Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2022-07-15 13:52:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new.1523 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Fri Jul 15 13:52:13 2022 rev:649 rq:989311 version:5.18.11
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2022-07-09 16:59:55.468516087 +0200
+++ /work/SRC/openSUSE:Factory/.kernel-source.new.1523/dtb-aarch64.changes
2022-07-15 13:52:15.219559076 +0200
@@ -1,0 +2,576 @@
+Fri Jul 15 07:36:11 CEST 2022 - jsl...@suse.cz
+
+- Refresh
+ patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch.
+ Update upstream status.
+- commit 4fcb983
+
+-------------------------------------------------------------------
+Fri Jul 15 07:00:18 CEST 2022 - jsl...@suse.cz
+
+- x86/mm: Simplify RESERVE_BRK() (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- commit da1381f
+
+-------------------------------------------------------------------
+Fri Jul 15 06:36:06 CEST 2022 - jsl...@suse.cz
+
+- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- commit ce3ce6a
+
+-------------------------------------------------------------------
+Fri Jul 15 06:35:26 CEST 2022 - jsl...@suse.cz
+
+- Refresh
+ patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch.
+ Update to upstream version.
+- commit 3f7e318
+
+-------------------------------------------------------------------
+Thu Jul 14 13:33:10 CEST 2022 - jsl...@suse.cz
+
+- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+ Update upstream status.
+- commit eae54b1
+
+-------------------------------------------------------------------
+Thu Jul 14 10:40:05 CEST 2022 - jsl...@suse.cz
+
+- tty: use new tty_insert_flip_string_and_push_buffer() in
+ pty_write() (bsc#1198829 CVE-2022-1462).
+- tty: extract tty_flip_buffer_commit() from
+ tty_flip_buffer_push() (bsc#1198829 CVE-2022-1462).
+- commit cec52d3
+
+-------------------------------------------------------------------
+Thu Jul 14 07:55:22 CEST 2022 - jsl...@suse.cz
+
+- x86/kvm: fix FASTOP_SIZE when return thunks are enabled
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- commit 86ef7b4
+
+-------------------------------------------------------------------
+Wed Jul 13 10:16:25 CEST 2022 - jsl...@suse.cz
+
+- x86/asm/32: fix ANNOTATE_UNRET_SAFE use on 32bit (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/static_call: Serialize __static_call_fixup() properly
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Disable RRSBA behavior (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/kexec: Disable RET on kexec (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Add Cannon lake to RETBleed affected CPU list
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- commit 834606b
+
+-------------------------------------------------------------------
+Wed Jul 13 10:13:38 CEST 2022 - jsl...@suse.cz
+
+- x86/retbleed: Add fine grained Kconfig knobs (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- Update config files.
+- commit 9dbc2f6
+
+-------------------------------------------------------------------
+Wed Jul 13 10:12:07 CEST 2022 - jsl...@suse.cz
+
+- x86/cpu/amd: Enumerate BTC_NO (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/common: Stamp out the stepping madness (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- KVM: VMX: Prevent RSB underflow before vmenter (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Fill RSB on vmexit for IBRS (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- KVM: VMX: Fix IBRS handling after vmexit (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- KVM: VMX: Convert launched argument to flags (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- KVM: VMX: Flatten __vmx_vcpu_run() (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Remove x86_spec_ctrl_mask (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Use cached host SPEC_CTRL value for guest
+ entry/exit (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Fix SPEC_CTRL write on SMT state change
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Fix firmware entry SPEC_CTRL handling
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/cpu/amd: Add Spectral Chicken (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- objtool: Add entry UNRET validation (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/bugs: Do IBPB fallback check only once (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Add retbleed=ibpb (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/xen: Add UNTRAIN_RET (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/xen: Rename SYS* entry points (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- objtool: Update Retpoline validation (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- intel_idle: Disable IBRS during long idle (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Report Intel retbleed vulnerability (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Split spectre_v2_select_mitigation() and
+ spectre_v2_user_select_mitigation() (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/speculation: Add spectre_v2=ibrs option to support Kernel
+ IBRS (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Optimize SPEC_CTRL MSR writes (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/entry: Add kernel IBRS implementation (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bugs: Enable STIBP for JMP2RET (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- commit 023a0b9
+
+-------------------------------------------------------------------
+Wed Jul 13 10:11:39 CEST 2022 - jsl...@suse.cz
+
+- x86/bugs: Add AMD retbleed= boot parameter (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- Update config files.
+- commit a4a04c4
+
+-------------------------------------------------------------------
+Wed Jul 13 10:10:14 CEST 2022 - jsl...@suse.cz
+
+- x86/bugs: Report AMD retbleed vulnerability (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86: Add magic AMD return-thunk (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- objtool: Treat .text.__x86.* as noinstr (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/entry: Avoid very early RET (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86: Use return-thunk in asm code (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/sev: Avoid using __x86_return_thunk (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86/kvm: Fix SETcc emulation for return thunks (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/bpf: Use alternative RET encoding (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/ftrace: Use alternative RET encoding (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86,static_call: Use alternative RET encoding (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- objtool: skip non-text sections when adding return-thunk sites
+ (bsc#1199657 CVE-2022-29900 CVE-2022-29901).
+- x86,objtool: Create .return_sites (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86: Undo return-thunk damage (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/retpoline: Use -mfunction-return (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/retpoline: Swizzle retpoline thunk (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/retpoline: Cleanup some #ifdefery (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/cpufeatures: Move RETPOLINE flags to word 11 (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
+- x86/kvm/vmx: Make noinstr clean (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/entry: Remove skip_r11rcx (bsc#1199657 CVE-2022-29900
+ CVE-2022-29901).
+- x86/entry: Don't call error_entry() for XENPV (bsc#1199657
+ CVE-2022-29900 CVE-2022-29901).
++++ 379 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
++++ and /work/SRC/openSUSE:Factory/.kernel-source.new.1523/dtb-aarch64.changes
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
dtb-riscv64.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.183560679 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.187560680 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -29,9 +29,9 @@
%(chmod +x
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build})
Name: dtb-aarch64
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
dtb-riscv64.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.275560709 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.279560710 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.307560719 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.315560722 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: A Debug Version of the Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%ifarch ppc64
Provides: kernel-kdump = 2.6.28
Obsoletes: kernel-kdump <= 2.6.28
++++++ kernel-default.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.347560732 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.351560733 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Standard Kernel
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%ifarch %ix86
Provides: kernel-smp = 2.6.17
Obsoletes: kernel-smp <= 2.6.17
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.379560742 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.383560744 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
Summary: Kernel Documentation
License: GPL-2.0-only
Group: Documentation/Man
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -67,7 +67,7 @@
%endif
URL: https://www.kernel.org/
Provides: %name = %version-%source_rel
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.399560749 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.403560750 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Small Developer Kernel for KVM
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.447560764 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.451560765 +0200
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
@@ -45,7 +45,7 @@
%endif
%endif
%endif
-BuildRequires:
kernel%kernel_flavor-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+BuildRequires:
kernel%kernel_flavor-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%if 0%{?rhel_version}
BuildRequires: kernel
@@ -64,9 +64,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0-only
Group: SLES
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.479560775 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.487560777 +0200
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0-only
Group: SLES
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.523560789 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.531560791 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%ifarch %ix86
Provides: kernel-bigsmp = 2.6.17
Obsoletes: kernel-bigsmp <= 2.6.17
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.579560807 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.591560811 +0200
@@ -17,7 +17,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
@@ -31,9 +31,9 @@
%endif
Name: kernel-source
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -50,7 +50,7 @@
BuildRequires: sed
Requires(post): coreutils sed
Provides: %name = %version-%source_rel
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
Provides: linux
Provides: multiversion(kernel)
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.611560817 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.615560818 +0200
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0-only
Group: Development/Sources
-Version: 5.18.9
+Version: 5.18.11
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -52,7 +52,7 @@
%endif
Requires: pesign-obs-integration
Provides: %name = %version-%source_rel
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
Provides: multiversion(kernel)
Source: README.KSYMS
Requires: kernel-devel%variant = %version-%source_rel
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:20.635560825 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:20.639560826 +0200
@@ -18,7 +18,7 @@
%define srcversion 5.18
-%define patchversion 5.18.9
+%define patchversion 5.18.11
%define variant %{nil}
%define vanilla_only 0
%define compress_modules zstd
@@ -107,9 +107,9 @@
Summary: The Standard Kernel - without any SUSE patches
License: GPL-2.0-only
Group: System/Kernel
-Version: 5.18.9
+Version: 5.18.11
%if 0%{?is_kotd}
-Release: <RELEASE>.ga7c5f9c
+Release: <RELEASE>.g4fcb983
%else
Release: 0
%endif
@@ -234,10 +234,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides:
kernel-%build_flavor-base-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
-Provides: kernel-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides:
kernel-%build_flavor-base-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
+Provides: kernel-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
# END COMMON DEPS
-Provides: %name-srchash-a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+Provides: %name-srchash-4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
%obsolete_rebuilds %name
Source0:
https://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz
Source3: kernel-source.rpmlintrc
kernel-zfcpdump.spec: same change
++++++ config.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/arm64/default new/config/arm64/default
--- old/config/arm64/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/arm64/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 5.18.6 Kernel Configuration
+# Linux/arm64 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default
--- old/config/armv6hl/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/armv6hl/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 5.18.6 Kernel Configuration
+# Linux/arm 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default
--- old/config/armv7hl/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/armv7hl/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 5.18.6 Kernel Configuration
+# Linux/arm 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae
--- old/config/armv7hl/lpae 2022-07-04 10:08:29.000000000 +0200
+++ new/config/armv7hl/lpae 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 5.18.6 Kernel Configuration
+# Linux/arm 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/i386/pae new/config/i386/pae
--- old/config/i386/pae 2022-07-04 10:08:29.000000000 +0200
+++ new/config/i386/pae 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/i386 5.18.6 Kernel Configuration
+# Linux/i386 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
@@ -336,8 +336,6 @@
CONFIG_X86_FEATURE_NAMES=y
CONFIG_X86_MPPARSE=y
# CONFIG_GOLDFISH is not set
-CONFIG_RETPOLINE=y
-CONFIG_CC_HAS_SLS=y
CONFIG_X86_CPU_RESCTRL=y
CONFIG_X86_BIGSMP=y
CONFIG_X86_EXTENDED_PLATFORM=y
@@ -524,6 +522,15 @@
# CONFIG_STRICT_SIGALTSTACK_SIZE is not set
# end of Processor type and features
+CONFIG_CC_HAS_SLS=y
+CONFIG_CC_HAS_RETURN_THUNK=y
+CONFIG_SPECULATION_MITIGATIONS=y
+CONFIG_PAGE_TABLE_ISOLATION=y
+CONFIG_RETPOLINE=y
+CONFIG_RETHUNK=y
+CONFIG_CPU_UNRET_ENTRY=y
+CONFIG_CPU_IBPB_ENTRY=y
+CONFIG_CPU_IBRS_ENTRY=y
CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
#
@@ -10066,7 +10073,6 @@
# CONFIG_SECURITY_WRITABLE_HOOKS is not set
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
-CONFIG_PAGE_TABLE_ISOLATION=y
CONFIG_SECURITY_INFINIBAND=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_PATH=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default
--- old/config/ppc64/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/ppc64/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/powerpc 5.18.6 Kernel Configuration
+# Linux/powerpc 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
@@ -352,6 +352,7 @@
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_SUSPEND_NONZERO_CPU=y
+CONFIG_ARCH_HAS_ADD_PAGES=y
CONFIG_PPC_DCR_MMIO=y
CONFIG_PPC_DCR=y
CONFIG_PPC_OF_PLATFORM_PCI=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default
--- old/config/ppc64le/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/ppc64le/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/powerpc 5.18.6 Kernel Configuration
+# Linux/powerpc 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
@@ -348,6 +348,7 @@
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_SUSPEND_NONZERO_CPU=y
+CONFIG_ARCH_HAS_ADD_PAGES=y
CONFIG_ARCH_SUPPORTS_UPROBES=y
CONFIG_PPC_DAWR=y
CONFIG_PGTABLE_LEVELS=4
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/riscv64/default new/config/riscv64/default
--- old/config/riscv64/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/riscv64/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/riscv 5.18.6 Kernel Configuration
+# Linux/riscv 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/s390x/default new/config/s390x/default
--- old/config/s390x/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/s390x/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/s390 5.18.6 Kernel Configuration
+# Linux/s390 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/s390x/zfcpdump new/config/s390x/zfcpdump
--- old/config/s390x/zfcpdump 2022-07-04 10:08:29.000000000 +0200
+++ new/config/s390x/zfcpdump 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/s390 5.18.6 Kernel Configuration
+# Linux/s390 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default
--- old/config/x86_64/default 2022-07-04 10:08:29.000000000 +0200
+++ new/config/x86_64/default 2022-07-13 10:13:38.000000000 +0200
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86_64 5.18.6 Kernel Configuration
+# Linux/x86_64 5.18.11 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (scripts/dummy-tools/gcc)"
CONFIG_CC_IS_GCC=y
@@ -351,9 +351,6 @@
CONFIG_X86_X2APIC=y
CONFIG_X86_MPPARSE=y
# CONFIG_GOLDFISH is not set
-CONFIG_RETPOLINE=y
-CONFIG_CC_HAS_SLS=y
-CONFIG_SLS=y
CONFIG_X86_CPU_RESCTRL=y
CONFIG_X86_EXTENDED_PLATFORM=y
# CONFIG_X86_NUMACHIP is not set
@@ -532,6 +529,16 @@
CONFIG_LIVEPATCH=y
# end of Processor type and features
+CONFIG_CC_HAS_SLS=y
+CONFIG_CC_HAS_RETURN_THUNK=y
+CONFIG_SPECULATION_MITIGATIONS=y
+CONFIG_PAGE_TABLE_ISOLATION=y
+CONFIG_RETPOLINE=y
+CONFIG_RETHUNK=y
+CONFIG_CPU_UNRET_ENTRY=y
+CONFIG_CPU_IBPB_ENTRY=y
+CONFIG_CPU_IBRS_ENTRY=y
+CONFIG_SLS=y
CONFIG_ARCH_HAS_ADD_PAGES=y
CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
@@ -9998,7 +10005,6 @@
# CONFIG_SECURITY_WRITABLE_HOOKS is not set
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
-CONFIG_PAGE_TABLE_ISOLATION=y
CONFIG_SECURITY_INFINIBAND=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_PATH=y
++++++ patches.kernel.org.tar.bz2 ++++++
++++ 26811 lines of diff (skipped)
++++++ patches.rpmify.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.rpmify/x86-asm-32-fix-ANNOTATE_UNRET_SAFE-use-on-32bit.patch
new/patches.rpmify/x86-asm-32-fix-ANNOTATE_UNRET_SAFE-use-on-32bit.patch
--- old/patches.rpmify/x86-asm-32-fix-ANNOTATE_UNRET_SAFE-use-on-32bit.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.rpmify/x86-asm-32-fix-ANNOTATE_UNRET_SAFE-use-on-32bit.patch
2022-07-14 13:33:10.000000000 +0200
@@ -0,0 +1,37 @@
+From: Jiri Slaby <jsl...@suse.cz>
+Date: Wed, 13 Jul 2022 11:50:46 +0200
+Subject: x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
+Git-repo:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git#tip/x86/urgent
+Git-commit: 3131ef39fb03bbde237d0b8260445898f3dfda5b
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
+
+The build on x86_32 currently fails after commit
+
+ 9bb2ec608a20 (objtool: Update Retpoline validation)
+
+with:
+
+ arch/x86/kernel/../../x86/xen/xen-head.S:35: Error: no such instruction:
`annotate_unret_safe'
+
+ANNOTATE_UNRET_SAFE is defined in nospec-branch.h. And head_32.S is
+missing this include. Fix this.
+
+Fixes: 9bb2ec608a20 ("objtool: Update Retpoline validation")
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+Signed-off-by: Borislav Petkov <b...@suse.de>
+Link: https://lore.kernel.org/r/63e23f80-033f-f64e-7522-2816debbc...@kernel.org
+---
+ arch/x86/kernel/head_32.S | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/x86/kernel/head_32.S
++++ b/arch/x86/kernel/head_32.S
+@@ -23,6 +23,7 @@
+ #include <asm/cpufeatures.h>
+ #include <asm/percpu.h>
+ #include <asm/nops.h>
++#include <asm/nospec-branch.h>
+ #include <asm/bootparam.h>
+ #include <asm/export.h>
+ #include <asm/pgtable_32.h>
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
new/patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
---
old/patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
2022-07-06 07:57:32.000000000 +0200
+++
new/patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
2022-07-15 07:36:11.000000000 +0200
@@ -2,9 +2,8 @@
From: Thomas Zimmermann <tzimmerm...@suse.de>
Date: Fri, 17 Jun 2022 14:10:27 +0200
Subject: drm/aperture: Run fbdev removal before internal helpers
-Git-commit: fb84efa28a48e30b87fa1122e8aab8016c7347cd
-Git-repo: git://anongit.freedesktop.org/drm/drm.git
-Patch-mainline: Queued in subsystem maintainer repository
+Git-commit: bf43e4521ff3223a613f3a496991a22a4d78e04b
+Patch-mainline: v5.19-rc7
References: boo#1193472
Always run fbdev removal first to remove simpledrm via
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/netfilter-nf_tables-stricter-validation-of-element-d.patch
new/patches.suse/netfilter-nf_tables-stricter-validation-of-element-d.patch
--- old/patches.suse/netfilter-nf_tables-stricter-validation-of-element-d.patch
2022-07-06 07:57:32.000000000 +0200
+++ new/patches.suse/netfilter-nf_tables-stricter-validation-of-element-d.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,50 +0,0 @@
-From 7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6 Mon Sep 17 00:00:00 2001
-From: Pablo Neira Ayuso <pa...@netfilter.org>
-Date: Sat, 2 Jul 2022 04:16:30 +0200
-Subject: [PATCH] netfilter: nf_tables: stricter validation of element data
-Git-commit: 7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
-Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
-Patch-mainline: Queued in subsystem maintainer repo
-References: CVE-2022-34918 bsc#1201171
-
-Make sure element data type and length do not mismatch the one specified
-by the set declaration.
-
-Fixes: 7d7402642eaf ("netfilter: nf_tables: variable sized set element keys /
data")
-Reported-by: Hugues ANGUELKOV <hanguel...@randorisec.fr>
-Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
-Acked-by: Takashi Iwai <ti...@suse.de>
-
----
- net/netfilter/nf_tables_api.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
-index 51144fc66889..d6b59beab3a9 100644
---- a/net/netfilter/nf_tables_api.c
-+++ b/net/netfilter/nf_tables_api.c
-@@ -5213,13 +5213,20 @@ static int nft_setelem_parse_data(struct nft_ctx *ctx,
struct nft_set *set,
- struct nft_data *data,
- struct nlattr *attr)
- {
-+ u32 dtype;
- int err;
-
- err = nft_data_init(ctx, data, NFT_DATA_VALUE_MAXLEN, desc, attr);
- if (err < 0)
- return err;
-
-- if (desc->type != NFT_DATA_VERDICT && desc->len != set->dlen) {
-+ if (set->dtype == NFT_DATA_VERDICT)
-+ dtype = NFT_DATA_VERDICT;
-+ else
-+ dtype = NFT_DATA_VALUE;
-+
-+ if (dtype != desc->type ||
-+ set->dlen != desc->len) {
- nft_data_release(data, desc->type);
- return -EINVAL;
- }
---
-2.35.3
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/tty-extract-tty_flip_buffer_commit-from-tty_flip_buf.patch
new/patches.suse/tty-extract-tty_flip_buffer_commit-from-tty_flip_buf.patch
--- old/patches.suse/tty-extract-tty_flip_buffer_commit-from-tty_flip_buf.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/tty-extract-tty_flip_buffer_commit-from-tty_flip_buf.patch
2022-07-15 07:36:11.000000000 +0200
@@ -0,0 +1,54 @@
+From: Jiri Slaby <jsl...@suse.cz>
+Date: Thu, 7 Jul 2022 10:25:57 +0200
+Subject: tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-repo:
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git#tty-linus
+Git-commit: 716b10580283fda66f2b88140e3964f8a7f9da89
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1198829 CVE-2022-1462
+
+We will need this new helper in the next patch.
+
+Cc: Hillf Danton <hdan...@sina.com>
+Cc: ????????? <chennbn...@gmail.com>
+Cc: Dan Carpenter <dan.carpen...@oracle.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+Link: https://lore.kernel.org/r/20220707082558.9250-1-jsl...@suse.cz
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+---
+ drivers/tty/tty_buffer.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+--- a/drivers/tty/tty_buffer.c
++++ b/drivers/tty/tty_buffer.c
+@@ -532,6 +532,15 @@ static void flush_to_ldisc(struct work_s
+
+ }
+
++static inline void tty_flip_buffer_commit(struct tty_buffer *tail)
++{
++ /*
++ * Paired w/ acquire in flush_to_ldisc(); ensures flush_to_ldisc() sees
++ * buffer data.
++ */
++ smp_store_release(&tail->commit, tail->used);
++}
++
+ /**
+ * tty_flip_buffer_push - push terminal buffers
+ * @port: tty port to push
+@@ -546,11 +555,7 @@ void tty_flip_buffer_push(struct tty_por
+ {
+ struct tty_bufhead *buf = &port->buf;
+
+- /*
+- * Paired w/ acquire in flush_to_ldisc(); ensures flush_to_ldisc() sees
+- * buffer data.
+- */
+- smp_store_release(&buf->tail->commit, buf->tail->used);
++ tty_flip_buffer_commit(buf->tail);
+ queue_work(system_unbound_wq, &buf->work);
+ }
+ EXPORT_SYMBOL(tty_flip_buffer_push);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/tty-use-new-tty_insert_flip_string_and_push_buffer-i.patch
new/patches.suse/tty-use-new-tty_insert_flip_string_and_push_buffer-i.patch
--- old/patches.suse/tty-use-new-tty_insert_flip_string_and_push_buffer-i.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/tty-use-new-tty_insert_flip_string_and_push_buffer-i.patch
2022-07-15 07:36:11.000000000 +0200
@@ -0,0 +1,117 @@
+From: Jiri Slaby <jsl...@suse.cz>
+Date: Thu, 7 Jul 2022 10:25:58 +0200
+Subject: tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-repo:
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git#tty-linus
+Git-commit: a501ab75e7624d133a5a3c7ec010687c8b961d23
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1198829 CVE-2022-1462
+
+There is a race in pty_write(). pty_write() can be called in parallel
+with e.g. ioctl(TIOCSTI) or ioctl(TCXONC) which also inserts chars to
+the buffer. Provided, tty_flip_buffer_push() in pty_write() is called
+outside the lock, it can commit inconsistent tail. This can lead to out
+of bounds writes and other issues. See the Link below.
+
+To fix this, we have to introduce a new helper called
+tty_insert_flip_string_and_push_buffer(). It does both
+tty_insert_flip_string() and tty_flip_buffer_commit() under the port
+lock. It also calls queue_work(), but outside the lock. See
+71a174b39f10 (pty: do tty_flip_buffer_push without port->lock in
+pty_write) for the reasons.
+
+Keep the helper internal-only (in drivers' tty.h). It is not intended to
+be used widely.
+
+Link: https://seclists.org/oss-sec/2022/q2/155
+Fixes: 71a174b39f10 (pty: do tty_flip_buffer_push without port->lock in
pty_write)
+Cc: ????????? <chennbn...@gmail.com>
+Cc: Dan Carpenter <dan.carpen...@oracle.com>
+Suggested-by: Hillf Danton <hdan...@sina.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+Link: https://lore.kernel.org/r/20220707082558.9250-2-jsl...@suse.cz
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+---
+ drivers/tty/pty.c | 14 ++------------
+ drivers/tty/tty.h | 3 +++
+ drivers/tty/tty_buffer.c | 31 +++++++++++++++++++++++++++++++
+ 3 files changed, 36 insertions(+), 12 deletions(-)
+
+--- a/drivers/tty/pty.c
++++ b/drivers/tty/pty.c
+@@ -111,21 +111,11 @@ static void pty_unthrottle(struct tty_st
+ static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c)
+ {
+ struct tty_struct *to = tty->link;
+- unsigned long flags;
+
+- if (tty->flow.stopped)
++ if (tty->flow.stopped || !c)
+ return 0;
+
+- if (c > 0) {
+- spin_lock_irqsave(&to->port->lock, flags);
+- /* Stuff the data into the input queue of the other end */
+- c = tty_insert_flip_string(to->port, buf, c);
+- spin_unlock_irqrestore(&to->port->lock, flags);
+- /* And shovel */
+- if (c)
+- tty_flip_buffer_push(to->port);
+- }
+- return c;
++ return tty_insert_flip_string_and_push_buffer(to->port, buf, c);
+ }
+
+ /**
+--- a/drivers/tty/tty.h
++++ b/drivers/tty/tty.h
+@@ -111,4 +111,7 @@ static inline void tty_audit_tiocsti(str
+
+ ssize_t redirected_tty_write(struct kiocb *, struct iov_iter *);
+
++int tty_insert_flip_string_and_push_buffer(struct tty_port *port,
++ const unsigned char *chars, size_t cnt);
++
+ #endif
+--- a/drivers/tty/tty_buffer.c
++++ b/drivers/tty/tty_buffer.c
+@@ -561,6 +561,37 @@ void tty_flip_buffer_push(struct tty_por
+ EXPORT_SYMBOL(tty_flip_buffer_push);
+
+ /**
++ * tty_insert_flip_string_and_push_buffer - add characters to the tty buffer
and
++ * push
++ * @port: tty port
++ * @chars: characters
++ * @size: size
++ *
++ * The function combines tty_insert_flip_string() and tty_flip_buffer_push()
++ * with the exception of properly holding the @port->lock.
++ *
++ * To be used only internally (by pty currently).
++ *
++ * Returns: the number added.
++ */
++int tty_insert_flip_string_and_push_buffer(struct tty_port *port,
++ const unsigned char *chars, size_t size)
++{
++ struct tty_bufhead *buf = &port->buf;
++ unsigned long flags;
++
++ spin_lock_irqsave(&port->lock, flags);
++ size = tty_insert_flip_string(port, chars, size);
++ if (size)
++ tty_flip_buffer_commit(buf->tail);
++ spin_unlock_irqrestore(&port->lock, flags);
++
++ queue_work(system_unbound_wq, &buf->work);
++
++ return size;
++}
++
++/**
+ * tty_buffer_init - prepare a tty buffer structure
+ * @port: tty port to initialise
+ *
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/x86-entry-Remove-UNTRAIN_RET-from-native_irq_return_.patch
new/patches.suse/x86-entry-Remove-UNTRAIN_RET-from-native_irq_return_.patch
--- old/patches.suse/x86-entry-Remove-UNTRAIN_RET-from-native_irq_return_.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/x86-entry-Remove-UNTRAIN_RET-from-native_irq_return_.patch
2022-07-15 07:36:11.000000000 +0200
@@ -0,0 +1,33 @@
+From: Alexandre Chartre <alexandre.char...@oracle.com>
+Date: Wed, 13 Jul 2022 21:58:08 +0200
+Subject: x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
+Git-repo:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git#tip/x86/urgent
+Git-commit: d16e0b26672066035439b2f49887f6576c4a3689
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
+
+UNTRAIN_RET is not needed in native_irq_return_ldt because RET
+untraining has already been done at this point.
+
+In addition, when the RETBleed mitigation is IBPB, UNTRAIN_RET clobbers
+several registers (AX, CX, DX) so here it trashes user values which are
+in these registers.
+
+Signed-off-by: Alexandre Chartre <alexandre.char...@oracle.com>
+Signed-off-by: Borislav Petkov <b...@suse.de>
+Link: https://lore.kernel.org/r/35b0d50f-12d1-10c3-f5e8-d6c140486...@oracle.com
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ arch/x86/entry/entry_64.S | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/arch/x86/entry/entry_64.S
++++ b/arch/x86/entry/entry_64.S
+@@ -718,7 +718,6 @@ native_irq_return_ldt:
+ pushq %rdi /* Stash user RDI */
+ swapgs /* to kernel GS */
+ SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi /* to kernel CR3 */
+- UNTRAIN_RET
+
+ movq PER_CPU_VAR(espfix_waddr), %rdi
+ movq %rax, (0*8)(%rdi) /* user RAX */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch
new/patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch
--- old/patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch
2022-07-15 07:36:11.000000000 +0200
@@ -0,0 +1,126 @@
+From: Thadeu Lima de Souza Cascardo <casca...@canonical.com>
+Date: Wed, 13 Jul 2022 14:12:41 -0300
+Subject: x86/kvm: fix FASTOP_SIZE when return thunks are enabled
+Git-repo: git://git.kernel.org/pub/scm/virt/kvm/kvm.git#master
+Git-commit: 84e7051c0bc1f2a13101553959b3a9d9a8e24939
+Patch-mainline: Queued in subsystem maintainer repository
+References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
+
+The return thunk call makes the fastop functions larger, just like IBT
+does. Consider a 16-byte FASTOP_SIZE when CONFIG_RETHUNK is enabled.
+
+Otherwise, functions will be incorrectly aligned and when computing their
+position for differently sized operators, they will executed in the middle
+or end of a function, which may as well be an int3, leading to a crash
+like:
+
+[ 36.091116] int3: 0000 [#1] SMP NOPTI
+[ 36.091119] CPU: 3 PID: 1371 Comm: qemu-system-x86 Not tainted
5.15.0-41-generic #44
+[ 36.091120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS
1.15.0-1 04/01/2014
+[ 36.091121] RIP: 0010:xaddw_ax_dx+0x9/0x10 [kvm]
+[ 36.091185] Code: 00 0f bb d0 c3 cc cc cc cc 48 0f bb d0 c3 cc cc cc cc 0f
1f 80 00 00 00 00 0f c0 d0 c3 cc cc cc cc 66 0f c1 d0 c3 cc cc cc cc <0f> 1f 80
00 00 00 00 0f c1 d0 c3 cc cc cc cc 48 0f c1 d0 c3 cc cc
+[ 36.091186] RSP: 0018:ffffb1f541143c98 EFLAGS: 00000202
+[ 36.091188] RAX: 0000000089abcdef RBX: 0000000000000001 RCX:
0000000000000000
+[ 36.091188] RDX: 0000000076543210 RSI: ffffffffc073c6d0 RDI:
0000000000000200
+[ 36.091189] RBP: ffffb1f541143ca0 R08: ffff9f1803350a70 R09:
0000000000000002
+[ 36.091190] R10: ffff9f1803350a70 R11: 0000000000000000 R12:
ffff9f1803350a70
+[ 36.091190] R13: ffffffffc077fee0 R14: 0000000000000000 R15:
0000000000000000
+[ 36.091191] FS: 00007efdfce8d640(0000) GS:ffff9f187dd80000(0000)
knlGS:0000000000000000
+[ 36.091192] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 36.091192] CR2: 0000000000000000 CR3: 0000000009b62002 CR4:
0000000000772ee0
+[ 36.091195] PKRU: 55555554
+[ 36.091195] Call Trace:
+[ 36.091197] <TASK>
+[ 36.091198] ? fastop+0x5a/0xa0 [kvm]
+[ 36.091222] x86_emulate_insn+0x7b8/0xe90 [kvm]
+[ 36.091244] x86_emulate_instruction+0x2f4/0x630 [kvm]
+[ 36.091263] ? kvm_arch_vcpu_load+0x7c/0x230 [kvm]
+[ 36.091283] ? vmx_prepare_switch_to_host+0xf7/0x190 [kvm_intel]
+[ 36.091290] complete_emulated_mmio+0x297/0x320 [kvm]
+[ 36.091310] kvm_arch_vcpu_ioctl_run+0x32f/0x550 [kvm]
+[ 36.091330] kvm_vcpu_ioctl+0x29e/0x6d0 [kvm]
+[ 36.091344] ? kvm_vcpu_ioctl+0x120/0x6d0 [kvm]
+[ 36.091357] ? __fget_files+0x86/0xc0
+[ 36.091362] ? __fget_files+0x86/0xc0
+[ 36.091363] __x64_sys_ioctl+0x92/0xd0
+[ 36.091366] do_syscall_64+0x59/0xc0
+[ 36.091369] ? syscall_exit_to_user_mode+0x27/0x50
+[ 36.091370] ? do_syscall_64+0x69/0xc0
+[ 36.091371] ? syscall_exit_to_user_mode+0x27/0x50
+[ 36.091372] ? __x64_sys_writev+0x1c/0x30
+[ 36.091374] ? do_syscall_64+0x69/0xc0
+[ 36.091374] ? exit_to_user_mode_prepare+0x37/0xb0
+[ 36.091378] ? syscall_exit_to_user_mode+0x27/0x50
+[ 36.091379] ? do_syscall_64+0x69/0xc0
+[ 36.091379] ? do_syscall_64+0x69/0xc0
+[ 36.091380] ? do_syscall_64+0x69/0xc0
+[ 36.091381] ? do_syscall_64+0x69/0xc0
+[ 36.091381] entry_SYSCALL_64_after_hwframe+0x61/0xcb
+[ 36.091384] RIP: 0033:0x7efdfe6d1aff
+[ 36.091390] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00
00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <41> 89 c0
3d 00 f0 ff ff 77 1f 48 8b 44 24 18 64 48 2b 04 25 28 00
+[ 36.091391] RSP: 002b:00007efdfce8c460 EFLAGS: 00000246 ORIG_RAX:
0000000000000010
+[ 36.091393] RAX: ffffffffffffffda RBX: 000000000000ae80 RCX:
00007efdfe6d1aff
+[ 36.091393] RDX: 0000000000000000 RSI: 000000000000ae80 RDI:
000000000000000c
+[ 36.091394] RBP: 0000558f1609e220 R08: 0000558f13fb8190 R09:
00000000ffffffff
+[ 36.091394] R10: 0000558f16b5e950 R11: 0000000000000246 R12:
0000000000000000
+[ 36.091394] R13: 0000000000000001 R14: 0000000000000000 R15:
0000000000000000
+[ 36.091396] </TASK>
+[ 36.091397] Modules linked in: isofs nls_iso8859_1 kvm_intel joydev kvm
input_leds serio_raw sch_fq_codel dm_multipath scsi_dh_rdac scsi_dh_emc
scsi_dh_alua ipmi_devintf ipmi_msghandler drm msr ip_tables x_tables autofs4
btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov
async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0
multipath linear crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel
virtio_net net_failover crypto_simd ahci xhci_pci cryptd psmouse virtio_blk
libahci xhci_pci_renesas failover
+[ 36.123271] ---[ end trace db3c0ab5a48fabcc ]---
+[ 36.123272] RIP: 0010:xaddw_ax_dx+0x9/0x10 [kvm]
+[ 36.123319] Code: 00 0f bb d0 c3 cc cc cc cc 48 0f bb d0 c3 cc cc cc cc 0f
1f 80 00 00 00 00 0f c0 d0 c3 cc cc cc cc 66 0f c1 d0 c3 cc cc cc cc <0f> 1f 80
00 00 00 00 0f c1 d0 c3 cc cc cc cc 48 0f c1 d0 c3 cc cc
+[ 36.123320] RSP: 0018:ffffb1f541143c98 EFLAGS: 00000202
+[ 36.123321] RAX: 0000000089abcdef RBX: 0000000000000001 RCX:
0000000000000000
+[ 36.123321] RDX: 0000000076543210 RSI: ffffffffc073c6d0 RDI:
0000000000000200
+[ 36.123322] RBP: ffffb1f541143ca0 R08: ffff9f1803350a70 R09:
0000000000000002
+[ 36.123322] R10: ffff9f1803350a70 R11: 0000000000000000 R12:
ffff9f1803350a70
+[ 36.123323] R13: ffffffffc077fee0 R14: 0000000000000000 R15:
0000000000000000
+[ 36.123323] FS: 00007efdfce8d640(0000) GS:ffff9f187dd80000(0000)
knlGS:0000000000000000
+[ 36.123324] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 36.123325] CR2: 0000000000000000 CR3: 0000000009b62002 CR4:
0000000000772ee0
+[ 36.123327] PKRU: 55555554
+[ 36.123328] Kernel panic - not syncing: Fatal exception in interrupt
+[ 36.123410] Kernel Offset: 0x1400000 from 0xffffffff81000000 (relocation
range: 0xffffffff80000000-0xffffffffbfffffff)
+[ 36.135305] ---[ end Kernel panic - not syncing: Fatal exception in
interrupt ]---
+
+Fixes: aa3d480315ba ("x86: Use return-thunk in asm code")
+Signed-off-by: Thadeu Lima de Souza Cascardo <casca...@canonical.com>
+Co-developed-by: Peter Zijlstra (Intel) <pet...@infradead.org>
+Cc: Borislav Petkov <b...@suse.de>
+Cc: Josh Poimboeuf <jpoim...@kernel.org>
+Cc: Paolo Bonzini <pbonz...@redhat.com>
+Reported-by: Linux Kernel Functional Testing <l...@linaro.org>
+Message-Id: <20220713171241.184026-1-casca...@canonical.com>
+Tested-by: Jack Wang <jinpu.w...@ionos.com>
+Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ arch/x86/kvm/emulate.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+--- a/arch/x86/kvm/emulate.c
++++ b/arch/x86/kvm/emulate.c
+@@ -189,8 +189,12 @@
+ #define X8(x...) X4(x), X4(x)
+ #define X16(x...) X8(x), X8(x)
+
+-#define NR_FASTOP (ilog2(sizeof(ulong)) + 1)
+-#define FASTOP_SIZE (8 * (1 + HAS_KERNEL_IBT))
++#define NR_FASTOP (ilog2(sizeof(ulong)) + 1)
++#define RET_LENGTH (1 + (4 * IS_ENABLED(CONFIG_RETHUNK)) + \
++ IS_ENABLED(CONFIG_SLS))
++#define FASTOP_LENGTH (ENDBR_INSN_SIZE + 7 + RET_LENGTH)
++#define FASTOP_SIZE (8 << ((FASTOP_LENGTH > 8) & 1) << ((FASTOP_LENGTH >
16) & 1))
++static_assert(FASTOP_LENGTH <= FASTOP_SIZE);
+
+ struct opcode {
+ u64 flags;
+@@ -442,8 +446,6 @@ static int fastop(struct x86_emulate_ctx
+ * RET | JMP __x86_return_thunk [1,5 bytes; CONFIG_RETHUNK]
+ * INT3 [1 byte; CONFIG_SLS]
+ */
+-#define RET_LENGTH (1 + (4 * IS_ENABLED(CONFIG_RETHUNK)) + \
+- IS_ENABLED(CONFIG_SLS))
+ #define SETCC_LENGTH (ENDBR_INSN_SIZE + 3 + RET_LENGTH)
+ #define SETCC_ALIGN (4 << ((SETCC_LENGTH > 4) & 1) << ((SETCC_LENGTH > 8) &
1))
+ static_assert(SETCC_LENGTH <= SETCC_ALIGN);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.suse/x86-mm-Simplify-RESERVE_BRK.patch
new/patches.suse/x86-mm-Simplify-RESERVE_BRK.patch
--- old/patches.suse/x86-mm-Simplify-RESERVE_BRK.patch 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.suse/x86-mm-Simplify-RESERVE_BRK.patch 2022-07-15
07:36:11.000000000 +0200
@@ -0,0 +1,76 @@
+From: Josh Poimboeuf <jpoim...@redhat.com>
+Date: Fri, 6 May 2022 14:14:32 +0200
+Subject: x86/mm: Simplify RESERVE_BRK()
+Git-commit: a1e2c031ec3949b8c039b739c0b5bf9c30007b00
+Patch-mainline: 5.19-rc1
+References: bsc#1199657 CVE-2022-29900 CVE-2022-29901
+
+RESERVE_BRK() reserves data in the .brk_reservation section. The data
+is initialized to zero, like BSS, so the macro specifies 'nobits' to
+prevent the data from taking up space in the vmlinux binary. The only
+way to get the compiler to do that (without putting the variable in .bss
+proper) is to use inline asm.
+
+The macro also has a hack which encloses the inline asm in a discarded
+function, which allows the size to be passed (global inline asm doesn't
+allow inputs).
+
+Remove the need for the discarded function hack by just stringifying the
+size rather than supplying it as an input to the inline asm.
+
+Signed-off-by: Josh Poimboeuf <jpoim...@redhat.com>
+Signed-off-by: Peter Zijlstra (Intel) <pet...@infradead.org>
+Signed-off-by: Borislav Petkov <b...@suse.de>
+Reviewed-by: Borislav Petkov <b...@suse.de>
+Link: https://lore.kernel.org/r/20220506121631.133110...@infradead.org
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ arch/x86/include/asm/setup.h | 30 +++++++++++-------------------
+ 1 file changed, 11 insertions(+), 19 deletions(-)
+
+diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h
+index 896e48d4..bec5ff4d 100644
+--- a/arch/x86/include/asm/setup.h
++++ b/arch/x86/include/asm/setup.h
+@@ -109,27 +109,19 @@ extern unsigned long _brk_end;
+ void *extend_brk(size_t size, size_t align);
+
+ /*
+- * Reserve space in the brk section. The name must be unique within
+- * the file, and somewhat descriptive. The size is in bytes. Must be
+- * used at file scope.
++ * Reserve space in the brk section. The name must be unique within the file,
++ * and somewhat descriptive. The size is in bytes.
+ *
+- * (This uses a temp function to wrap the asm so we can pass it the
+- * size parameter; otherwise we wouldn't be able to. We can't use a
+- * "section" attribute on a normal variable because it always ends up
+- * being @progbits, which ends up allocating space in the vmlinux
+- * executable.)
++ * The allocation is done using inline asm (rather than using a section
++ * attribute on a normal variable) in order to allow the use of @nobits, so
++ * that it doesn't take up any space in the vmlinux file.
+ */
+-#define RESERVE_BRK(name,sz) \
+- static void __section(".discard.text") __noendbr __used notrace \
+- __brk_reservation_fn_##name##__(void) { \
+- asm volatile ( \
+- ".pushsection .brk_reservation,\"aw\",@nobits;" \
+- ".brk." #name ":" \
+- " 1:.skip %c0;" \
+- " .size .brk." #name ", . - 1b;" \
+- " .popsection" \
+- : : "i" (sz)); \
+- }
++#define RESERVE_BRK(name, size)
\
++ asm(".pushsection .brk_reservation,\"aw\",@nobits\n\t" \
++ ".brk." #name ":\n\t" \
++ ".skip " __stringify(size) "\n\t" \
++ ".size .brk." #name ", " __stringify(size) "\n\t" \
++ ".popsection\n\t")
+
+ extern void probe_roms(void);
+ #ifdef __i386__
+--
+2.35.3
+
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:22.687561487 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:22.691561489 +0200
@@ -1723,6 +1723,283 @@
patches.kernel.org/5.18.9-005-powerpc-ftrace-Remove-ftrace-init-tramp-once-k.patch
patches.kernel.org/5.18.9-006-io_uring-fix-not-locked-access-to-fixed-buf-ta.patch
patches.kernel.org/5.18.9-007-Linux-5.18.9.patch
+
patches.kernel.org/5.18.10-001-drm-amdgpu-fix-adev-variable-used-in-amdgpu_d.patch
+
patches.kernel.org/5.18.10-002-Revert-drm-amdgpu-display-set-vblank_disable_.patch
+
patches.kernel.org/5.18.10-003-drm-amdgpu-To-flush-tlb-for-MMHUB-of-RAVEN-se.patch
+
patches.kernel.org/5.18.10-004-ksmbd-set-the-range-of-bytes-to-zero-without-.patch
+
patches.kernel.org/5.18.10-005-ksmbd-check-invalid-FileOffset-and-BeyondFina.patch
+
patches.kernel.org/5.18.10-006-ksmbd-use-vfs_llseek-instead-of-dereferencing.patch
+
patches.kernel.org/5.18.10-007-ipv6-take-care-of-disable_policy-when-restori.patch
+
patches.kernel.org/5.18.10-008-net-phy-Don-t-trigger-state-machine-while-in-.patch
+
patches.kernel.org/5.18.10-009-s390-archrandom-simplify-back-to-earlier-desi.patch
+
patches.kernel.org/5.18.10-010-nvme-pci-add-NVME_QUIRK_BOGUS_NID-for-ADATA-X.patch
+
patches.kernel.org/5.18.10-011-nvme-pci-add-NVME_QUIRK_BOGUS_NID-for-ADATA-I.patch
+
patches.kernel.org/5.18.10-012-nvdimm-Fix-badblocks-clear-off-by-one-error.patch
+
patches.kernel.org/5.18.10-013-ceph-wait-on-async-create-before-checking-cap.patch
+
patches.kernel.org/5.18.10-014-parisc-Fix-vDSO-signal-breakage-on-32-bit-ker.patch
+
patches.kernel.org/5.18.10-015-parisc-unaligned-Fix-emulate_ldw-breakage.patch
+
patches.kernel.org/5.18.10-016-powerpc-prom_init-Fix-kernel-config-grep.patch
+
patches.kernel.org/5.18.10-017-powerpc-book3e-Fix-PUD-allocation-size-in-map.patch
+
patches.kernel.org/5.18.10-018-powerpc-bpf-Fix-use-of-user_pt_regs-in-uapi.patch
+
patches.kernel.org/5.18.10-019-cpufreq-amd-pstate-Add-resume-and-suspend-cal.patch
+
patches.kernel.org/5.18.10-020-dm-raid-fix-accesses-beyond-end-of-raid-membe.patch
+
patches.kernel.org/5.18.10-021-dm-raid-fix-KASAN-warning-in-raid5_add_disks.patch
+ patches.kernel.org/5.18.10-022-SUNRPC-Fix-READ_PLUS-crasher.patch
+
patches.kernel.org/5.18.10-023-net-rose-fix-UAF-bugs-caused-by-timer-handler.patch
+
patches.kernel.org/5.18.10-024-net-usb-ax88179_178a-Fix-packet-receiving.patch
+
patches.kernel.org/5.18.10-025-virtio-net-fix-race-between-ndo_open-and-virt.patch
+
patches.kernel.org/5.18.10-026-selftests-net-pass-ipv6_args-to-udpgso_bench-.patch
+
patches.kernel.org/5.18.10-027-net-dsa-bcm_sf2-force-pause-link-settings.patch
+
patches.kernel.org/5.18.10-028-net-tun-unlink-NAPI-from-device-on-destructio.patch
+
patches.kernel.org/5.18.10-029-net-tun-stop-NAPI-when-detaching-queues.patch
+
patches.kernel.org/5.18.10-030-net-fix-IFF_TX_SKB_NO_LINEAR-definition.patch
+
patches.kernel.org/5.18.10-031-net-dp83822-disable-false-carrier-interrupt.patch
+
patches.kernel.org/5.18.10-032-net-dp83822-disable-rx-error-interrupt.patch
+
patches.kernel.org/5.18.10-033-RDMA-qedr-Fix-reporting-QP-timeout-attribute.patch
+
patches.kernel.org/5.18.10-034-RDMA-cm-Fix-memory-leak-in-ib_cm_insert_liste.patch
+
patches.kernel.org/5.18.10-035-linux-dim-Fix-divide-by-0-in-RDMA-DIM.patch
+
patches.kernel.org/5.18.10-036-net-usb-asix-do-not-force-pause-frames-suppor.patch
+
patches.kernel.org/5.18.10-037-usbnet-fix-memory-allocation-in-helpers.patch
+
patches.kernel.org/5.18.10-038-mptcp-fix-race-on-unaccepted-mptcp-sockets.patch
+
patches.kernel.org/5.18.10-039-selftests-mptcp-more-stable-diag-tests.patch
+
patches.kernel.org/5.18.10-040-mptcp-fix-conflict-with-netinet-in.h.patch
+
patches.kernel.org/5.18.10-041-selftests-mptcp-Initialize-variables-to-quiet.patch
+
patches.kernel.org/5.18.10-042-hwmon-occ-Prevent-power-cap-command-overwriti.patch
+
patches.kernel.org/5.18.10-043-net-ipv6-unexport-__init-annotated-seg6_hmac_.patch
+
patches.kernel.org/5.18.10-044-NFS-restore-module-put-when-manager-exits.patch
+
patches.kernel.org/5.18.10-045-NFSD-restore-EINVAL-error-translation-in-nfsd.patch
+
patches.kernel.org/5.18.10-046-NFSv4-Add-an-fattr-allocation-to-_nfs4_discov.patch
+
patches.kernel.org/5.18.10-047-vfs-fix-copy_file_range-regression-in-cross-f.patch
+
patches.kernel.org/5.18.10-048-caif_virtio-fix-race-between-virtio_device_re.patch
+
patches.kernel.org/5.18.10-049-io_uring-ensure-that-send-sendmsg-and-recv-re.patch
+
patches.kernel.org/5.18.10-050-PM-devfreq-exynos-ppmu-Fix-refcount-leak-in-o.patch
+
patches.kernel.org/5.18.10-051-lib-sbitmap-Fix-invalid-loop-in-__sbitmap_que.patch
+
patches.kernel.org/5.18.10-052-vdpa-mlx5-Update-Control-VQ-callback-informat.patch
+
patches.kernel.org/5.18.10-053-s390-remove-unneeded-select-BUILD_BIN2C.patch
+
patches.kernel.org/5.18.10-054-netfilter-nft_dynset-restore-set-element-coun.patch
+
patches.kernel.org/5.18.10-055-net-dsa-hirschmann-Add-missing-of_node_get-in.patch
+
patches.kernel.org/5.18.10-056-net-sched-act_api-Notify-user-space-if-any-ac.patch
+
patches.kernel.org/5.18.10-057-net-asix-fix-can-t-send-until-first-packet-is.patch
+
patches.kernel.org/5.18.10-058-net-bonding-fix-possible-NULL-deref-in-rlb-co.patch
+
patches.kernel.org/5.18.10-059-net-phy-ax88772a-fix-lost-pause-advertisement.patch
+
patches.kernel.org/5.18.10-060-selftests-net-fix-kselftest-net-fatal-error.patch
+
patches.kernel.org/5.18.10-061-net-bonding-fix-use-after-free-after-802.3ad-.patch
+
patches.kernel.org/5.18.10-062-net-dsa-felix-fix-race-between-reading-PSFP-s.patch
+
patches.kernel.org/5.18.10-063-powerpc-memhotplug-Add-add_pages-override-for.patch
+
patches.kernel.org/5.18.10-064-platform-x86-thinkpad_acpi-Fix-a-memory-leak-.patch
+
patches.kernel.org/5.18.10-065-platform-x86-ideapad-laptop-Add-Ideapad-5-15I.patch
+
patches.kernel.org/5.18.10-066-nfc-nfcmrvl-Fix-irq_of_parse_and_map-return-v.patch
+
patches.kernel.org/5.18.10-067-NFC-nxp-nci-Don-t-issue-a-zero-length-i2c_mas.patch
+
patches.kernel.org/5.18.10-068-tipc-move-bc-link-creation-back-to-tipc_node_.patch
+ patches.kernel.org/5.18.10-069-epic100-fix-use-after-free-on-rmmod.patch
+
patches.kernel.org/5.18.10-070-cpufreq-qcom-hw-Don-t-do-lmh-things-without-a.patch
+
patches.kernel.org/5.18.10-071-tcp-add-a-missing-nf_reset_ct-in-3WHS-handlin.patch
+
patches.kernel.org/5.18.10-072-nvmet-tcp-fix-regression-in-data_digest-calcu.patch
+
patches.kernel.org/5.18.10-073-ACPI-video-Change-how-we-determine-if-brightn.patch
+
patches.kernel.org/5.18.10-074-tunnels-do-not-assume-mac-header-is-set-in-sk.patch
+
patches.kernel.org/5.18.10-075-fanotify-refine-the-validation-checks-on-non-.patch
+
patches.kernel.org/5.18.10-076-nvmet-add-a-clear_ids-attribute-for-passthru-.patch
+
patches.kernel.org/5.18.10-077-ipv6-sit-fix-ipip6_tunnel_get_prl-return-valu.patch
+
patches.kernel.org/5.18.10-078-ipv6-fix-lockdep-splat-in-in6_dump_addrs.patch
+
patches.kernel.org/5.18.10-079-mlxsw-spectrum_router-Fix-rollback-in-tunnel-.patch
+ patches.kernel.org/5.18.10-080-net-tun-avoid-disabling-NAPI-twice.patch
+ patches.kernel.org/5.18.10-081-cifs-fix-minor-compile-warning.patch
+
patches.kernel.org/5.18.10-082-drm-msm-dpu-Increment-vsync_cnt-before-waking.patch
+
patches.kernel.org/5.18.10-083-platform-x86-ideapad-laptop-Add-allow_v4_dytc.patch
+ patches.kernel.org/5.18.10-084-drm-i915-gem-add-missing-else.patch
+
patches.kernel.org/5.18.10-085-drm-i915-dgfx-Disable-d3cold-at-gfx-root-port.patch
+
patches.kernel.org/5.18.10-086-drm-msm-gem-Fix-error-return-on-fence-id-allo.patch
+
patches.kernel.org/5.18.10-087-drivers-cpufreq-Add-missing-of_node_put-in-qo.patch
+
patches.kernel.org/5.18.10-088-platform-x86-panasonic-laptop-de-obfuscate-bu.patch
+
patches.kernel.org/5.18.10-089-platform-x86-panasonic-laptop-sort-includes-a.patch
+
patches.kernel.org/5.18.10-090-platform-x86-panasonic-laptop-revert-Resolve-.patch
+
patches.kernel.org/5.18.10-091-platform-x86-panasonic-laptop-don-t-report-du.patch
+
patches.kernel.org/5.18.10-092-platform-x86-panasonic-laptop-filter-out-dupl.patch
+
patches.kernel.org/5.18.10-093-drm-fourcc-fix-integer-type-usage-in-uapi-hea.patch
+
patches.kernel.org/5.18.10-094-net-sparx5-Add-handling-of-host-MDB-entries.patch
+
patches.kernel.org/5.18.10-095-net-sparx5-mdb-add-del-handle-non-sparx5-devi.patch
+
patches.kernel.org/5.18.10-096-hwmon-ibmaem-don-t-call-platform_device_del-i.patch
+
patches.kernel.org/5.18.10-097-xen-blkfront-fix-leaking-data-in-shared-pages.patch
+
patches.kernel.org/5.18.10-098-xen-netfront-fix-leaking-data-in-shared-pages.patch
+
patches.kernel.org/5.18.10-099-xen-netfront-force-data-bouncing-when-backend.patch
+
patches.kernel.org/5.18.10-100-xen-blkfront-force-data-bouncing-when-backend.patch
+
patches.kernel.org/5.18.10-101-xen-netfront-restore-__skb_queue_tail-positio.patch
+
patches.kernel.org/5.18.10-102-xen-arm-Fix-race-in-RB-tree-based-P2M-account.patch
+ patches.kernel.org/5.18.10-103-Linux-5.18.10.patch
+ patches.kernel.org/5.18.11-001-io_uring-fix-provided-buffer-import.patch
+
patches.kernel.org/5.18.11-002-ALSA-usb-audio-Workarounds-for-Behringer-UMC-.patch
+
patches.kernel.org/5.18.11-003-ALSA-hda-realtek-Add-quirk-for-Clevo-L140PU.patch
+
patches.kernel.org/5.18.11-004-ALSA-cs46xx-Fix-missing-snd_card_free-call-at.patch
+
patches.kernel.org/5.18.11-005-can-bcm-use-call_rcu-instead-of-costly-synchr.patch
+
patches.kernel.org/5.18.11-006-can-grcan-grcan_probe-remove-extra-of_node_ge.patch
+
patches.kernel.org/5.18.11-007-can-gs_usb-gs_usb_open-close-fix-memory-leak.patch
+
patches.kernel.org/5.18.11-008-can-m_can-m_can_chip_config-actually-enable-i.patch
+
patches.kernel.org/5.18.11-009-can-m_can-m_can_-read_fifo-echo_tx_event-shif.patch
+
patches.kernel.org/5.18.11-010-can-kvaser_usb-replace-run-time-checks-with-s.patch
+
patches.kernel.org/5.18.11-011-can-kvaser_usb-kvaser_usb_leaf-fix-CAN-clock-.patch
+
patches.kernel.org/5.18.11-012-can-kvaser_usb-kvaser_usb_leaf-fix-bittiming-.patch
+
patches.kernel.org/5.18.11-013-can-mcp251xfd-mcp251xfd_regmap_crc_read-impro.patch
+
patches.kernel.org/5.18.11-014-can-mcp251xfd-mcp251xfd_regmap_crc_read-updat.patch
+
patches.kernel.org/5.18.11-015-can-mcp251xfd-mcp251xfd_stop-add-missing-hrti.patch
+
patches.kernel.org/5.18.11-016-bpf-Fix-incorrect-verifier-simulation-around-.patch
+
patches.kernel.org/5.18.11-017-bpf-Fix-insufficient-bounds-propagation-from-.patch
+
patches.kernel.org/5.18.11-018-usbnet-fix-memory-leak-in-error-case.patch
+
patches.kernel.org/5.18.11-019-net-rose-fix-UAF-bug-caused-by-rose_t0timer_e.patch
+
patches.kernel.org/5.18.11-020-net-lan966x-hardcode-the-number-of-external-p.patch
+
patches.kernel.org/5.18.11-021-netfilter-nft_set_pipapo-release-elements-in-.patch
+
patches.kernel.org/5.18.11-022-netfilter-nf_tables-stricter-validation-of-el.patch
+
patches.kernel.org/5.18.11-023-selftests-net-fix-section-name-when-using-xdp.patch
+
patches.kernel.org/5.18.11-024-can-mcp251xfd-mcp251xfd_register_get_dev_id-u.patch
+
patches.kernel.org/5.18.11-025-can-mcp251xfd-mcp251xfd_register_get_dev_id-f.patch
+
patches.kernel.org/5.18.11-026-can-rcar_canfd-Fix-data-transmission-failed-o.patch
+
patches.kernel.org/5.18.11-027-ASoC-qdsp6-q6apm-dai-unprepare-stream-if-its-.patch
+
patches.kernel.org/5.18.11-028-MAINTAINERS-Remove-iommu-lists.linux-foundati.patch
+
patches.kernel.org/5.18.11-029-iommu-vt-d-Fix-PCI-bus-rescan-device-hot-add.patch
+
patches.kernel.org/5.18.11-030-iommu-vt-d-Fix-RID2PASID-setup-teardown-failu.patch
+
patches.kernel.org/5.18.11-031-cxl-mbox-Use-__le32-in-get-set_lsa-mailbox-st.patch
+
patches.kernel.org/5.18.11-032-cxl-Fix-cleanup-of-port-devices-on-failure-to.patch
+
patches.kernel.org/5.18.11-033-fbdev-fbmem-Fix-logo-center-image-dx-issue.patch
+
patches.kernel.org/5.18.11-034-fbmem-Check-virtual-screen-sizes-in-fb_set_va.patch
+
patches.kernel.org/5.18.11-035-fbcon-Disallow-setting-font-bigger-than-scree.patch
+
patches.kernel.org/5.18.11-036-fbcon-Prevent-that-screen-size-is-smaller-tha.patch
+
patches.kernel.org/5.18.11-037-PM-runtime-Redefine-pm_runtime_release_suppli.patch
+
patches.kernel.org/5.18.11-038-PM-runtime-Fix-supplier-device-management-dur.patch
+
patches.kernel.org/5.18.11-039-memregion-Fix-memregion_free-fallback-definit.patch
+
patches.kernel.org/5.18.11-040-video-of_display_timing.h-include-errno.h.patch
+
patches.kernel.org/5.18.11-041-fscache-Fix-invalidation-lookup-race.patch
+
patches.kernel.org/5.18.11-042-fscache-Fix-if-condition-in-fscache_wait_on_v.patch
+
patches.kernel.org/5.18.11-043-powerpc-powernv-delay-rng-platform-device-cre.patch
+
patches.kernel.org/5.18.11-044-net-dsa-qca8k-reset-cpu-port-on-MTU-change.patch
+
patches.kernel.org/5.18.11-045-ARM-meson-Fix-refcount-leak-in-meson_smp_prep.patch
+
patches.kernel.org/5.18.11-046-pinctrl-sunxi-a83t-Fix-NAND-function-name-for.patch
+
patches.kernel.org/5.18.11-047-srcu-Tighten-cleanup_srcu_struct-GP-checks.patch
+
patches.kernel.org/5.18.11-048-ASoC-rt711-Add-endianness-flag-in-snd_soc_com.patch
+
patches.kernel.org/5.18.11-049-ASoC-rt711-sdca-Add-endianness-flag-in-snd_so.patch
+
patches.kernel.org/5.18.11-050-ASoC-codecs-rt700-rt711-rt711-sdca-resume-bus.patch
+
patches.kernel.org/5.18.11-051-ASoC-SOF-ipc3-topology-Move-and-correct-size-.patch
+
patches.kernel.org/5.18.11-052-ASoC-SOF-Intel-hda-Fix-compressed-stream-posi.patch
+
patches.kernel.org/5.18.11-053-arm64-dts-qcom-sm8450-fix-interconnects-prope.patch
+
patches.kernel.org/5.18.11-054-arm64-dts-qcom-msm8994-Fix-CPU6-7-reg-values.patch
+
patches.kernel.org/5.18.11-055-arm64-dts-qcom-sdm845-use-dispcc-AHB-clock-fo.patch
+
patches.kernel.org/5.18.11-056-ARM-mxs_defconfig-Enable-the-framebuffer.patch
+
patches.kernel.org/5.18.11-057-arm64-dts-imx8mp-evk-correct-mmc-pad-settings.patch
+
patches.kernel.org/5.18.11-058-arm64-dts-imx8mp-evk-correct-the-uart2-pinctl.patch
+
patches.kernel.org/5.18.11-059-arm64-dts-imx8mp-evk-correct-gpio-led-pad-set.patch
+
patches.kernel.org/5.18.11-060-arm64-dts-imx8mp-evk-correct-vbus-pad-setting.patch
+
patches.kernel.org/5.18.11-061-arm64-dts-imx8mp-evk-correct-eqos-pad-setting.patch
+
patches.kernel.org/5.18.11-062-arm64-dts-imx8mp-evk-correct-I2C5-pad-setting.patch
+
patches.kernel.org/5.18.11-063-arm64-dts-imx8mp-evk-correct-I2C1-pad-setting.patch
+
patches.kernel.org/5.18.11-064-arm64-dts-imx8mp-evk-correct-I2C3-pad-setting.patch
+
patches.kernel.org/5.18.11-065-arm64-dts-imx8mp-phyboard-pollux-rdk-correct-.patch
+
patches.kernel.org/5.18.11-066-arm64-dts-imx8mp-phyboard-pollux-rdk-correct-.patch
+
patches.kernel.org/5.18.11-067-arm64-dts-imx8mp-phyboard-pollux-rdk-correct-.patch
+
patches.kernel.org/5.18.11-068-pinctrl-sunxi-sunxi_pconf_set-use-correct-off.patch
+
patches.kernel.org/5.18.11-069-arm64-dts-qcom-msm8992-Fix-vdd_lvs1_2-supply-.patch
+
patches.kernel.org/5.18.11-070-ARM-at91-pm-use-proper-compatible-for-sama5d2.patch
+
patches.kernel.org/5.18.11-071-ARM-at91-pm-use-proper-compatibles-for-sam9x6.patch
+
patches.kernel.org/5.18.11-072-ARM-at91-pm-use-proper-compatibles-for-sama7g.patch
+
patches.kernel.org/5.18.11-073-ARM-dts-at91-sam9x60ek-fix-eeprom-compatible-.patch
+
patches.kernel.org/5.18.11-074-ARM-dts-at91-sama5d2_icp-fix-eeprom-compatibl.patch
+
patches.kernel.org/5.18.11-075-ARM-at91-fix-soc-detection-for-SAM9X60-SiPs.patch
+
patches.kernel.org/5.18.11-076-xsk-Clear-page-contiguity-bit-when-unmapping-.patch
+
patches.kernel.org/5.18.11-077-i2c-piix4-Fix-a-memory-leak-in-the-EFCH-MMIO-.patch
+
patches.kernel.org/5.18.11-078-i40e-Fix-dropped-jumbo-frames-statistics.patch
+
patches.kernel.org/5.18.11-079-i40e-Fix-VF-s-MAC-Address-change-on-VM.patch
+
patches.kernel.org/5.18.11-080-ARM-dts-stm32-add-missing-usbh-clock-and-fix-.patch
+
patches.kernel.org/5.18.11-081-ibmvnic-Properly-dispose-of-all-skbs-during-a.patch
+
patches.kernel.org/5.18.11-082-selftests-forwarding-fix-flood_unicast_test-w.patch
+
patches.kernel.org/5.18.11-083-selftests-forwarding-fix-learning_test-when-h.patch
+
patches.kernel.org/5.18.11-084-selftests-forwarding-fix-error-message-in-lea.patch
+
patches.kernel.org/5.18.11-085-ACPI-CPPC-Check-_OSC-for-flexible-address-spa.patch
+
patches.kernel.org/5.18.11-086-ACPI-bus-Set-CPPC-_OSC-bits-for-all-and-when-.patch
+
patches.kernel.org/5.18.11-087-ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-a.patch
+
patches.kernel.org/5.18.11-088-ACPI-CPPC-Don-t-require-_OSC-if-X86_FEATURE_C.patch
+
patches.kernel.org/5.18.11-089-net-mlx5e-Fix-matchall-police-parameters-vali.patch
+
patches.kernel.org/5.18.11-090-mptcp-Avoid-acquiring-PM-lock-for-subflow-pri.patch
+
patches.kernel.org/5.18.11-091-mptcp-Acquire-the-subflow-socket-lock-before-.patch
+ patches.kernel.org/5.18.11-092-mptcp-fix-local-endpoint-accounting.patch
+
patches.kernel.org/5.18.11-093-r8169-fix-accessing-unset-transport-header.patch
+
patches.kernel.org/5.18.11-094-i2c-cadence-Unregister-the-clk-notifier-in-er.patch
+
patches.kernel.org/5.18.11-095-net-sched-act_api-Add-extack-to-offload_act_s.patch
+
patches.kernel.org/5.18.11-096-net-sched-act_police-Add-extack-messages-for-.patch
+
patches.kernel.org/5.18.11-097-net-sched-act_police-allow-continue-action-of.patch
+
patches.kernel.org/5.18.11-098-dmaengine-imx-sdma-Allow-imx8m-for-imx7-FW-re.patch
+
patches.kernel.org/5.18.11-099-dmaengine-imx-sdma-only-restart-cyclic-channe.patch
+
patches.kernel.org/5.18.11-100-misc-rtsx_usb-fix-use-of-dma-mapped-buffer-fo.patch
+
patches.kernel.org/5.18.11-101-misc-rtsx_usb-use-separate-command-and-respon.patch
+
patches.kernel.org/5.18.11-102-misc-rtsx_usb-set-return-value-in-rsp_buf-all.patch
+
patches.kernel.org/5.18.11-103-dmaengine-dw-axi-dmac-Fix-RMW-on-channel-susp.patch
+
patches.kernel.org/5.18.11-104-dt-bindings-dma-allwinner-sun50i-a64-dma-Fix-.patch
+ patches.kernel.org/5.18.11-105-ida-don-t-use-BUG_ON-for-debugging.patch
+
patches.kernel.org/5.18.11-106-dmaengine-pl330-Fix-lockdep-warning-about-non.patch
+
patches.kernel.org/5.18.11-107-dmaengine-lgm-Fix-an-error-handling-path-in-i.patch
+
patches.kernel.org/5.18.11-108-dmaengine-at_xdma-handle-errors-of-at_xdmac_a.patch
+
patches.kernel.org/5.18.11-109-dmaengine-ti-Fix-refcount-leak-in-ti_dra7_xba.patch
+
patches.kernel.org/5.18.11-110-dmaengine-qcom-bam_dma-fix-runtime-PM-underfl.patch
+
patches.kernel.org/5.18.11-111-dmaengine-ti-Add-missing-put_device-in-ti_dra.patch
+
patches.kernel.org/5.18.11-112-dmaengine-idxd-force-wq-context-cleanup-on-de.patch
+ patches.kernel.org/5.18.11-113-Linux-5.18.11.patch
+
patches.kernel.org/5.18.12-001-x86-traps-Use-pt_regs-directly-in-fixup_bad_i.patch
+
patches.kernel.org/5.18.12-002-x86-entry-Switch-the-stack-after-error_entry-.patch
+
patches.kernel.org/5.18.12-003-x86-entry-Move-PUSH_AND_CLEAR_REGS-out-of-err.patch
+
patches.kernel.org/5.18.12-004-x86-entry-Don-t-call-error_entry-for-XENPV.patch
+ patches.kernel.org/5.18.12-005-x86-entry-Remove-skip_r11rcx.patch
+ patches.kernel.org/5.18.12-006-x86-kvm-vmx-Make-noinstr-clean.patch
+
patches.kernel.org/5.18.12-007-x86-cpufeatures-Move-RETPOLINE-flags-to-word-.patch
+ patches.kernel.org/5.18.12-008-x86-retpoline-Cleanup-some-ifdefery.patch
+
patches.kernel.org/5.18.12-009-x86-retpoline-Swizzle-retpoline-thunk.patch
+ patches.kernel.org/5.18.12-010-x86-retpoline-Use-mfunction-return.patch
+ patches.kernel.org/5.18.12-011-x86-Undo-return-thunk-damage.patch
+ patches.kernel.org/5.18.12-012-x86-objtool-Create-.return_sites.patch
+
patches.kernel.org/5.18.12-013-objtool-skip-non-text-sections-when-adding-re.patch
+
patches.kernel.org/5.18.12-014-x86-static_call-Use-alternative-RET-encoding.patch
+
patches.kernel.org/5.18.12-015-x86-ftrace-Use-alternative-RET-encoding.patch
+
patches.kernel.org/5.18.12-016-x86-bpf-Use-alternative-RET-encoding.patch
+
patches.kernel.org/5.18.12-017-x86-kvm-Fix-SETcc-emulation-for-return-thunks.patch
+
patches.kernel.org/5.18.12-018-x86-vsyscall_emu-64-Don-t-use-RET-in-vsyscall.patch
+
patches.kernel.org/5.18.12-019-x86-sev-Avoid-using-__x86_return_thunk.patch
+ patches.kernel.org/5.18.12-020-x86-Use-return-thunk-in-asm-code.patch
+ patches.kernel.org/5.18.12-021-x86-entry-Avoid-very-early-RET.patch
+
patches.kernel.org/5.18.12-022-objtool-Treat-.text.__x86.-as-noinstr.patch
+ patches.kernel.org/5.18.12-023-x86-Add-magic-AMD-return-thunk.patch
+
patches.kernel.org/5.18.12-024-x86-bugs-Report-AMD-retbleed-vulnerability.patch
+
patches.kernel.org/5.18.12-025-x86-bugs-Add-AMD-retbleed-boot-parameter.patch
+ patches.kernel.org/5.18.12-026-x86-bugs-Enable-STIBP-for-JMP2RET.patch
+
patches.kernel.org/5.18.12-027-x86-bugs-Keep-a-per-CPU-IA32_SPEC_CTRL-value.patch
+
patches.kernel.org/5.18.12-028-x86-entry-Add-kernel-IBRS-implementation.patch
+
patches.kernel.org/5.18.12-029-x86-bugs-Optimize-SPEC_CTRL-MSR-writes.patch
+
patches.kernel.org/5.18.12-030-x86-speculation-Add-spectre_v2-ibrs-option-to.patch
+
patches.kernel.org/5.18.12-031-x86-bugs-Split-spectre_v2_select_mitigation-a.patch
+
patches.kernel.org/5.18.12-032-x86-bugs-Report-Intel-retbleed-vulnerability.patch
+
patches.kernel.org/5.18.12-033-intel_idle-Disable-IBRS-during-long-idle.patch
+ patches.kernel.org/5.18.12-034-objtool-Update-Retpoline-validation.patch
+ patches.kernel.org/5.18.12-035-x86-xen-Rename-SYS-entry-points.patch
+ patches.kernel.org/5.18.12-036-x86-xen-Add-UNTRAIN_RET.patch
+ patches.kernel.org/5.18.12-037-x86-bugs-Add-retbleed-ibpb.patch
+
patches.kernel.org/5.18.12-038-x86-bugs-Do-IBPB-fallback-check-only-once.patch
+ patches.kernel.org/5.18.12-039-objtool-Add-entry-UNRET-validation.patch
+ patches.kernel.org/5.18.12-040-x86-cpu-amd-Add-Spectral-Chicken.patch
+
patches.kernel.org/5.18.12-041-x86-speculation-Fix-RSB-filling-with-CONFIG_R.patch
+
patches.kernel.org/5.18.12-042-x86-speculation-Fix-firmware-entry-SPEC_CTRL-.patch
+
patches.kernel.org/5.18.12-043-x86-speculation-Fix-SPEC_CTRL-write-on-SMT-st.patch
+
patches.kernel.org/5.18.12-044-x86-speculation-Use-cached-host-SPEC_CTRL-val.patch
+
patches.kernel.org/5.18.12-045-x86-speculation-Remove-x86_spec_ctrl_mask.patch
+
patches.kernel.org/5.18.12-046-objtool-Re-add-UNWIND_HINT_-SAVE_RESTORE.patch
+ patches.kernel.org/5.18.12-047-KVM-VMX-Flatten-__vmx_vcpu_run.patch
+
patches.kernel.org/5.18.12-048-KVM-VMX-Convert-launched-argument-to-flags.patch
+
patches.kernel.org/5.18.12-049-KVM-VMX-Prevent-guest-RSB-poisoning-attacks-w.patch
+
patches.kernel.org/5.18.12-050-KVM-VMX-Fix-IBRS-handling-after-vmexit.patch
+
patches.kernel.org/5.18.12-051-x86-speculation-Fill-RSB-on-vmexit-for-IBRS.patch
+
patches.kernel.org/5.18.12-052-KVM-VMX-Prevent-RSB-underflow-before-vmenter.patch
+
patches.kernel.org/5.18.12-053-x86-common-Stamp-out-the-stepping-madness.patch
+ patches.kernel.org/5.18.12-054-x86-cpu-amd-Enumerate-BTC_NO.patch
+
patches.kernel.org/5.18.12-055-x86-retbleed-Add-fine-grained-Kconfig-knobs.patch
+
patches.kernel.org/5.18.12-056-x86-bugs-Add-Cannon-lake-to-RETBleed-affected.patch
+
patches.kernel.org/5.18.12-057-x86-entry-Move-PUSH_AND_CLEAR_REGS-back-into-.patch
+
patches.kernel.org/5.18.12-058-x86-bugs-Do-not-enable-IBPB-on-entry-when-IBP.patch
+ patches.kernel.org/5.18.12-059-x86-kexec-Disable-RET-on-kexec.patch
+
patches.kernel.org/5.18.12-060-x86-speculation-Disable-RRSBA-behavior.patch
+
patches.kernel.org/5.18.12-061-x86-static_call-Serialize-__static_call_fixup.patch
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -1734,6 +2011,7 @@
patches.rpmify/powerpc-64-BE-option-to-use-ELFv2-ABI-for-big-endian.patch
patches.rpmify/BTF-Don-t-break-ABI-when-debuginfo-is-disabled.patch
patches.rpmify/scripts-dummy-tools-add-pahole.patch
+ patches.rpmify/x86-asm-32-fix-ANNOTATE_UNRET_SAFE-use-on-32bit.patch
########################################################
# The sorted section should contain all patches that are
@@ -1751,10 +2029,12 @@
########################################################
# sorted patches
########################################################
+ patches.suse/x86-mm-Simplify-RESERVE_BRK.patch
patches.suse/simplefb-Enable-boot-time-VESA-graphic-mode-selectio.patch
patches.suse/0001-drm-format-helper-Print-warning-on-missing-format-co.patch
patches.suse/0001-drm-format-helper-Add-RGB888-to-XRGB8888-conversion.patch
patches.suse/0001-drm-format-helper-Add-RGB565-to-XRGB8888-conversion.patch
+
patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
# git://anongit.freedesktop.org/drm/drm.git drm-next
patches.suse/0001-firmware-sysfb-Make-sysfb_create_simplefb-return-a-p.patch
@@ -1766,9 +2046,6 @@
patches.suse/0001-drm-client-Look-for-command-line-modes-first.patch
patches.suse/0001-drm-client-Don-t-add-new-command-line-mode.patch
- # git://anongit.freedesktop.org/drm/drm.git drm-next
-
patches.suse/0001-drm-aperture-Run-fbdev-removal-before-internal-helpe.patch
-
########################################################
# end of sorted patches
########################################################
@@ -1785,7 +2062,10 @@
# to get into mainline any time soon (or ever) belong
# to area specific sections below.
########################################################
- patches.suse/netfilter-nf_tables-stricter-validation-of-element-d.patch
+ patches.suse/x86-kvm-fix-FASTOP_SIZE-when-return-thunks-are-enabl.patch
+ patches.suse/x86-entry-Remove-UNTRAIN_RET-from-native_irq_return_.patch
+ patches.suse/tty-extract-tty_flip_buffer_commit-from-tty_flip_buf.patch
+ patches.suse/tty-use-new-tty_insert_flip_string_and_push_buffer-i.patch
########################################################
# kbuild/module infrastructure fixes
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.8GuxuJ/_old 2022-07-15 13:52:22.715561496 +0200
+++ /var/tmp/diff_new_pack.8GuxuJ/_new 2022-07-15 13:52:22.715561496 +0200
@@ -1,4 +1,4 @@
-2022-07-06 05:57:32 +0000
-GIT Revision: a7c5f9c7ea0c3909de5203a4e059cfa244f82641
+2022-07-15 05:36:11 +0000
+GIT Revision: 4fcb983f9d8c4dcd921cf0963cec87cffb1e2692
GIT Branch: stable
