On Mon, Apr 30, 2018 at 04:37:48PM +0200, Christoffer Dall wrote: > On Sun, Apr 29, 2018 at 02:34:45PM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote: > > The patch below was submitted to be applied to the 4.16-stable tree. > > > > I fail to see how this patch meets the stable kernel rules as found at > > Documentation/process/stable-kernel-rules.rst. > > > > I could be totally wrong, and if so, please respond to > > <stable@xxxxxxxxxxxxxxx> and let me know why this patch should be > > applied. Otherwise, it is now dropped from my patch queues, never to be > > seen again. > > This patch ensures that current userspace drivers of KVM VMs will fail > migration to targets that do not support spectre/meltdown mitigations. > Without this patch, VMs can be migrated to hosts that do not have > mitigation support without any warning to the system admin. We > considered this a real security issue as per the stable kernel rules. > > If you disagree, feel free to drop this patch without further > discussion. > > Thanks, > -Christoffer > > > > > ------------------ original commit in Linus's tree ------------------ > > > > From 85bd0ba1ff9875798fad94218b627ea9f768f3c3 Mon Sep 17 00:00:00 2001 > > From: Marc Zyngier <marc.zyngier@xxxxxxx> > > Date: Sun, 21 Jan 2018 16:42:56 +0000 > > Subject: [PATCH] arm/arm64: KVM: Add PSCI version selection API > > > > Although we've implemented PSCI 0.1, 0.2 and 1.0, we expose either 0.1 > > or 1.0 to a guest, defaulting to the latest version of the PSCI > > implementation that is compatible with the requested version. This is > > no different from doing a firmware upgrade on KVM. > > > > But in order to give a chance to hypothetical badly implemented guests > > that would have a fit by discovering something other than PSCI 0.2, > > let's provide a new API that allows userspace to pick one particular > > version of the API. > > > > This is implemented as a new class of "firmware" registers, where > > we expose the PSCI version. This allows the PSCI version to be > > save/restored as part of a guest migration, and also set to > > any supported version if the guest requires it. > > > > Cc: stable@xxxxxxxxxxxxxxx #4.16 > > Reviewed-by: Christoffer Dall <cdall@xxxxxxxxxx> > > Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx> Also, it looks like this applies cleanly to 4.14.y, do you want it there as well? thanks, greg k-h