Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2018-01-07 17:25:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source" Sun Jan 7 17:25:41 2018 rev:399 rq:562022 version:4.14.12 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2018-01-05 00:58:07.641728783 +0100 +++ /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes 2018-01-07 17:25:47.376854872 +0100 @@ -1,0 +2,39 @@ +Fri Jan 5 19:15:55 CET 2018 - [email protected] + +- Linux 4.14.12 (bnc#1012628). +- exec: Weaken dumpability for secureexec (bnc#1012628). +- capabilities: fix buffer overread on very short xattr + (bnc#1012628). +- x86/cpu, x86/pti: Do not enable PTI on AMD processors + (bnc#1012628). +- x86/pti: Make sure the user/kernel PTEs match (bnc#1012628). +- x86/dumpstack: Fix partial register dumps (bnc#1012628). +- x86/dumpstack: Print registers for first stack frame + (bnc#1012628). +- x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat() + (bnc#1012628). +- x86/process: Define cpu_tss_rw in same section as declaration + (bnc#1012628). +- Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find." (bnc#1012628). +- rtc: m41t80: m41t80_sqw_set_rate should return 0 on success + (bnc#1012628). +- rtc: m41t80: fix m41t80_sqw_round_rate return value + (bnc#1012628). +- rtc: m41t80: avoid i2c read in m41t80_sqw_recalc_rate + (bnc#1012628). +- rtc: m41t80: avoid i2c read in m41t80_sqw_is_prepared + (bnc#1012628). +- rtc: m41t80: remove unneeded checks from m41t80_sqw_set_rate + (bnc#1012628). +- Refresh + patches.suse/0002-x86-stacktrace-make-clear-the-success-paths.patch. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch. +- Refresh + patches.suse/0015-x86-syscall-Clear-unused-extra-registers-on-32-bit-c.patch. +- commit 3cf399e + +------------------------------------------------------------------- dtb-armv6l.changes: same change dtb-armv7l.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-syzkaller.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.379214446 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.383214259 +0100 @@ -17,7 +17,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb}) Name: dtb-aarch64 -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.447211260 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.447211260 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0 Group: System/Kernel -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif kernel-debug.spec: same change kernel-default.spec: same change ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.507208448 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.507208448 +0100 @@ -17,7 +17,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0 Group: Documentation/Man -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-lpae.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.527207511 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.531207324 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel for LPAE enabled systems License: GPL-2.0 Group: System/Kernel -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.547206574 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.551206387 +0100 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -57,9 +57,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0 Group: SLES -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.571205450 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.571205450 +0100 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0 Group: SLES -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.591204513 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.595204325 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel with PAE Support License: GPL-2.0 Group: System/Kernel -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.611203576 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.615203388 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Summary: The Linux Kernel Sources License: GPL-2.0 Group: Development/Sources -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.639202263 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.639202263 +0100 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0 Group: Development/Sources -Version: 4.14.11 +Version: 4.14.12 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif ++++++ kernel-syzkaller.spec ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:22.671200764 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:22.671200764 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.11 +%define patchversion 4.14.12 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel used for fuzzing by syzkaller License: GPL-2.0 Group: System/Kernel -Version: 4.14.11 +Version: 4.14.12 %if 0%{?is_kotd} -Release: <RELEASE>.gc36893f +Release: <RELEASE>.g3cf399e %else Release: 0 %endif kernel-vanilla.spec: same change kernel-zfcpdump.spec: same change ++++++ patches.kernel.org.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-001-exec-Weaken-dumpability-for-secureexec.patch new/patches.kernel.org/4.14.12-001-exec-Weaken-dumpability-for-secureexec.patch --- old/patches.kernel.org/4.14.12-001-exec-Weaken-dumpability-for-secureexec.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-001-exec-Weaken-dumpability-for-secureexec.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,52 @@ +From: Kees Cook <[email protected]> +Date: Tue, 2 Jan 2018 15:21:33 -0800 +Subject: [PATCH] exec: Weaken dumpability for secureexec +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: e816c201aed5232171f8eb80b5d46ae6516683b9 + +commit e816c201aed5232171f8eb80b5d46ae6516683b9 upstream. + +This is a logical revert of commit e37fdb785a5f ("exec: Use secureexec +for setting dumpability") + +This weakens dumpability back to checking only for uid/gid changes in +current (which is useless), but userspace depends on dumpability not +being tied to secureexec. + + https://bugzilla.redhat.com/show_bug.cgi?id=1528633 + +Reported-by: Tom Horsley <[email protected]> +Fixes: e37fdb785a5f ("exec: Use secureexec for setting dumpability") +Signed-off-by: Kees Cook <[email protected]> +Signed-off-by: Linus Torvalds <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + fs/exec.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/fs/exec.c b/fs/exec.c +index 3e14ba25f678..acec119fcc31 100644 +--- a/fs/exec.c ++++ b/fs/exec.c +@@ -1350,9 +1350,14 @@ void setup_new_exec(struct linux_binprm * bprm) + + current->sas_ss_sp = current->sas_ss_size = 0; + +- /* Figure out dumpability. */ ++ /* ++ * Figure out dumpability. Note that this checking only of current ++ * is wrong, but userspace depends on it. This should be testing ++ * bprm->secureexec instead. ++ */ + if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP || +- bprm->secureexec) ++ !(uid_eq(current_euid(), current_uid()) && ++ gid_eq(current_egid(), current_gid()))) + set_dumpable(current->mm, suid_dumpable); + else + set_dumpable(current->mm, SUID_DUMP_USER); +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-002-capabilities-fix-buffer-overread-on-very-shor.patch new/patches.kernel.org/4.14.12-002-capabilities-fix-buffer-overread-on-very-shor.patch --- old/patches.kernel.org/4.14.12-002-capabilities-fix-buffer-overread-on-very-shor.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-002-capabilities-fix-buffer-overread-on-very-shor.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,120 @@ +From: Eric Biggers <[email protected]> +Date: Mon, 1 Jan 2018 09:28:31 -0600 +Subject: [PATCH] capabilities: fix buffer overread on very short xattr +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: dc32b5c3e6e2ef29cef76d9ce1b92d394446150e + +commit dc32b5c3e6e2ef29cef76d9ce1b92d394446150e upstream. + +If userspace attempted to set a "security.capability" xattr shorter than +4 bytes (e.g. 'setfattr -n security.capability -v x file'), then +cap_convert_nscap() read past the end of the buffer containing the xattr +value because it accessed the ->magic_etc field without verifying that +the xattr value is long enough to contain that field. + +Fix it by validating the xattr value size first. + +This bug was found using syzkaller with KASAN. The KASAN report was as +follows (cleaned up slightly): + + BUG: KASAN: slab-out-of-bounds in cap_convert_nscap+0x514/0x630 security/commoncap.c:498 + Read of size 4 at addr ffff88002d8741c0 by task syz-executor1/2852 + + CPU: 0 PID: 2852 Comm: syz-executor1 Not tainted 4.15.0-rc6-00200-gcc0aac99d977 #253 + Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-20171110_100015-anatol 04/01/2014 + Call Trace: + __dump_stack lib/dump_stack.c:17 [inline] + dump_stack+0xe3/0x195 lib/dump_stack.c:53 + print_address_description+0x73/0x260 mm/kasan/report.c:252 + kasan_report_error mm/kasan/report.c:351 [inline] + kasan_report+0x235/0x350 mm/kasan/report.c:409 + cap_convert_nscap+0x514/0x630 security/commoncap.c:498 + setxattr+0x2bd/0x350 fs/xattr.c:446 + path_setxattr+0x168/0x1b0 fs/xattr.c:472 + SYSC_setxattr fs/xattr.c:487 [inline] + SyS_setxattr+0x36/0x50 fs/xattr.c:483 + entry_SYSCALL_64_fastpath+0x18/0x85 + +Fixes: 8db6c34f1dbc ("Introduce v3 namespaced file capabilities") +Signed-off-by: Eric Biggers <[email protected]> +Reviewed-by: Serge Hallyn <[email protected]> +Signed-off-by: James Morris <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + security/commoncap.c | 21 +++++++++------------ + 1 file changed, 9 insertions(+), 12 deletions(-) + +diff --git a/security/commoncap.c b/security/commoncap.c +index fc46f5b85251..7b01431d1e19 100644 +--- a/security/commoncap.c ++++ b/security/commoncap.c +@@ -348,21 +348,18 @@ static __u32 sansflags(__u32 m) + return m & ~VFS_CAP_FLAGS_EFFECTIVE; + } + +-static bool is_v2header(size_t size, __le32 magic) ++static bool is_v2header(size_t size, const struct vfs_cap_data *cap) + { +- __u32 m = le32_to_cpu(magic); + if (size != XATTR_CAPS_SZ_2) + return false; +- return sansflags(m) == VFS_CAP_REVISION_2; ++ return sansflags(le32_to_cpu(cap->magic_etc)) == VFS_CAP_REVISION_2; + } + +-static bool is_v3header(size_t size, __le32 magic) ++static bool is_v3header(size_t size, const struct vfs_cap_data *cap) + { +- __u32 m = le32_to_cpu(magic); +- + if (size != XATTR_CAPS_SZ_3) + return false; +- return sansflags(m) == VFS_CAP_REVISION_3; ++ return sansflags(le32_to_cpu(cap->magic_etc)) == VFS_CAP_REVISION_3; + } + + /* +@@ -405,7 +402,7 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer, + + fs_ns = inode->i_sb->s_user_ns; + cap = (struct vfs_cap_data *) tmpbuf; +- if (is_v2header((size_t) ret, cap->magic_etc)) { ++ if (is_v2header((size_t) ret, cap)) { + /* If this is sizeof(vfs_cap_data) then we're ok with the + * on-disk value, so return that. */ + if (alloc) +@@ -413,7 +410,7 @@ int cap_inode_getsecurity(struct inode *inode, const char *name, void **buffer, + else + kfree(tmpbuf); + return ret; +- } else if (!is_v3header((size_t) ret, cap->magic_etc)) { ++ } else if (!is_v3header((size_t) ret, cap)) { + kfree(tmpbuf); + return -EINVAL; + } +@@ -470,9 +467,9 @@ static kuid_t rootid_from_xattr(const void *value, size_t size, + return make_kuid(task_ns, rootid); + } + +-static bool validheader(size_t size, __le32 magic) ++static bool validheader(size_t size, const struct vfs_cap_data *cap) + { +- return is_v2header(size, magic) || is_v3header(size, magic); ++ return is_v2header(size, cap) || is_v3header(size, cap); + } + + /* +@@ -495,7 +492,7 @@ int cap_convert_nscap(struct dentry *dentry, void **ivalue, size_t size) + + if (!*ivalue) + return -EINVAL; +- if (!validheader(size, cap->magic_etc)) ++ if (!validheader(size, cap)) + return -EINVAL; + if (!capable_wrt_inode_uidgid(inode, CAP_SETFCAP)) + return -EPERM; +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-003-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-proc.patch new/patches.kernel.org/4.14.12-003-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-proc.patch --- old/patches.kernel.org/4.14.12-003-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-proc.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-003-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-proc.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,49 @@ +From: Tom Lendacky <[email protected]> +Date: Tue, 26 Dec 2017 23:43:54 -0600 +Subject: [PATCH] x86/cpu, x86/pti: Do not enable PTI on AMD processors +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 694d99d40972f12e59a3696effee8a376b79d7c8 + +commit 694d99d40972f12e59a3696effee8a376b79d7c8 upstream. + +AMD processors are not subject to the types of attacks that the kernel +page table isolation feature protects against. The AMD microarchitecture +does not allow memory references, including speculative references, that +access higher privileged data when running in a lesser privileged mode +when that access would result in a page fault. + +Disable page table isolation by default on AMD processors by not setting +the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI +is set. + +Signed-off-by: Tom Lendacky <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Reviewed-by: Borislav Petkov <[email protected]> +Cc: Dave Hansen <[email protected]> +Cc: Andy Lutomirski <[email protected]> +Link: https://lkml.kernel.org/r/[email protected] +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/kernel/cpu/common.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c +index f2a94dfb434e..b1be494ab4e8 100644 +--- a/arch/x86/kernel/cpu/common.c ++++ b/arch/x86/kernel/cpu/common.c +@@ -899,8 +899,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) + + setup_force_cpu_cap(X86_FEATURE_ALWAYS); + +- /* Assume for now that ALL x86 CPUs are insecure */ +- setup_force_cpu_bug(X86_BUG_CPU_INSECURE); ++ if (c->x86_vendor != X86_VENDOR_AMD) ++ setup_force_cpu_bug(X86_BUG_CPU_INSECURE); + + fpu__init_system(c); + +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-004-x86-pti-Make-sure-the-user-kernel-PTEs-match.patch new/patches.kernel.org/4.14.12-004-x86-pti-Make-sure-the-user-kernel-PTEs-match.patch --- old/patches.kernel.org/4.14.12-004-x86-pti-Make-sure-the-user-kernel-PTEs-match.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-004-x86-pti-Make-sure-the-user-kernel-PTEs-match.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,61 @@ +From: Thomas Gleixner <[email protected]> +Date: Wed, 3 Jan 2018 15:57:59 +0100 +Subject: [PATCH] x86/pti: Make sure the user/kernel PTEs match +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 52994c256df36fda9a715697431cba9daecb6b11 + +commit 52994c256df36fda9a715697431cba9daecb6b11 upstream. + +Meelis reported that his K8 Athlon64 emits MCE warnings when PTI is +enabled: + +[Hardware Error]: Error Addr: 0x0000ffff81e000e0 +[Hardware Error]: MC1 Error: L1 TLB multimatch. +[Hardware Error]: cache level: L1, tx: INSN + +The address is in the entry area, which is mapped into kernel _AND_ user +space. That's special because we switch CR3 while we are executing +there. + +User mapping: +0xffffffff81e00000-0xffffffff82000000 2M ro PSE GLB x pmd + +Kernel mapping: +0xffffffff81000000-0xffffffff82000000 16M ro PSE x pmd + +So the K8 is complaining that the TLB entries differ. They differ in the +GLB bit. + +Drop the GLB bit when installing the user shared mapping. + +Fixes: 6dc72c3cbca0 ("x86/mm/pti: Share entry text PMD") +Reported-by: Meelis Roos <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Tested-by: Meelis Roos <[email protected]> +Cc: Borislav Petkov <[email protected]> +Cc: Tom Lendacky <[email protected]> +Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801031407180.1957@nanos +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/mm/pti.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c +index bce8aea65606..2da28ba97508 100644 +--- a/arch/x86/mm/pti.c ++++ b/arch/x86/mm/pti.c +@@ -367,7 +367,8 @@ static void __init pti_setup_espfix64(void) + static void __init pti_clone_entry_text(void) + { + pti_clone_pmds((unsigned long) __entry_text_start, +- (unsigned long) __irqentry_text_end, _PAGE_RW); ++ (unsigned long) __irqentry_text_end, ++ _PAGE_RW | _PAGE_GLOBAL); + } + + /* +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-005-x86-dumpstack-Fix-partial-register-dumps.patch new/patches.kernel.org/4.14.12-005-x86-dumpstack-Fix-partial-register-dumps.patch --- old/patches.kernel.org/4.14.12-005-x86-dumpstack-Fix-partial-register-dumps.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-005-x86-dumpstack-Fix-partial-register-dumps.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,170 @@ +From: Josh Poimboeuf <[email protected]> +Date: Sun, 31 Dec 2017 10:18:06 -0600 +Subject: [PATCH] x86/dumpstack: Fix partial register dumps +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: a9cdbe72c4e8bf3b38781c317a79326e2e1a230d + +commit a9cdbe72c4e8bf3b38781c317a79326e2e1a230d upstream. + +The show_regs_safe() logic is wrong. When there's an iret stack frame, +it prints the entire pt_regs -- most of which is random stack data -- +instead of just the five registers at the end. + +show_regs_safe() is also poorly named: the on_stack() checks aren't for +safety. Rename the function to show_regs_if_on_stack() and add a +comment to explain why the checks are needed. + +These issues were introduced with the "partial register dump" feature of +the following commit: + + b02fcf9ba121 ("x86/unwinder: Handle stack overflows more gracefully") + +That patch had gone through a few iterations of development, and the +above issues were artifacts from a previous iteration of the patch where +'regs' pointed directly to the iret frame rather than to the (partially +empty) pt_regs. + +Tested-by: Alexander Tsoy <[email protected]> +Signed-off-by: Josh Poimboeuf <[email protected]> +Cc: Andy Lutomirski <[email protected]> +Cc: Linus Torvalds <[email protected]> +Cc: Peter Zijlstra <[email protected]> +Cc: Thomas Gleixner <[email protected]> +Cc: Toralf Förster <[email protected]> +Fixes: b02fcf9ba121 ("x86/unwinder: Handle stack overflows more gracefully") +Link: http://lkml.kernel.org/r/5b05b8b344f59db2d3d50dbdeba92d60f2304c54.1514736742.git.jpoim...@redhat.com +Signed-off-by: Ingo Molnar <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/include/asm/unwind.h | 17 +++++++++++++---- + arch/x86/kernel/dumpstack.c | 28 ++++++++++++++++++++-------- + arch/x86/kernel/stacktrace.c | 2 +- + 3 files changed, 34 insertions(+), 13 deletions(-) + +diff --git a/arch/x86/include/asm/unwind.h b/arch/x86/include/asm/unwind.h +index c1688c2d0a12..1f86e1b0a5cd 100644 +--- a/arch/x86/include/asm/unwind.h ++++ b/arch/x86/include/asm/unwind.h +@@ -56,18 +56,27 @@ void unwind_start(struct unwind_state *state, struct task_struct *task, + + #if defined(CONFIG_UNWINDER_ORC) || defined(CONFIG_UNWINDER_FRAME_POINTER) + /* +- * WARNING: The entire pt_regs may not be safe to dereference. In some cases, +- * only the iret frame registers are accessible. Use with caution! ++ * If 'partial' returns true, only the iret frame registers are valid. + */ +-static inline struct pt_regs *unwind_get_entry_regs(struct unwind_state *state) ++static inline struct pt_regs *unwind_get_entry_regs(struct unwind_state *state, ++ bool *partial) + { + if (unwind_done(state)) + return NULL; + ++ if (partial) { ++#ifdef CONFIG_UNWINDER_ORC ++ *partial = !state->full_regs; ++#else ++ *partial = false; ++#endif ++ } ++ + return state->regs; + } + #else +-static inline struct pt_regs *unwind_get_entry_regs(struct unwind_state *state) ++static inline struct pt_regs *unwind_get_entry_regs(struct unwind_state *state, ++ bool *partial) + { + return NULL; + } +diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c +index 5fa110699ed2..d0bb176a7261 100644 +--- a/arch/x86/kernel/dumpstack.c ++++ b/arch/x86/kernel/dumpstack.c +@@ -76,12 +76,23 @@ void show_iret_regs(struct pt_regs *regs) + regs->sp, regs->flags); + } + +-static void show_regs_safe(struct stack_info *info, struct pt_regs *regs) ++static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs, ++ bool partial) + { +- if (on_stack(info, regs, sizeof(*regs))) ++ /* ++ * These on_stack() checks aren't strictly necessary: the unwind code ++ * has already validated the 'regs' pointer. The checks are done for ++ * ordering reasons: if the registers are on the next stack, we don't ++ * want to print them out yet. Otherwise they'll be shown as part of ++ * the wrong stack. Later, when show_trace_log_lvl() switches to the ++ * next stack, this function will be called again with the same regs so ++ * they can be printed in the right context. ++ */ ++ if (!partial && on_stack(info, regs, sizeof(*regs))) { + __show_regs(regs, 0); +- else if (on_stack(info, (void *)regs + IRET_FRAME_OFFSET, +- IRET_FRAME_SIZE)) { ++ ++ } else if (partial && on_stack(info, (void *)regs + IRET_FRAME_OFFSET, ++ IRET_FRAME_SIZE)) { + /* + * When an interrupt or exception occurs in entry code, the + * full pt_regs might not have been saved yet. In that case +@@ -98,6 +109,7 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, + struct stack_info stack_info = {0}; + unsigned long visit_mask = 0; + int graph_idx = 0; ++ bool partial; + + printk("%sCall Trace:\n", log_lvl); + +@@ -140,7 +152,7 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, + printk("%s <%s>\n", log_lvl, stack_name); + + if (regs) +- show_regs_safe(&stack_info, regs); ++ show_regs_if_on_stack(&stack_info, regs, partial); + + /* + * Scan the stack, printing any text addresses we find. At the +@@ -164,7 +176,7 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, + + /* + * Don't print regs->ip again if it was already printed +- * by show_regs_safe() below. ++ * by show_regs_if_on_stack(). + */ + if (regs && stack == ®s->ip) + goto next; +@@ -199,9 +211,9 @@ next: + unwind_next_frame(&state); + + /* if the frame has entry regs, print them */ +- regs = unwind_get_entry_regs(&state); ++ regs = unwind_get_entry_regs(&state, &partial); + if (regs) +- show_regs_safe(&stack_info, regs); ++ show_regs_if_on_stack(&stack_info, regs, partial); + } + + if (stack_name) +diff --git a/arch/x86/kernel/stacktrace.c b/arch/x86/kernel/stacktrace.c +index 8dabd7bf1673..60244bfaf88f 100644 +--- a/arch/x86/kernel/stacktrace.c ++++ b/arch/x86/kernel/stacktrace.c +@@ -98,7 +98,7 @@ static int __save_stack_trace_reliable(struct stack_trace *trace, + for (unwind_start(&state, task, NULL, NULL); !unwind_done(&state); + unwind_next_frame(&state)) { + +- regs = unwind_get_entry_regs(&state); ++ regs = unwind_get_entry_regs(&state, NULL); + if (regs) { + /* + * Kernel mode registers on the stack indicate an +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-006-x86-dumpstack-Print-registers-for-first-stack.patch new/patches.kernel.org/4.14.12-006-x86-dumpstack-Print-registers-for-first-stack.patch --- old/patches.kernel.org/4.14.12-006-x86-dumpstack-Print-registers-for-first-stack.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-006-x86-dumpstack-Print-registers-for-first-stack.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,56 @@ +From: Josh Poimboeuf <[email protected]> +Date: Sun, 31 Dec 2017 10:18:07 -0600 +Subject: [PATCH] x86/dumpstack: Print registers for first stack frame +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 3ffdeb1a02be3086f1411a15c5b9c481fa28e21f + +commit 3ffdeb1a02be3086f1411a15c5b9c481fa28e21f upstream. + +In the stack dump code, if the frame after the starting pt_regs is also +a regs frame, the registers don't get printed. Fix that. + +Reported-by: Andy Lutomirski <[email protected]> +Tested-by: Alexander Tsoy <[email protected]> +Signed-off-by: Josh Poimboeuf <[email protected]> +Cc: Andy Lutomirski <[email protected]> +Cc: Linus Torvalds <[email protected]> +Cc: Peter Zijlstra <[email protected]> +Cc: Thomas Gleixner <[email protected]> +Cc: Toralf Förster <[email protected]> +Fixes: 3b3fa11bc700 ("x86/dumpstack: Print any pt_regs found on the stack") +Link: http://lkml.kernel.org/r/396f84491d2f0ef64eda4217a2165f5712f6a115.1514736742.git.jpoim...@redhat.com +Signed-off-by: Ingo Molnar <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/kernel/dumpstack.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c +index d0bb176a7261..afbecff161d1 100644 +--- a/arch/x86/kernel/dumpstack.c ++++ b/arch/x86/kernel/dumpstack.c +@@ -115,6 +115,7 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, + + unwind_start(&state, task, regs, stack); + stack = stack ? : get_stack_pointer(task, regs); ++ regs = unwind_get_entry_regs(&state, &partial); + + /* + * Iterate through the stacks, starting with the current stack pointer. +@@ -132,7 +133,7 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs, + * - hardirq stack + * - entry stack + */ +- for (regs = NULL; stack; stack = PTR_ALIGN(stack_info.next_sp, sizeof(long))) { ++ for ( ; stack; stack = PTR_ALIGN(stack_info.next_sp, sizeof(long))) { + const char *stack_name; + + if (get_stack_info(stack, task, &stack_info, &visit_mask)) { +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-007-x86-pti-Switch-to-kernel-CR3-at-early-in-entr.patch new/patches.kernel.org/4.14.12-007-x86-pti-Switch-to-kernel-CR3-at-early-in-entr.patch --- old/patches.kernel.org/4.14.12-007-x86-pti-Switch-to-kernel-CR3-at-early-in-entr.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-007-x86-pti-Switch-to-kernel-CR3-at-early-in-entr.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,74 @@ +From: Thomas Gleixner <[email protected]> +Date: Wed, 3 Jan 2018 19:52:04 +0100 +Subject: [PATCH] x86/pti: Switch to kernel CR3 at early in + entry_SYSCALL_compat() +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: d7732ba55c4b6a2da339bb12589c515830cfac2c + +commit d7732ba55c4b6a2da339bb12589c515830cfac2c upstream. + +The preparation for PTI which added CR3 switching to the entry code +misplaced the CR3 switch in entry_SYSCALL_compat(). + +With PTI enabled the entry code tries to access a per cpu variable after +switching to kernel GS. This fails because that variable is not mapped to +user space. This results in a double fault and in the worst case a kernel +crash. + +Move the switch ahead of the access and clobber RSP which has been saved +already. + +Fixes: 8a09317b895f ("x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching") +Reported-by: Lars Wendler <[email protected]> +Reported-by: Laura Abbott <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Cc: Borislav Betkov <[email protected]> +Cc: Andy Lutomirski <[email protected]>, +Cc: Dave Hansen <[email protected]>, +Cc: Peter Zijlstra <[email protected]>, +Cc: Greg KH <[email protected]>, , +Cc: Boris Ostrovsky <[email protected]>, +Cc: Juergen Gross <[email protected]> +Link: https://lkml.kernel.org/r/alpine.DEB.2.20.1801031949200.1957@nanos +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/entry/entry_64_compat.S | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S +index 40f17009ec20..98d5358e4041 100644 +--- a/arch/x86/entry/entry_64_compat.S ++++ b/arch/x86/entry/entry_64_compat.S +@@ -190,8 +190,13 @@ ENTRY(entry_SYSCALL_compat) + /* Interrupts are off on entry. */ + swapgs + +- /* Stash user ESP and switch to the kernel stack. */ ++ /* Stash user ESP */ + movl %esp, %r8d ++ ++ /* Use %rsp as scratch reg. User ESP is stashed in r8 */ ++ SWITCH_TO_KERNEL_CR3 scratch_reg=%rsp ++ ++ /* Switch to the kernel stack */ + movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp + + /* Construct struct pt_regs on stack */ +@@ -219,12 +224,6 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) + pushq $0 /* pt_regs->r14 = 0 */ + pushq $0 /* pt_regs->r15 = 0 */ + +- /* +- * We just saved %rdi so it is safe to clobber. It is not +- * preserved during the C calls inside TRACE_IRQS_OFF anyway. +- */ +- SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi +- + /* + * User mode is traced as though IRQs are on, and SYSENTER + * turned them off. +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-008-x86-process-Define-cpu_tss_rw-in-same-section.patch new/patches.kernel.org/4.14.12-008-x86-process-Define-cpu_tss_rw-in-same-section.patch --- old/patches.kernel.org/4.14.12-008-x86-process-Define-cpu_tss_rw-in-same-section.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-008-x86-process-Define-cpu_tss_rw-in-same-section.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,58 @@ +From: Nick Desaulniers <[email protected]> +Date: Wed, 3 Jan 2018 12:39:52 -0800 +Subject: [PATCH] x86/process: Define cpu_tss_rw in same section as declaration +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 2fd9c41aea47f4ad071accf94b94f94f2c4d31eb + +commit 2fd9c41aea47f4ad071accf94b94f94f2c4d31eb upstream. + +cpu_tss_rw is declared with DECLARE_PER_CPU_PAGE_ALIGNED +but then defined with DEFINE_PER_CPU_SHARED_ALIGNED +leading to section mismatch warnings. + +Use DEFINE_PER_CPU_PAGE_ALIGNED consistently. This is necessary because +it's mapped to the cpu entry area and must be page aligned. + +[ tglx: Massaged changelog a bit ] + +Fixes: 1a935bc3d4ea ("x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct") +Suggested-by: Thomas Gleixner <[email protected]> +Signed-off-by: Nick Desaulniers <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Cc: [email protected] +Cc: Borislav Petkov <[email protected]> +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Cc: [email protected] +Link: https://lkml.kernel.org/r/[email protected] +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + arch/x86/kernel/process.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c +index 517415978409..3cb2486c47e4 100644 +--- a/arch/x86/kernel/process.c ++++ b/arch/x86/kernel/process.c +@@ -47,7 +47,7 @@ + * section. Since TSS's are completely CPU-local, we want them + * on exact cacheline boundaries, to eliminate cacheline ping-pong. + */ +-__visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tss_struct, cpu_tss_rw) = { ++__visible DEFINE_PER_CPU_PAGE_ALIGNED(struct tss_struct, cpu_tss_rw) = { + .x86_tss = { + /* + * .sp0 is only used when entering ring 0 from a lower +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-009-Revert-xfrm-Fix-stack-out-of-bounds-read-in-x.patch new/patches.kernel.org/4.14.12-009-Revert-xfrm-Fix-stack-out-of-bounds-read-in-x.patch --- old/patches.kernel.org/4.14.12-009-Revert-xfrm-Fix-stack-out-of-bounds-read-in-x.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-009-Revert-xfrm-Fix-stack-out-of-bounds-read-in-x.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,78 @@ +From: Steffen Klassert <[email protected]> +Date: Wed, 15 Nov 2017 06:40:57 +0100 +Subject: [PATCH] Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find." +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 94802151894d482e82c324edf2c658f8e6b96508 + +commit 94802151894d482e82c324edf2c658f8e6b96508 upstream. + +This reverts commit c9f3f813d462c72dbe412cee6a5cbacf13c4ad5e. + +This commit breaks transport mode when the policy template +has widlcard addresses configured, so revert it. + +Signed-off-by: Steffen Klassert <[email protected]> +Cc: From: Derek Robson <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + net/xfrm/xfrm_policy.c | 29 ++++++++++++++++++----------- + 1 file changed, 18 insertions(+), 11 deletions(-) + +diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c +index 2a6093840e7e..6bc16bb61b55 100644 +--- a/net/xfrm/xfrm_policy.c ++++ b/net/xfrm/xfrm_policy.c +@@ -1362,29 +1362,36 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl, + struct net *net = xp_net(policy); + int nx; + int i, error; ++ xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family); ++ xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family); + xfrm_address_t tmp; + + for (nx = 0, i = 0; i < policy->xfrm_nr; i++) { + struct xfrm_state *x; +- xfrm_address_t *local; +- xfrm_address_t *remote; ++ xfrm_address_t *remote = daddr; ++ xfrm_address_t *local = saddr; + struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i]; + +- remote = &tmpl->id.daddr; +- local = &tmpl->saddr; +- if (xfrm_addr_any(local, tmpl->encap_family)) { +- error = xfrm_get_saddr(net, fl->flowi_oif, +- &tmp, remote, +- tmpl->encap_family, 0); +- if (error) +- goto fail; +- local = &tmp; ++ if (tmpl->mode == XFRM_MODE_TUNNEL || ++ tmpl->mode == XFRM_MODE_BEET) { ++ remote = &tmpl->id.daddr; ++ local = &tmpl->saddr; ++ if (xfrm_addr_any(local, tmpl->encap_family)) { ++ error = xfrm_get_saddr(net, fl->flowi_oif, ++ &tmp, remote, ++ tmpl->encap_family, 0); ++ if (error) ++ goto fail; ++ local = &tmp; ++ } + } + + x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family); + + if (x && x->km.state == XFRM_STATE_VALID) { + xfrm[nx++] = x; ++ daddr = remote; ++ saddr = local; + continue; + } + if (x) { +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-010-rtc-m41t80-m41t80_sqw_set_rate-should-return-.patch new/patches.kernel.org/4.14.12-010-rtc-m41t80-m41t80_sqw_set_rate-should-return-.patch --- old/patches.kernel.org/4.14.12-010-rtc-m41t80-m41t80_sqw_set_rate-should-return-.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-010-rtc-m41t80-m41t80_sqw_set_rate-should-return-.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,39 @@ +From: Troy Kisky <[email protected]> +Date: Thu, 2 Nov 2017 18:58:12 -0700 +Subject: [PATCH] rtc: m41t80: m41t80_sqw_set_rate should return 0 on success +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: de6042d2fa8afe22b76e3c68fd6e9584c9415a3b + +commit de6042d2fa8afe22b76e3c68fd6e9584c9415a3b upstream. + +Previously it was returning -EINVAL upon success. + +Signed-off-by: Troy Kisky <[email protected]> +Signed-off-by: Alexandre Belloni <[email protected]> +Cc: Christoph Fritz <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + drivers/rtc/rtc-m41t80.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/drivers/rtc/rtc-m41t80.c b/drivers/rtc/rtc-m41t80.c +index f4c070ea8384..8f5843169dc2 100644 +--- a/drivers/rtc/rtc-m41t80.c ++++ b/drivers/rtc/rtc-m41t80.c +@@ -510,10 +510,7 @@ static int m41t80_sqw_set_rate(struct clk_hw *hw, unsigned long rate, + reg = (reg & 0x0f) | (val << 4); + + ret = i2c_smbus_write_byte_data(client, reg_sqw, reg); +- if (ret < 0) +- return ret; +- +- return -EINVAL; ++ return ret; + } + + static int m41t80_sqw_control(struct clk_hw *hw, bool enable) +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-011-rtc-m41t80-fix-m41t80_sqw_round_rate-return-v.patch new/patches.kernel.org/4.14.12-011-rtc-m41t80-fix-m41t80_sqw_round_rate-return-v.patch --- old/patches.kernel.org/4.14.12-011-rtc-m41t80-fix-m41t80_sqw_round_rate-return-v.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-011-rtc-m41t80-fix-m41t80_sqw_round_rate-return-v.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,58 @@ +From: Troy Kisky <[email protected]> +Date: Thu, 2 Nov 2017 18:58:13 -0700 +Subject: [PATCH] rtc: m41t80: fix m41t80_sqw_round_rate return value +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: c8384bb04261b9d32fe7402a6068ddaf38913b23 + +commit c8384bb04261b9d32fe7402a6068ddaf38913b23 upstream. + +Previously it was returning the best of +32768, 8192, 1024, 64, 2, 0 + +Now, best of +32768, 8192, 4096, 2048, 1024, 512, 256, 128, +64, 32, 16, 8, 4, 2, 1, 0 + +Signed-off-by: Troy Kisky <[email protected]> +Signed-off-by: Alexandre Belloni <[email protected]> +Cc: Christoph Fritz <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + drivers/rtc/rtc-m41t80.c | 19 +++++++------------ + 1 file changed, 7 insertions(+), 12 deletions(-) + +diff --git a/drivers/rtc/rtc-m41t80.c b/drivers/rtc/rtc-m41t80.c +index 8f5843169dc2..42fc735a5446 100644 +--- a/drivers/rtc/rtc-m41t80.c ++++ b/drivers/rtc/rtc-m41t80.c +@@ -468,18 +468,13 @@ static unsigned long m41t80_sqw_recalc_rate(struct clk_hw *hw, + static long m41t80_sqw_round_rate(struct clk_hw *hw, unsigned long rate, + unsigned long *prate) + { +- int i, freq = M41T80_SQW_MAX_FREQ; +- +- if (freq <= rate) +- return freq; +- +- for (i = 2; i <= ilog2(M41T80_SQW_MAX_FREQ); i++) { +- freq /= 1 << i; +- if (freq <= rate) +- return freq; +- } +- +- return 0; ++ if (rate >= M41T80_SQW_MAX_FREQ) ++ return M41T80_SQW_MAX_FREQ; ++ if (rate >= M41T80_SQW_MAX_FREQ / 4) ++ return M41T80_SQW_MAX_FREQ / 4; ++ if (!rate) ++ return 0; ++ return 1 << ilog2(rate); + } + + static int m41t80_sqw_set_rate(struct clk_hw *hw, unsigned long rate, +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-012-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_recal.patch new/patches.kernel.org/4.14.12-012-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_recal.patch --- old/patches.kernel.org/4.14.12-012-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_recal.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-012-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_recal.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,114 @@ +From: Troy Kisky <[email protected]> +Date: Thu, 2 Nov 2017 18:58:14 -0700 +Subject: [PATCH] rtc: m41t80: avoid i2c read in m41t80_sqw_recalc_rate +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 2cb90ed3de1e279dbaf23df141f54eb9fb1861e6 + +commit 2cb90ed3de1e279dbaf23df141f54eb9fb1861e6 upstream. + +This is a little more efficient, and avoids the warning + + WARNING: possible circular locking dependency detected + 4.14.0-rc7-00007 #14 Not tainted + ------------------------------------------------------ + alsactl/330 is trying to acquire lock: + (prepare_lock){+.+.}, at: [<c049300c>] clk_prepare_lock+0x80/0xf4 + + but task is already holding lock: + (i2c_register_adapter){+.+.}, at: [<c0690ae0>] + i2c_adapter_lock_bus+0x14/0x18 + + which lock already depends on the new lock. + + the existing dependency chain (in reverse order) is: + + -> #1 (i2c_register_adapter){+.+.}: + rt_mutex_lock+0x44/0x5c + i2c_adapter_lock_bus+0x14/0x18 + i2c_transfer+0xa8/0xbc + i2c_smbus_xfer+0x20c/0x5d8 + i2c_smbus_read_byte_data+0x38/0x48 + m41t80_sqw_recalc_rate+0x24/0x58 + +Signed-off-by: Troy Kisky <[email protected]> +Signed-off-by: Alexandre Belloni <[email protected]> +Cc: Christoph Fritz <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + drivers/rtc/rtc-m41t80.c | 28 +++++++++++++++++----------- + 1 file changed, 17 insertions(+), 11 deletions(-) + +diff --git a/drivers/rtc/rtc-m41t80.c b/drivers/rtc/rtc-m41t80.c +index 42fc735a5446..f44dcf628c87 100644 +--- a/drivers/rtc/rtc-m41t80.c ++++ b/drivers/rtc/rtc-m41t80.c +@@ -154,6 +154,7 @@ struct m41t80_data { + struct rtc_device *rtc; + #ifdef CONFIG_COMMON_CLK + struct clk_hw sqw; ++ unsigned long freq; + #endif + }; + +@@ -443,26 +444,28 @@ static SIMPLE_DEV_PM_OPS(m41t80_pm, m41t80_suspend, m41t80_resume); + #ifdef CONFIG_COMMON_CLK + #define sqw_to_m41t80_data(_hw) container_of(_hw, struct m41t80_data, sqw) + +-static unsigned long m41t80_sqw_recalc_rate(struct clk_hw *hw, +- unsigned long parent_rate) ++static unsigned long m41t80_decode_freq(int setting) ++{ ++ return (setting == 0) ? 0 : (setting == 1) ? M41T80_SQW_MAX_FREQ : ++ M41T80_SQW_MAX_FREQ >> setting; ++} ++ ++static unsigned long m41t80_get_freq(struct m41t80_data *m41t80) + { +- struct m41t80_data *m41t80 = sqw_to_m41t80_data(hw); + struct i2c_client *client = m41t80->client; + int reg_sqw = (m41t80->features & M41T80_FEATURE_SQ_ALT) ? + M41T80_REG_WDAY : M41T80_REG_SQW; + int ret = i2c_smbus_read_byte_data(client, reg_sqw); +- unsigned long val = M41T80_SQW_MAX_FREQ; + + if (ret < 0) + return 0; ++ return m41t80_decode_freq(ret >> 4); ++} + +- ret >>= 4; +- if (ret == 0) +- val = 0; +- else if (ret > 1) +- val = val / (1 << ret); +- +- return val; ++static unsigned long m41t80_sqw_recalc_rate(struct clk_hw *hw, ++ unsigned long parent_rate) ++{ ++ return sqw_to_m41t80_data(hw)->freq; + } + + static long m41t80_sqw_round_rate(struct clk_hw *hw, unsigned long rate, +@@ -505,6 +508,8 @@ static int m41t80_sqw_set_rate(struct clk_hw *hw, unsigned long rate, + reg = (reg & 0x0f) | (val << 4); + + ret = i2c_smbus_write_byte_data(client, reg_sqw, reg); ++ if (!ret) ++ m41t80->freq = m41t80_decode_freq(val); + return ret; + } + +@@ -579,6 +584,7 @@ static struct clk *m41t80_sqw_register_clk(struct m41t80_data *m41t80) + init.parent_names = NULL; + init.num_parents = 0; + m41t80->sqw.init = &init; ++ m41t80->freq = m41t80_get_freq(m41t80); + + /* optional override of the clockname */ + of_property_read_string(node, "clock-output-names", &init.name); +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-013-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_is_pr.patch new/patches.kernel.org/4.14.12-013-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_is_pr.patch --- old/patches.kernel.org/4.14.12-013-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_is_pr.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-013-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_is_pr.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,85 @@ +From: Troy Kisky <[email protected]> +Date: Thu, 2 Nov 2017 18:58:15 -0700 +Subject: [PATCH] rtc: m41t80: avoid i2c read in m41t80_sqw_is_prepared +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 13bb1d78f2e372ec0d9b30489ac63768240140fc + +commit 13bb1d78f2e372ec0d9b30489ac63768240140fc upstream. + +This is a little more efficient and avoids the warning + + WARNING: possible circular locking dependency detected + 4.14.0-rc7-00010 #16 Not tainted + ------------------------------------------------------ + kworker/2:1/70 is trying to acquire lock: + (prepare_lock){+.+.}, at: [<c049300c>] clk_prepare_lock+0x80/0xf4 + + but task is already holding lock: + (i2c_register_adapter){+.+.}, at: [<c0690b04>] + i2c_adapter_lock_bus+0x14/0x18 + + which lock already depends on the new lock. + + the existing dependency chain (in reverse order) is: + + -> #1 (i2c_register_adapter){+.+.}: + rt_mutex_lock+0x44/0x5c + i2c_adapter_lock_bus+0x14/0x18 + i2c_transfer+0xa8/0xbc + i2c_smbus_xfer+0x20c/0x5d8 + i2c_smbus_read_byte_data+0x38/0x48 + m41t80_sqw_is_prepared+0x18/0x28 + +Signed-off-by: Troy Kisky <[email protected]> +Signed-off-by: Alexandre Belloni <[email protected]> +Cc: Christoph Fritz <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + drivers/rtc/rtc-m41t80.c | 15 ++++++--------- + 1 file changed, 6 insertions(+), 9 deletions(-) + +diff --git a/drivers/rtc/rtc-m41t80.c b/drivers/rtc/rtc-m41t80.c +index f44dcf628c87..96a606d5f6e6 100644 +--- a/drivers/rtc/rtc-m41t80.c ++++ b/drivers/rtc/rtc-m41t80.c +@@ -155,6 +155,7 @@ struct m41t80_data { + #ifdef CONFIG_COMMON_CLK + struct clk_hw sqw; + unsigned long freq; ++ unsigned int sqwe; + #endif + }; + +@@ -527,7 +528,10 @@ static int m41t80_sqw_control(struct clk_hw *hw, bool enable) + else + ret &= ~M41T80_ALMON_SQWE; + +- return i2c_smbus_write_byte_data(client, M41T80_REG_ALARM_MON, ret); ++ ret = i2c_smbus_write_byte_data(client, M41T80_REG_ALARM_MON, ret); ++ if (!ret) ++ m41t80->sqwe = enable; ++ return ret; + } + + static int m41t80_sqw_prepare(struct clk_hw *hw) +@@ -542,14 +546,7 @@ static void m41t80_sqw_unprepare(struct clk_hw *hw) + + static int m41t80_sqw_is_prepared(struct clk_hw *hw) + { +- struct m41t80_data *m41t80 = sqw_to_m41t80_data(hw); +- struct i2c_client *client = m41t80->client; +- int ret = i2c_smbus_read_byte_data(client, M41T80_REG_ALARM_MON); +- +- if (ret < 0) +- return ret; +- +- return !!(ret & M41T80_ALMON_SQWE); ++ return sqw_to_m41t80_data(hw)->sqwe; + } + + static const struct clk_ops m41t80_sqw_ops = { +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-014-rtc-m41t80-remove-unneeded-checks-from-m41t80.patch new/patches.kernel.org/4.14.12-014-rtc-m41t80-remove-unneeded-checks-from-m41t80.patch --- old/patches.kernel.org/4.14.12-014-rtc-m41t80-remove-unneeded-checks-from-m41t80.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-014-rtc-m41t80-remove-unneeded-checks-from-m41t80.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,62 @@ +From: Troy Kisky <[email protected]> +Date: Thu, 2 Nov 2017 18:58:16 -0700 +Subject: [PATCH] rtc: m41t80: remove unneeded checks from m41t80_sqw_set_rate +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 05a03bf260e0480bfc0db91b1fdbc2115e3f193b + +commit 05a03bf260e0480bfc0db91b1fdbc2115e3f193b upstream. + +m41t80_sqw_set_rate will be called with the result from +m41t80_sqw_round_rate, so might as well make +m41t80_sqw_set_rate(n) same as +m41t80_sqw_set_rate(m41t80_sqw_round_rate(n)) + +As Russell King wrote[1], +"clk_round_rate() is supposed to tell you what you end up with if you +ask clk_set_rate() to set the exact same value you passed in - but +clk_round_rate() won't modify the hardware." + +[1] +http://lists.infradead.org/pipermail/linux-arm-kernel/2012-January/080175.html + +Signed-off-by: Troy Kisky <[email protected]> +Signed-off-by: Alexandre Belloni <[email protected]> +Cc: Christoph Fritz <[email protected]> +Signed-off-by: Greg Kroah-Hartman <[email protected]> +Signed-off-by: Jiri Slaby <[email protected]> +--- + drivers/rtc/rtc-m41t80.c | 17 ++++++----------- + 1 file changed, 6 insertions(+), 11 deletions(-) + +diff --git a/drivers/rtc/rtc-m41t80.c b/drivers/rtc/rtc-m41t80.c +index 96a606d5f6e6..c90fba3ed861 100644 +--- a/drivers/rtc/rtc-m41t80.c ++++ b/drivers/rtc/rtc-m41t80.c +@@ -490,17 +490,12 @@ static int m41t80_sqw_set_rate(struct clk_hw *hw, unsigned long rate, + M41T80_REG_WDAY : M41T80_REG_SQW; + int reg, ret, val = 0; + +- if (rate) { +- if (!is_power_of_2(rate)) +- return -EINVAL; +- val = ilog2(rate); +- if (val == ilog2(M41T80_SQW_MAX_FREQ)) +- val = 1; +- else if (val < (ilog2(M41T80_SQW_MAX_FREQ) - 1)) +- val = ilog2(M41T80_SQW_MAX_FREQ) - val; +- else +- return -EINVAL; +- } ++ if (rate >= M41T80_SQW_MAX_FREQ) ++ val = 1; ++ else if (rate >= M41T80_SQW_MAX_FREQ / 4) ++ val = 2; ++ else if (rate) ++ val = 15 - ilog2(rate); + + reg = i2c_smbus_read_byte_data(client, reg_sqw); + if (reg < 0) +-- +2.15.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.kernel.org/4.14.12-015-Linux-4.14.12.patch new/patches.kernel.org/4.14.12-015-Linux-4.14.12.patch --- old/patches.kernel.org/4.14.12-015-Linux-4.14.12.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.kernel.org/4.14.12-015-Linux-4.14.12.patch 2018-01-05 19:15:55.000000000 +0100 @@ -0,0 +1,28 @@ +From: Greg Kroah-Hartman <[email protected]> +Date: Fri, 5 Jan 2018 15:48:59 +0100 +Subject: [PATCH] Linux 4.14.12 +References: bnc#1012628 +Patch-mainline: 4.14.12 +Git-commit: 8d577afdee3540808302d9dc7a0a7be96c91178f + +Signed-off-by: Jiri Slaby <[email protected]> +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 655887067dc7..20f7d4de0f1c 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,7 +1,7 @@ + # SPDX-License-Identifier: GPL-2.0 + VERSION = 4 + PATCHLEVEL = 14 +-SUBLEVEL = 11 ++SUBLEVEL = 12 + EXTRAVERSION = + NAME = Petit Gorille + +-- +2.15.1 + ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0002-x86-stacktrace-make-clear-the-success-paths.patch new/patches.suse/0002-x86-stacktrace-make-clear-the-success-paths.patch --- old/patches.suse/0002-x86-stacktrace-make-clear-the-success-paths.patch 2018-01-04 12:32:07.000000000 +0100 +++ new/patches.suse/0002-x86-stacktrace-make-clear-the-success-paths.patch 2018-01-05 19:15:55.000000000 +0100 @@ -22,7 +22,7 @@ +++ b/arch/x86/kernel/stacktrace.c @@ -104,16 +104,18 @@ __save_stack_trace_reliable(struct stack - regs = unwind_get_entry_regs(&state); + regs = unwind_get_entry_regs(&state, NULL); if (regs) { + /* Success path for user tasks */ + if (user_mode(regs)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch new/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch --- old/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch 2018-01-04 12:32:07.000000000 +0100 +++ new/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch 2018-01-05 19:15:55.000000000 +0100 @@ -9,12 +9,10 @@ Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/entry/entry_64.S | 18 ++++++++++++++++++ - arch/x86/entry/entry_64_compat.S | 4 ++++ + arch/x86/entry/entry_64.S | 18 ++++++++++++++++++ + arch/x86/entry/entry_64_compat.S | 4 ++++ 2 files changed, 22 insertions(+) -diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S -index dd696b966e58..5afe0f1c5e93 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -37,6 +37,7 @@ @@ -41,7 +39,7 @@ SWITCH_TO_USER_CR3_STACK scratch_reg=%rdi popq %rdi -@@ -745,6 +748,7 @@ GLOBAL(swapgs_restore_regs_and_return_to_usermode) +@@ -745,6 +748,7 @@ GLOBAL(swapgs_restore_regs_and_return_to * We can do future final exit work right here. */ @@ -112,8 +110,6 @@ UNWIND_HINT_IRET_REGS base=%rdx offset=8 pushq 5*8(%rdx) /* pt_regs->ss */ pushq 4*8(%rdx) /* pt_regs->rsp */ -diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S -index 40f17009ec20..dea015e9b0ca 100644 --- a/arch/x86/entry/entry_64_compat.S +++ b/arch/x86/entry/entry_64_compat.S @@ -14,6 +14,7 @@ @@ -132,15 +128,15 @@ /* * User tracing code (ptrace or signal handlers) might assume that -@@ -224,6 +226,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) - * preserved during the C calls inside TRACE_IRQS_OFF anyway. - */ - SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi +@@ -195,6 +197,7 @@ ENTRY(entry_SYSCALL_compat) + + /* Use %rsp as scratch reg. User ESP is stashed in r8 */ + SWITCH_TO_KERNEL_CR3 scratch_reg=%rsp + ENABLE_IBRS_CLOBBER - /* - * User mode is traced as though IRQs are on, and SYSENTER -@@ -240,6 +243,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) + /* Switch to the kernel stack */ + movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp +@@ -239,6 +242,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwfram /* Opportunistic SYSRET */ sysret32_from_system_call: TRACE_IRQS_ON /* User mode traces as IRQs on. */ @@ -148,6 +144,3 @@ movq RBX(%rsp), %rbx /* pt_regs->rbx */ movq RBP(%rsp), %rbp /* pt_regs->rbp */ movq EFLAGS(%rsp), %r11 /* pt_regs->flags (in r11) */ --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch new/patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch --- old/patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch 2018-01-04 12:32:07.000000000 +0100 +++ new/patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch 2018-01-05 19:15:55.000000000 +0100 @@ -8,13 +8,11 @@ Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/entry/entry_64.S | 13 ++++++++ - arch/x86/entry/entry_64_compat.S | 5 +++ - arch/x86/include/asm/spec_ctrl.h | 71 ++++++++++++++++++++++++++++++++++++++++ + arch/x86/entry/entry_64.S | 13 +++++++ + arch/x86/entry/entry_64_compat.S | 5 ++ + arch/x86/include/asm/spec_ctrl.h | 71 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+) -diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S -index 097eb935bc86..1b9fd19e01f3 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -238,6 +238,7 @@ GLOBAL(entry_SYSCALL_64_after_hwframe) @@ -58,8 +56,6 @@ ENCODE_FRAME_POINTER 8 xorl %ebx, %ebx testb $3, CS+8(%rsp) -diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S -index dea015e9b0ca..574b5991a726 100644 --- a/arch/x86/entry/entry_64_compat.S +++ b/arch/x86/entry/entry_64_compat.S @@ -98,6 +98,8 @@ ENTRY(entry_SYSENTER_compat) @@ -71,15 +67,15 @@ /* * SYSENTER doesn't filter flags, so we need to clear NT and AC * ourselves. To save a few cycles, we can check whether -@@ -227,6 +229,7 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) - */ - SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi +@@ -198,6 +200,7 @@ ENTRY(entry_SYSCALL_compat) + /* Use %rsp as scratch reg. User ESP is stashed in r8 */ + SWITCH_TO_KERNEL_CR3 scratch_reg=%rsp ENABLE_IBRS_CLOBBER + STUFF_RSB - /* - * User mode is traced as though IRQs are on, and SYSENTER -@@ -354,6 +357,8 @@ ENTRY(entry_INT80_compat) + /* Switch to the kernel stack */ + movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp +@@ -353,6 +356,8 @@ ENTRY(entry_INT80_compat) pushq %r15 /* pt_regs->r15 */ cld @@ -88,8 +84,6 @@ /* * User mode is traced as though IRQs are on, and the interrupt * gate turned them off. -diff --git a/arch/x86/include/asm/spec_ctrl.h b/arch/x86/include/asm/spec_ctrl.h -index 11bc2b6a734b..6a02248ff89b 100644 --- a/arch/x86/include/asm/spec_ctrl.h +++ b/arch/x86/include/asm/spec_ctrl.h @@ -40,6 +40,73 @@ @@ -166,7 +160,7 @@ .macro ENABLE_IBRS ALTERNATIVE "", __stringify(__ASM_ENABLE_IBRS), X86_FEATURE_SPEC_CTRL -@@ -91,5 +158,9 @@ ALTERNATIVE "", __stringify(__ASM_DISABLE_IBRS), X86_FEATURE_SPEC_CTRL +@@ -91,5 +158,9 @@ ALTERNATIVE "", __stringify(__ASM_DISABL ALTERNATIVE "", __stringify(__ASM_DISABLE_IBRS_CLOBBER), X86_FEATURE_SPEC_CTRL .endm @@ -176,6 +170,3 @@ + #endif /* __ASSEMBLY__ */ #endif /* _ASM_X86_SPEC_CTRL_H */ --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0015-x86-syscall-Clear-unused-extra-registers-on-32-bit-c.patch new/patches.suse/0015-x86-syscall-Clear-unused-extra-registers-on-32-bit-c.patch --- old/patches.suse/0015-x86-syscall-Clear-unused-extra-registers-on-32-bit-c.patch 2018-01-04 12:32:07.000000000 +0100 +++ new/patches.suse/0015-x86-syscall-Clear-unused-extra-registers-on-32-bit-c.patch 2018-01-05 19:15:55.000000000 +0100 @@ -12,15 +12,13 @@ Signed-off-by: Tim Chen <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/entry/calling.h | 11 +++++++++++ - arch/x86/entry/entry_64_compat.S | 18 ++++++++++++++---- + arch/x86/entry/calling.h | 11 +++++++++++ + arch/x86/entry/entry_64_compat.S | 18 ++++++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) -diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h -index c68b12eb409d..3009748fbb6d 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h -@@ -156,6 +156,17 @@ For 32-bit we have the following conventions - kernel is built with +@@ -156,6 +156,17 @@ For 32-bit we have the following convent popq %rbx .endm @@ -38,8 +36,6 @@ .macro RESTORE_EXTRA_REGS offset=0 movq 0*8+\offset(%rsp), %r15 movq 1*8+\offset(%rsp), %r14 -diff --git a/arch/x86/entry/entry_64_compat.S b/arch/x86/entry/entry_64_compat.S -index 574b5991a726..795135862273 100644 --- a/arch/x86/entry/entry_64_compat.S +++ b/arch/x86/entry/entry_64_compat.S @@ -100,6 +100,8 @@ ENTRY(entry_SYSENTER_compat) @@ -51,7 +47,7 @@ /* * SYSENTER doesn't filter flags, so we need to clear NT and AC * ourselves. To save a few cycles, we can check whether -@@ -218,10 +220,12 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) +@@ -225,10 +227,12 @@ GLOBAL(entry_SYSCALL_compat_after_hwfram pushq $0 /* pt_regs->r11 = 0 */ pushq %rbx /* pt_regs->rbx */ pushq %rbp /* pt_regs->rbp (will be overwritten) */ @@ -67,8 +63,8 @@ + CLEAR_R8_TO_R15 /* - * We just saved %rdi so it is safe to clobber. It is not -@@ -247,6 +251,10 @@ GLOBAL(entry_SYSCALL_compat_after_hwframe) + * User mode is traced as though IRQs are on, and SYSENTER +@@ -246,6 +250,10 @@ GLOBAL(entry_SYSCALL_compat_after_hwfram sysret32_from_system_call: TRACE_IRQS_ON /* User mode traces as IRQs on. */ DISABLE_IBRS_CLOBBER @@ -79,7 +75,7 @@ movq RBX(%rsp), %rbx /* pt_regs->rbx */ movq RBP(%rsp), %rbp /* pt_regs->rbp */ movq EFLAGS(%rsp), %r11 /* pt_regs->flags (in r11) */ -@@ -359,6 +367,8 @@ ENTRY(entry_INT80_compat) +@@ -358,6 +366,8 @@ ENTRY(entry_INT80_compat) STUFF_RSB @@ -88,6 +84,3 @@ /* * User mode is traced as though IRQs are on, and the interrupt * gate turned them off. --- -2.15.1 - ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:24.067135354 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:24.067135354 +0100 @@ -1228,6 +1228,21 @@ patches.kernel.org/4.14.11-145-n_tty-fix-EXTPROC-vs-ICANON-interaction-with-.patch patches.kernel.org/4.14.11-146-tty-fix-tty_ldisc_receive_buf-documentation.patch patches.kernel.org/4.14.11-147-Linux-4.14.11.patch + patches.kernel.org/4.14.12-001-exec-Weaken-dumpability-for-secureexec.patch + patches.kernel.org/4.14.12-002-capabilities-fix-buffer-overread-on-very-shor.patch + patches.kernel.org/4.14.12-003-x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-proc.patch + patches.kernel.org/4.14.12-004-x86-pti-Make-sure-the-user-kernel-PTEs-match.patch + patches.kernel.org/4.14.12-005-x86-dumpstack-Fix-partial-register-dumps.patch + patches.kernel.org/4.14.12-006-x86-dumpstack-Print-registers-for-first-stack.patch + patches.kernel.org/4.14.12-007-x86-pti-Switch-to-kernel-CR3-at-early-in-entr.patch + patches.kernel.org/4.14.12-008-x86-process-Define-cpu_tss_rw-in-same-section.patch + patches.kernel.org/4.14.12-009-Revert-xfrm-Fix-stack-out-of-bounds-read-in-x.patch + patches.kernel.org/4.14.12-010-rtc-m41t80-m41t80_sqw_set_rate-should-return-.patch + patches.kernel.org/4.14.12-011-rtc-m41t80-fix-m41t80_sqw_round_rate-return-v.patch + patches.kernel.org/4.14.12-012-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_recal.patch + patches.kernel.org/4.14.12-013-rtc-m41t80-avoid-i2c-read-in-m41t80_sqw_is_pr.patch + patches.kernel.org/4.14.12-014-rtc-m41t80-remove-unneeded-checks-from-m41t80.patch + patches.kernel.org/4.14.12-015-Linux-4.14.12.patch ######################################################## # Build fixes that apply to the vanilla kernel too. ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.ZJN5qY/_old 2018-01-07 17:26:24.103133667 +0100 +++ /var/tmp/diff_new_pack.ZJN5qY/_new 2018-01-07 17:26:24.103133667 +0100 @@ -1,3 +1,3 @@ -2018-01-04 12:32:07 +0100 -GIT Revision: c36893f025cf83d5b8d40847d1a34239cb7152eb +2018-01-05 19:15:55 +0100 +GIT Revision: 3cf399e1ccf632c4c2431456c47adcbe71acbb43 GIT Branch: stable
