeu Lima de Souza Cascardo <email address hidden>
Acked-by: Stefan Bader <email address hidden>
Acked-by: Ben Romer <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>

Ubuntulinux package

~smb/ubuntu/+source/linux/+git/focal:master-next

Branch merges

Related source package recipes

Related snap packages

Related charm recipes

Branch information

Recent commits

Ubuntu
linux package