Re: Re: Linux x86_64 NMI security issues

[Luis Henriques <luis.henriques () canonical com>]

On Fri, Jul 24, 2015 at 11:12:48PM -0700, Andy Lutomirski wrote:
> On 07/24/2015 07:16 AM, Josh Boyer wrote:
> > On Wed, Jul 22, 2015 at 2:12 PM, Andy Lutomirski <luto () amacapital net> wrote:
> > > Note: Several of these fixes each depend on a few patches immediately
> > > before them.  The NMI stack switching fix also depends on changes made
> > > in 4.2 and will appear to apply but crash on older kernels.  I have a
> > > different variant that's more portable.
> >
> > Given that none of these are going to apply cleanly on older kernels,
> > do you have backports available for 4.1.y and the longterm stable
> > kernels?
>
> There's this:
>
> https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/nmi-backport
>
> which is a combined effort of me and Ben Hutchings.  It's not synced up
> to the fixes in Linus' tree.

Thank you all for working on these backports.  I'm planning to use
them (and more specifically the patches in the Debian kernel) for the
3.16 stable kernel.

Cheers,
--
Luís


> Note that even Linus' tree doesn't have the synchronous modify_ldt fix
> yet.  I sent a hopefully final version of that out a few minutes ago.
>
> --Andy