| Message ID | 20180206163114.GA11190@brain |
|---|---|
| State | New |
| Headers | show |
| Series | [SRU,artful] LP#1747507 starting KVM instances hangs box | expand |
On 02/06/18 17:31, Andy Whitcroft wrote: > We have early reports of failures when attempting to start KVM VMs on > machines running the retpoline based kernels. This is triggered by > a flaw in the RSB stuffing code retpoline introduces. This pull request > pulls in 5 upstream commits (all from the stable 4.14 branch) which > correct this code. > > With these applied I am again able to start VMs. > > Proposing to add to artful linux where the retpoline patches are > applied. > > -apw > > The following changes since commit bc3391e235def1ebcded0952bd4418ee2429bedc: > > UBUNTU: [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y (2018-02-05 18:23:06 +0100) > > are available in the Git repository at: > > https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/artful-retpoline-intelv1--pull2 > > for you to fetch changes up to c95f498604801249575313ee5007c378208b2659: > > x86/retpoline: Simplify vmexit_fill_RSB() (2018-02-06 16:23:56 +0000) > > ---------------------------------------------------------------- > * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715 > (Spectre v2 retpoline) > - x86/retpoline: Fill RSB on context switch for affected CPUs > - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros > - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB > - x86/retpoline: Remove the esp/rsp thunk > - x86/retpoline: Simplify vmexit_fill_RSB() > Applied to artful/master-next branch. Thanks, Kleber
We have early reports of failures when attempting to start KVM VMs on machines running the retpoline based kernels. This is triggered by a flaw in the RSB stuffing code retpoline introduces. This pull request pulls in 5 upstream commits (all from the stable 4.14 branch) which correct this code. With these applied I am again able to start VMs. Proposing to add to artful linux where the retpoline patches are applied. -apw The following changes since commit bc3391e235def1ebcded0952bd4418ee2429bedc: UBUNTU: [Config] UNMAP_KERNEL_AT_EL0=y && HARDEN_BRANCH_PREDICTOR=y (2018-02-05 18:23:06 +0100) are available in the Git repository at: https://git.launchpad.net/~apw/ubuntu/+source/linux/+git/pti pti/artful-retpoline-intelv1--pull2 for you to fetch changes up to c95f498604801249575313ee5007c378208b2659: x86/retpoline: Simplify vmexit_fill_RSB() (2018-02-06 16:23:56 +0000) ---------------------------------------------------------------- * starting VMs causing retpoline4 to reboot (LP: #1747507) // CVE-2017-5715 (Spectre v2 retpoline) - x86/retpoline: Fill RSB on context switch for affected CPUs - x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros - x86/retpoline: Optimize inline assembler for vmexit_fill_RSB - x86/retpoline: Remove the esp/rsp thunk - x86/retpoline: Simplify vmexit_fill_RSB()