I've backported a number of fixes for security issues affecting 4.4- stable. All of these are already fixed in the newer stable branches. For the BPF fix, I verified that the self-tests (taken from 4.14) didn't regress and temporarily added logging to check that the mitigation is applied when needed. For the KVM changes, I verified that IBPB/IBRS are now exposed to and used by a guest on Intel hardware. I also verified that the current self-tests for timers, usercopy and vm didn't regress. Ben. -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom
