Version in base suite: 3.1+dfsg-8+deb10u2

Base version: qemu_3.1+dfsg-8+deb10u2
Target version: qemu_3.1+dfsg-8+deb10u3
Base file: /srv/ftp-master.debian.org/ftp/pool/main/q/qemu/qemu_3.1+dfsg-8+deb10u2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/q/qemu/qemu_3.1+dfsg-8+deb10u3.dsc

 changelog                           |    7 +++++++
 patches/enable-pschange-mc-no.patch |   26 ++++++++++++++++++++++++++
 patches/series                      |    1 +
 3 files changed, 34 insertions(+)

diff -Nru qemu-3.1+dfsg/debian/changelog qemu-3.1+dfsg/debian/changelog
--- qemu-3.1+dfsg/debian/changelog	2019-08-24 12:56:15.000000000 +0000
+++ qemu-3.1+dfsg/debian/changelog	2019-11-11 06:29:19.000000000 +0000
@@ -1,3 +1,10 @@
+qemu (1:3.1+dfsg-8+deb10u3) buster-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * target/i386: add PSCHANGE_MC_NO feature
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Mon, 11 Nov 2019 07:29:19 +0100
+
 qemu (1:3.1+dfsg-8+deb10u2) buster-security; urgency=medium
 
   * slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
diff -Nru qemu-3.1+dfsg/debian/patches/enable-pschange-mc-no.patch qemu-3.1+dfsg/debian/patches/enable-pschange-mc-no.patch
--- qemu-3.1+dfsg/debian/patches/enable-pschange-mc-no.patch	1970-01-01 00:00:00.000000000 +0000
+++ qemu-3.1+dfsg/debian/patches/enable-pschange-mc-no.patch	2019-11-11 06:29:19.000000000 +0000
@@ -0,0 +1,26 @@
+From: Paolo Bonzini <pbonzini@redhat.com>
+Subject: target/i386: add PSCHANGE_MC_NO feature
+
+This is required to disable ITLB multihit mitigations in nested
+hypervisors.
+
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+---
+ target/i386/cpu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/target/i386/cpu.c b/target/i386/cpu.c
+index cd71a09b33..1bbba68b5e 100644
+--- a/target/i386/cpu.c
++++ b/target/i386/cpu.c
+@@ -1188,7 +1188,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
+         .type = MSR_FEATURE_WORD,
+         .feat_names = {
+             "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry",
+-            "ssb-no", "mds-no", NULL, NULL,
++            "ssb-no", "mds-no", "pschange-mc-no", NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+             NULL, NULL, NULL, NULL,
+--
+2.21.0
diff -Nru qemu-3.1+dfsg/debian/patches/series qemu-3.1+dfsg/debian/patches/series
--- qemu-3.1+dfsg/debian/patches/series	2019-08-24 12:56:15.000000000 +0000
+++ qemu-3.1+dfsg/debian/patches/series	2019-11-11 06:29:19.000000000 +0000
@@ -17,3 +17,4 @@
 qxl-check-release-info-object-CVE-2019-12155.patch
 qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch
 slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
+enable-pschange-mc-no.patch