blob: f57fffa2f05f44acd81035583cc3eeb9f4dffdaf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Description: speculative register leakage from lazy FPU context switching
References:
https://xenbits.xen.org/xsa/advisory-267.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
Notes:
carnil> Since 58122bf1d856a4ea9581d62a07c557d997d46a19 (4.6-rc1)
carnil> "x86/fpu: Default eagerfpu=on on all CPUs" and then since
carnil> ca6938a1cd8a1c5e861a99b67f84ac166fc2b9e7 (4.10-rc1) "x86/fpu:
carnil> Hard-disable lazy FPU mode".
carnil> Might be still sensible to apply the patch for 4.9-upstream-stable
carnil> x86-fpu-hard-disable-lazy-fpu-mode.patch for stretch.
bwh> Several more fixes were needed to make eagerfpu work on CPUs
bwh> without an FPU or FXSR, and they aren't practical to backport
bwh> to 3.16. I've prepared a fix that enables eagerfpu by default
bwh> if FPU and FXSR are available. This leaves the PPro and K6
bwh> family vulnerable since they do speculative execution but don't
bwh> implement FXSR.
Bugs:
upstream: released (4.6-rc1) [58122bf1d856a4ea9581d62a07c557d997d46a19]
4.9-upstream-stable: N/A "Fixed before branching point"
3.16-upstream-stable: released (3.16.58) [d4f06dfa574db2af1de3ade75fb04240a94f19dc]
sid: released (4.6.1-1)
4.9-stretch-security: N/A "Fixed before branching point"
3.16-jessie-security: released (3.16.57-1) [bugfix/x86/x86-fpu-default-eagerfpu-if-fpu-and-fxsr-are-enabled.patch]
|
