[Oraclevm-errata] OVMSA-2018-0006 Important: Oracle VM 3.4 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Jan 9 11:06:35 PST 2018


Oracle VM Security Advisory OVMSA-2018-0006

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.4.4-155.0.12.el6.x86_64.rpm
xen-tools-4.4.4-155.0.12.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/xen-4.4.4-155.0.12.el6.src.rpm



Description of changes:

[4.4.4-155.0.12.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=bd770ecc2d0647c0cf5498391e3392e4dff5c5f9
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86: Always print info about speculative mitigation facilities (Boris 
Ostrovsky)  [Orabug: 27352414]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}
- x86: Don't use retpoline if CONFIG_INDIRECT_THUNK is not set (Boris 
Ostrovsky)  [Orabug: 27352414]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}

[4.4.4-155.0.11.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=e08ec4a5cb232f5a153c716f5519e5fbb52584cd
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- rpm: Add microcode_ctl dependency (Boris Ostrovsky) - x86: cpuint. 
Move the detection of CPU capabilities (Konrad Rzeszutek Wilk)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- migration: Set the CPUID _before_ XEN_DOMCTL_sethvmcontext (Konrad 
Rzeszutek Wilk)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}
- x86/xen: Make cpu_has_[stibp,ibrsp,etc] work. (Konrad Rzeszutek Wilk) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Expose CPUID.7, EDX.26->27 and CPUID.0x80000008, EBX.12 (Konrad 
Rzeszutek Wilk)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}
- x86/idle: Clear SPEC_CTRL while idle (Andrew Cooper)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/cpuid: Offer Indirect Branch Controls to guests (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/ctxt: Issue a speculation barrier between vcpu contexts (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/entry: Clobber the Return Stack Buffer on entry to Xen (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/boot: Calculate the most appropriate BTI mitigation to use (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/entry: Use MSR_SPEC_CTRL at each entry/exit point (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Protect unaware domains from meddling hyperthreads (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/hvm: Permit guests direct access to MSR_{SPEC_CTRL,PRED_CMD} 
(Andrew Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}
- x86/migrate: Move MSR_SPEC_CTRL on migrate (Andrew Cooper)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/msr: Emulation of MSR_{SPEC_CTRL,PRED_CMD} for guests (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Introduce a common cpuid_policy_updated() (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Introduce framework for cpuid policy updates (Boris Ostrovsky) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Introduce cpuid_policy (Boris Ostrovsky)  [Orabug: 27344753] 
{CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/msr: introduce struct msr_vcpu_policy (Sergey Dyasli)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/cmdline: Introduce a command line option to disable IBRS/IBPB, 
STIBP and IBPB (Andrew Cooper)  [Orabug: 27344753]  {CVE-2017-5753} 
{CVE-2017-5715} {CVE-2017-5754}
- xen: add an optional string end parameter to parse_bool() (Juergen 
Gross)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/feature: Definitions for Indirect Branch Controls (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Introduce alternative indirect thunks (Andrew Cooper)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Backport setup_force_cpu_cap (Boris Ostrovsky)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/amd: Try to set lfence as being Dispatch Serialising (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/boot: Report details of speculative mitigations (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Support indirect thunks from assembly code (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- common/wait: Clarifications to wait infrastructure (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86: Support compiling with indirect branch thunks (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/entry: Erase guest GPR state on entry to Xen (Andrew Cooper) 
[Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/pv: Move hypercall handling up into C (Andrew Cooper)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/hvm: Use SAVE_ALL to construct the cpu_user_regs frame after 
VMExit (Andrew Cooper)  [Orabug: 27344753]  {CVE-2017-5753} 
{CVE-2017-5715} {CVE-2017-5754}
- x86/entry: Rearrange RESTORE_ALL to restore register in stack order 
(Andrew Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} 
{CVE-2017-5754}
- x86/entry: Remove support for partial cpu_user_regs frames (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/alt: Introduce ALTERNATIVE{,_2} macros (Andrew Cooper)  [Orabug: 
27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/alt: Break out alternative-asm into a separate header file (Andrew 
Cooper)  [Orabug: 27344753]  {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754}
- x86/hvm: assert that we we saved a sane number of MSRs. (Tim Deegan) 
[Orabug: 27338201]
- x86: Avoid corruption on migrate for vcpus using CPUID Faulting 
(Andrew Cooper)  [Orabug: 27338201]
- x86/hvm: Don't corrupt the HVM context stream when writing the MSR 
record (Andrew Cooper)  [Orabug: 27338201]
- x86: generic MSRs save/restore (Jan Beulich)  [Orabug: 27338201]
- x86/msr: introduce guest_wrmsr() (Sergey Dyasli)  [Orabug: 27338201]
- x86/msr: introduce guest_rdmsr() (Sergey Dyasli)  [Orabug: 27338201]
- x86/msr: introduce struct msr_domain_policy (Sergey Dyasli)  [Orabug: 
27338201]
- microcode: Always scan the initramfs for microcode (Konrad Rzeszutek 
Wilk)  [Orabug: 27338209]
- x86: Move microcode loading earlier (Konrad Rzeszutek Wilk)  [Orabug: 
27338209]
- livepatch: Alternative backport compile issues under Xen 4.4 (Konrad 
Rzeszutek Wilk)  [Orabug: 27338204]
- x86: support 2- and 3-way alternatives (Jan Beulich)  [Orabug: 27338204]
- xen/x86/alternatives: Do not use sync_core() to serialize I$ (Borislav 
Petkov)  [Orabug: 27338204]
- livepatch: NOP if func->new_addr is zero. (Konrad Rzeszutek Wilk) 
[Orabug: 27338204]
- alternatives: x86 rename and change parameters on ARM (Konrad 
Rzeszutek Wilk)  [Orabug: 27338204]
- x86/arm64: Expose the ALT_[ORIG|REPL]_PTR macros to header files. 
(Konrad Rzeszutek Wilk)  [Orabug: 27338204]
- xsplice: Add support for alternatives (Ross Lagerwall)  [Orabug: 27338204]
- x86: Alter nmi_callback_t typedef (Konrad Rzeszutek Wilk)  [Orabug: 
27338204]
- x86/alternatives: correct near branch check (Jan Beulich)  [Orabug: 
27338204]
- x86: disable CR0.WP while applying alternatives (Andrew Cooper) 
[Orabug: 27338204]
- work around Clang generating .data.rel.ro section for init-only files 
(Andrew Cooper)  [Orabug: 27338204]
- x86: move alternative.c data fully into .init.* (Jan Beulich) 
[Orabug: 27338204]
- x86: port the basic alternative mechanism from Linux to Xen (Feng Wu) 
[Orabug: 27338204]
- x86: add definitions for NOP operation (Feng Wu)  [Orabug: 27338204]

[4.4.4-155.0.10.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=32639222bb19e981f5500fcef435fce2c1c6eef0
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- xen.spec: Add sbsignxen to sign xen.efi binary. (Srinivas Maturi) 
[Orabug: 27261277]

[4.4.4-155.0.9.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=73f85f0b6808e91db01457ff5f6fa74a6e1fa4f5
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86/setup: do not relocate modules and crashkernel region over the Xen 
image (Daniel Kiper)  [Orabug: 27248005]
- x86/boot: add missing branch to the dom0 kernel data acquisition 
(Daniel Kiper)  [Orabug: 27234709]
- xen/x86: do not put .efi.pe.header section into LOAD segment (Daniel 
Kiper)  [Orabug: 27248005]
- xen/x86: do not relocate below the end of current Xen image placement 
(Daniel Kiper)  [Orabug: 27248005]
- xen/x86: do not relocate the Xen image if the bootloader did the work 
for us (Daniel Kiper)  [Orabug: 27248005]
- xen/x86: Build xen.mb.efi directly from xen-syms (Daniel Kiper) 
[Orabug: 27180757]
- xen/x86/efi: Verify dom0 kernel with SHIM_LOCK protocol in 
efi_multiboot2() (Daniel Kiper)  [Orabug: 27180757]
- efi: split out efi_shim_lock() (Daniel Kiper)  [Orabug: 27180757]
- xen/x86: Add some addresses to the Multiboot2 header (Daniel Kiper) 
[Orabug: 27180757]
- xen/x86: Add some addresses to the Multiboot header (Daniel Kiper) 
[Orabug: 27180757]
- xen/x86: Manually build PE header (Daniel Kiper)  [Orabug: 27180757]
- xen: Introduce XEN_COMPILE_POSIX_TIME (Daniel Kiper)  [Orabug: 27180757]
- xen/x86/boot: Align the stack as UEFI spec requires (Daniel Kiper) 
[Orabug: 27180757]

[4.4.4-155.0.8.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=667086f56694d9e4e1f45b3ac9126bb8d8ceff26
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=346fdd7edd73f8287d0d0a2bab9c67b71bc6b8ba
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- Fix dom0_vcpus_pin regression (Konrad Rzeszutek Wilk)  [Orabug: 27234748]
- xend/python: Add 'enclosure-type' (Konrad Rzeszutek Wilk)  [Orabug: 
27220742]
- xend/python: Expand the list of parameters that can be changed to 
include all (Konrad Rzeszutek Wilk) - xend/python: Export DMI asset-tag 
and platform to guests. (Konrad Rzeszutek Wilk)  [Orabug: 27220742]
- vNUMA: fix the selection of correct number of cores (Elena Ufimtseva) 
[Orabug: 27222930]




More information about the Oraclevm-errata mailing list