UBUNTU: SAUCE: Synchronize MDS mitigations with upstream
Bring the Ubuntu MDS mitigations in sync with the upstream mitigations.
The initial Ubuntu backport was based on the next to last revision of
the base patch series from upstream.
There is no functional change except for adjusting L1TF warning messages
to use the new URL for the L1TF admin guide.
The Atom Silvermont and Airmont changes in the cpu_vuln_whitelist[]
cause no functional changes because Silvermont and Airmont do not
support Intel Hyper-Threading. Therefore, even without this change, the
CPU buffers would be properly flushed as the CPU thread goes into sleep
state and MDS would be reported as being mitigated.
This commit contains changes from the following upstream commits:
5999bbe7a6ea ("Documentation: Add MDS vulnerability documentation")
65fd4cb65b2d ("Documentation: Move L1TF to separate directory")
bc1241700acd ("x86/speculation/mds: Add mitigation control for MDS")
22dd8365088b ("x86/speculation/mds: Add mitigation mode VMWERV")
e261f209c366 ("x86/speculation/mds: Add BUG_MSBDS_ONLY")
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Acked-by: Connor Kuehl <connor.kuehl@canonical.com>
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>