On 30/04/18 16:09, Greg KH wrote: > On Mon, Apr 30, 2018 at 04:37:48PM +0200, Christoffer Dall wrote: >> On Sun, Apr 29, 2018 at 02:34:45PM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote: >>> The patch below was submitted to be applied to the 4.16-stable tree. >>> >>> I fail to see how this patch meets the stable kernel rules as found at >>> Documentation/process/stable-kernel-rules.rst. >>> >>> I could be totally wrong, and if so, please respond to >>> <stable@xxxxxxxxxxxxxxx> and let me know why this patch should be >>> applied. Otherwise, it is now dropped from my patch queues, never to be >>> seen again. >> >> This patch ensures that current userspace drivers of KVM VMs will fail >> migration to targets that do not support spectre/meltdown mitigations. >> Without this patch, VMs can be migrated to hosts that do not have >> mitigation support without any warning to the system admin. We >> considered this a real security issue as per the stable kernel rules. >> >> If you disagree, feel free to drop this patch without further >> discussion. >> >> Thanks, >> -Christoffer >> >>> >>> ------------------ original commit in Linus's tree ------------------ >>> >>> From 85bd0ba1ff9875798fad94218b627ea9f768f3c3 Mon Sep 17 00:00:00 2001 >>> From: Marc Zyngier <marc.zyngier@xxxxxxx> >>> Date: Sun, 21 Jan 2018 16:42:56 +0000 >>> Subject: [PATCH] arm/arm64: KVM: Add PSCI version selection API >>> >>> Although we've implemented PSCI 0.1, 0.2 and 1.0, we expose either 0.1 >>> or 1.0 to a guest, defaulting to the latest version of the PSCI >>> implementation that is compatible with the requested version. This is >>> no different from doing a firmware upgrade on KVM. >>> >>> But in order to give a chance to hypothetical badly implemented guests >>> that would have a fit by discovering something other than PSCI 0.2, >>> let's provide a new API that allows userspace to pick one particular >>> version of the API. >>> >>> This is implemented as a new class of "firmware" registers, where >>> we expose the PSCI version. This allows the PSCI version to be >>> save/restored as part of a guest migration, and also set to >>> any supported version if the guest requires it. >>> >>> Cc: stable@xxxxxxxxxxxxxxx #4.16 >>> Reviewed-by: Christoffer Dall <cdall@xxxxxxxxxx> >>> Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx> > > Also, it looks like this applies cleanly to 4.14.y, do you want it there > as well? Yes. It is likely that any backport of the Spectre series will want this as well. Thanks, M. -- Jazz is not dead. It just smells funny...