Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2018-01-20 11:23:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source" Sat Jan 20 11:23:52 2018 rev:401 rq:566575 version:4.14.14 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2018-01-16 13:34:41.249655572 +0100 +++ /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes 2018-01-20 11:23:57.748087353 +0100 @@ -1,0 +2,330 @@ +Wed Jan 17 10:26:10 CET 2018 - [email protected] + +- Linux 4.14.14 (bnc#1012628). +- Delete + patches.kernel.org/4.14.14-053-Revert-Revert-xfrm-Fix-stack-out-of-bounds-re.patch. +- commit eef6178 + +------------------------------------------------------------------- +Tue Jan 16 18:01:44 CET 2018 - [email protected] + +- ALSA: seq: Make ioctls race-free (CVE-2018-1000004,bsc#1076017). +- commit 2134862 + +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - [email protected] + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - [email protected] + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). ++++ 133 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes ++++ and /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes dtb-armv6l.changes: same change dtb-armv7l.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-syzkaller.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.035793390 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.039793203 +0100 @@ -17,7 +17,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb}) Name: dtb-aarch64 -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.111789837 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.111789837 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0 Group: System/Kernel -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif kernel-debug.spec: same change kernel-default.spec: same change ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.179786658 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.179786658 +0100 @@ -17,7 +17,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0 Group: Documentation/Man -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-lpae.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.199785723 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.203785536 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel for LPAE enabled systems License: GPL-2.0 Group: System/Kernel -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.223784601 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.223784601 +0100 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -57,9 +57,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0 Group: SLES -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.247783479 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.247783479 +0100 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0 Group: SLES -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.267782544 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.271782357 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel with PAE Support License: GPL-2.0 Group: System/Kernel -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.295781235 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.295781235 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Summary: The Linux Kernel Sources License: GPL-2.0 Group: Development/Sources -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.319780113 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.323779926 +0100 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0 Group: Development/Sources -Version: 4.14.13 +Version: 4.14.14 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif ++++++ kernel-syzkaller.spec ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:04.343778991 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:04.347778804 +0100 @@ -18,7 +18,7 @@ %define srcversion 4.14 -%define patchversion 4.14.13 +%define patchversion 4.14.14 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Summary: Kernel used for fuzzing by syzkaller License: GPL-2.0 Group: System/Kernel -Version: 4.14.13 +Version: 4.14.14 %if 0%{?is_kotd} -Release: <RELEASE>.gbd444a0 +Release: <RELEASE>.geef6178 %else Release: 0 %endif kernel-vanilla.spec: same change kernel-zfcpdump.spec: same change ++++++ config.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/default new/config/arm64/default --- old/config/arm64/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/arm64/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 4.14.11 Kernel Configuration +# Linux/arm64 4.14.13 Kernel Configuration # CONFIG_ARM64=y CONFIG_64BIT=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv6hl/default new/config/armv6hl/default --- old/config/armv6hl/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/armv6hl/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 4.14.11 Kernel Configuration +# Linux/arm 4.14.13 Kernel Configuration # CONFIG_ARM=y CONFIG_ARM_HAS_SG_CHAIN=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default --- old/config/armv7hl/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/armv7hl/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 4.14.11 Kernel Configuration +# Linux/arm 4.14.13 Kernel Configuration # CONFIG_ARM=y CONFIG_ARM_HAS_SG_CHAIN=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae --- old/config/armv7hl/lpae 2018-01-03 16:57:12.000000000 +0100 +++ new/config/armv7hl/lpae 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm 4.14.11 Kernel Configuration +# Linux/arm 4.14.13 Kernel Configuration # CONFIG_ARM=y CONFIG_ARM_HAS_SG_CHAIN=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/default new/config/i386/default --- old/config/i386/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/i386/default 2018-01-16 13:54:06.000000000 +0100 @@ -78,6 +78,7 @@ # CONFIG_FPGA_MGR_ICE40_SPI is not set CONFIG_FPGA_REGION=m # CONFIG_FSL_EDMA is not set +CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_GPIO_104_DIO_48E=m CONFIG_GPIO_104_IDIO_16=m CONFIG_GPIO_104_IDI_48=m @@ -244,6 +245,7 @@ CONFIG_RADIO_TRUST=m CONFIG_RADIO_TYPHOON=m CONFIG_RADIO_ZOLTRIX=m +CONFIG_RETPOLINE=y CONFIG_RTC_DRV_HYM8563=m # CONFIG_RTC_DRV_R7301 is not set # CONFIG_RTC_DRV_SNVS is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/pae new/config/i386/pae --- old/config/i386/pae 2018-01-03 16:57:12.000000000 +0100 +++ new/config/i386/pae 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/i386 4.14.11 Kernel Configuration +# Linux/i386 4.14.13 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -430,6 +430,7 @@ CONFIG_X86_MPPARSE=y CONFIG_X86_BIGSMP=y # CONFIG_GOLDFISH is not set +CONFIG_RETPOLINE=y CONFIG_INTEL_RDT=y CONFIG_X86_EXTENDED_PLATFORM=y # CONFIG_X86_GOLDFISH is not set @@ -1884,6 +1885,7 @@ CONFIG_SYS_HYPERVISOR=y # CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y CONFIG_REGMAP_I2C=y CONFIG_REGMAP_SPI=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default --- old/config/ppc64/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/ppc64/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/powerpc 4.14.11 Kernel Configuration +# Linux/powerpc 4.14.13 Kernel Configuration # CONFIG_PPC64=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default --- old/config/ppc64le/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/ppc64le/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/powerpc 4.14.11 Kernel Configuration +# Linux/powerpc 4.14.13 Kernel Configuration # CONFIG_PPC64=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/s390x/default new/config/s390x/default --- old/config/s390x/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/s390x/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 4.14.11 Kernel Configuration +# Linux/s390 4.14.13 Kernel Configuration # CONFIG_MMU=y CONFIG_ZONE_DMA=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/s390x/zfcpdump new/config/s390x/zfcpdump --- old/config/s390x/zfcpdump 2018-01-03 16:57:12.000000000 +0100 +++ new/config/s390x/zfcpdump 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/s390 4.14.11 Kernel Configuration +# Linux/s390 4.14.13 Kernel Configuration # CONFIG_MMU=y CONFIG_ZONE_DMA=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default --- old/config/x86_64/default 2018-01-03 16:57:12.000000000 +0100 +++ new/config/x86_64/default 2018-01-16 13:54:06.000000000 +0100 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86_64 4.14.11 Kernel Configuration +# Linux/x86_64 4.14.13 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -450,6 +450,7 @@ CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set +CONFIG_RETPOLINE=y CONFIG_INTEL_RDT=y CONFIG_X86_EXTENDED_PLATFORM=y # CONFIG_X86_NUMACHIP is not set @@ -1887,6 +1888,7 @@ CONFIG_SYS_HYPERVISOR=y # CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y CONFIG_REGMAP_I2C=y CONFIG_REGMAP_SPI=y ++++++ patches.kernel.org.tar.bz2 ++++++ ++++ 11623 lines of diff (skipped) ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0001-x86-cpu-AMD-Make-the-LFENCE-instruction-serialized.patch new/patches.suse/0001-x86-cpu-AMD-Make-the-LFENCE-instruction-serialized.patch --- old/patches.suse/0001-x86-cpu-AMD-Make-the-LFENCE-instruction-serialized.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0001-x86-cpu-AMD-Make-the-LFENCE-instruction-serialized.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,60 +0,0 @@ -From: Elena Reshetova <[email protected]> -Date: Thu, 14 Dec 2017 09:57:58 +0200 -Subject: x86/cpu/AMD: Make the LFENCE instruction serialized -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5753 - -In order to reduce the impact of using MFENCE, make the execution of the -LFENCE instruction serialized. This is done by setting bit 1 of MSR -0xc0011029 (DE_CFG). - -Some families that support LFENCE do not have this MSR. For these -families, the LFENCE instruction is already serialized. - -Signed-off-by: Tom Lendacky <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/include/asm/msr-index.h | 2 ++ - arch/x86/kernel/cpu/amd.c | 13 +++++++++++-- - 2 files changed, 13 insertions(+), 2 deletions(-) - -diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h -index ab022618a50a..1e7d710fef43 100644 ---- a/arch/x86/include/asm/msr-index.h -+++ b/arch/x86/include/asm/msr-index.h -@@ -352,6 +352,8 @@ - #define FAM10H_MMIO_CONF_BASE_MASK 0xfffffffULL - #define FAM10H_MMIO_CONF_BASE_SHIFT 20 - #define MSR_FAM10H_NODE_ID 0xc001100c -+#define MSR_F10H_DECFG 0xc0011029 -+#define MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT 1 - - /* K8 MSRs */ - #define MSR_K8_TOP_MEM1 0xc001001a -diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c -index bcb75dc97d44..d64078d6c5e0 100644 ---- a/arch/x86/kernel/cpu/amd.c -+++ b/arch/x86/kernel/cpu/amd.c -@@ -829,8 +829,17 @@ static void init_amd(struct cpuinfo_x86 *c) - set_cpu_cap(c, X86_FEATURE_K8); - - if (cpu_has(c, X86_FEATURE_XMM2)) { -- /* MFENCE stops RDTSC speculation */ -- set_cpu_cap(c, X86_FEATURE_MFENCE_RDTSC); -+ /* -+ * Use LFENCE for execution serialization. On some families -+ * LFENCE is already serialized and the MSR is not available, -+ * but msr_set_bit() uses rdmsrl_safe() and wrmsrl_safe(). -+ */ -+ if (c->x86 > 0xf) -+ msr_set_bit(MSR_F10H_DECFG, -+ MSR_F10H_DECFG_LFENCE_SERIALIZE_BIT); -+ -+ /* LFENCE with MSR_F10H_DECFG[1]=1 stops RDTSC speculation */ -+ set_cpu_cap(c, X86_FEATURE_LFENCE_RDTSC); - } - - /* --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0002-x86-cpu-AMD-Remove-now-unused-definition-of-MFENCE_R.patch new/patches.suse/0002-x86-cpu-AMD-Remove-now-unused-definition-of-MFENCE_R.patch --- old/patches.suse/0002-x86-cpu-AMD-Remove-now-unused-definition-of-MFENCE_R.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0002-x86-cpu-AMD-Remove-now-unused-definition-of-MFENCE_R.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,46 +0,0 @@ -From: Elena Reshetova <[email protected]> -Date: Thu, 14 Dec 2017 10:09:03 +0200 -Subject: x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5753 - -With the switch to using LFENCE_RDTSC on AMD platforms there is no longer -a need for the MFENCE_RDTSC feature. Remove its usage and definition. - -Signed-off-by: Tom Lendacky <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/include/asm/cpufeatures.h | 2 +- - arch/x86/include/asm/msr.h | 3 +-- - 2 files changed, 2 insertions(+), 3 deletions(-) - -diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h -index 07cdd1715705..68a197d1b407 100644 ---- a/arch/x86/include/asm/cpufeatures.h -+++ b/arch/x86/include/asm/cpufeatures.h -@@ -96,7 +96,7 @@ - #define X86_FEATURE_SYSCALL32 ( 3*32+14) /* "" syscall in IA32 userspace */ - #define X86_FEATURE_SYSENTER32 ( 3*32+15) /* "" sysenter in IA32 userspace */ - #define X86_FEATURE_REP_GOOD ( 3*32+16) /* REP microcode works well */ --#define X86_FEATURE_MFENCE_RDTSC ( 3*32+17) /* "" MFENCE synchronizes RDTSC */ -+ - #define X86_FEATURE_LFENCE_RDTSC ( 3*32+18) /* "" LFENCE synchronizes RDTSC */ - #define X86_FEATURE_ACC_POWER ( 3*32+19) /* AMD Accumulated Power Mechanism */ - #define X86_FEATURE_NOPL ( 3*32+20) /* The NOPL (0F 1F) instructions */ -diff --git a/arch/x86/include/asm/msr.h b/arch/x86/include/asm/msr.h -index 07962f5f6fba..8d8d7ae2f0f7 100644 ---- a/arch/x86/include/asm/msr.h -+++ b/arch/x86/include/asm/msr.h -@@ -214,8 +214,7 @@ static __always_inline unsigned long long rdtsc_ordered(void) - * that some other imaginary CPU is updating continuously with a - * time stamp. - */ -- alternative_2("", "mfence", X86_FEATURE_MFENCE_RDTSC, -- "lfence", X86_FEATURE_LFENCE_RDTSC); -+ alternative("", "lfence", X86_FEATURE_LFENCE_RDTSC); - return rdtsc(); - } - --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch new/patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch --- old/patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,49 +0,0 @@ -From: Elena Reshetova <[email protected]> -Date: Mon, 7 Aug 2017 11:10:28 +0300 -Subject: bpf: prevent speculative execution in eBPF interpreter -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5753 - -This adds an observable speculation barrier before LD_IMM_DW and -LDX_MEM_B/H/W/DW eBPF instructions during eBPF program -execution in order to prevent speculative execution on out -of bound BFP_MAP array indexes. This way an arbitary kernel -memory is not exposed through side channel attacks. - -Signed-off-by: Elena Reshetova <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - kernel/bpf/core.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c -index 7b62df86be1d..b28eca17804f 100644 ---- a/kernel/bpf/core.c -+++ b/kernel/bpf/core.c -@@ -33,6 +33,7 @@ - #include <linux/rcupdate.h> - - #include <asm/unaligned.h> -+#include <asm/barrier.h> - - /* Registers */ - #define BPF_R0 regs[BPF_REG_0] -@@ -932,6 +933,7 @@ static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn, - DST = IMM; - CONT; - LD_IMM_DW: -+ osb(); - DST = (u64) (u32) insn[0].imm | ((u64) (u32) insn[1].imm) << 32; - insn++; - CONT; -@@ -1193,6 +1195,7 @@ static unsigned int ___bpf_prog_run(u64 *regs, const struct bpf_insn *insn, - *(SIZE *)(unsigned long) (DST + insn->off) = IMM; \ - CONT; \ - LDX_MEM_##SIZEOP: \ -+ osb(); \ - DST = *(SIZE *)(unsigned long) (SRC + insn->off); \ - CONT; - --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch new/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch --- old/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch 2018-01-16 18:01:44.000000000 +0100 @@ -15,15 +15,15 @@ --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S -@@ -37,6 +37,7 @@ - #include <asm/pgtable_types.h> +@@ -38,6 +38,7 @@ #include <asm/export.h> #include <asm/frame.h> + #include <asm/nospec-branch.h> +#include <asm/spec_ctrl.h> #include <linux/err.h> #include "calling.h" -@@ -170,6 +171,7 @@ ENTRY(entry_SYSCALL_64_trampoline) +@@ -171,6 +172,7 @@ ENTRY(entry_SYSCALL_64_trampoline) /* Load the top of the task stack into RSP */ movq CPU_ENTRY_AREA_tss + TSS_sp1 + CPU_ENTRY_AREA, %rsp @@ -31,7 +31,7 @@ /* Start building the simulated IRET frame. */ pushq $__USER_DS /* pt_regs->ss */ -@@ -407,6 +409,7 @@ syscall_return_via_sysret: +@@ -413,6 +415,7 @@ syscall_return_via_sysret: * We are on the trampoline stack. All regs except RDI are live. * We can do future final exit work right here. */ @@ -39,7 +39,7 @@ SWITCH_TO_USER_CR3_STACK scratch_reg=%rdi popq %rdi -@@ -745,6 +748,7 @@ GLOBAL(swapgs_restore_regs_and_return_to +@@ -751,6 +754,7 @@ GLOBAL(swapgs_restore_regs_and_return_to * We can do future final exit work right here. */ @@ -47,7 +47,7 @@ SWITCH_TO_USER_CR3_STACK scratch_reg=%rdi /* Restore RDI. */ -@@ -832,6 +836,14 @@ native_irq_return_ldt: +@@ -838,6 +842,14 @@ native_irq_return_ldt: SWAPGS /* to kernel GS */ SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi /* to kernel CR3 */ @@ -62,7 +62,7 @@ movq PER_CPU_VAR(espfix_waddr), %rdi movq %rax, (0*8)(%rdi) /* user RAX */ movq (1*8)(%rsp), %rax /* user RIP */ -@@ -965,6 +977,7 @@ ENTRY(switch_to_thread_stack) +@@ -971,6 +983,7 @@ ENTRY(switch_to_thread_stack) SWITCH_TO_KERNEL_CR3 scratch_reg=%rdi movq %rsp, %rdi movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp @@ -70,7 +70,7 @@ UNWIND_HINT sp_offset=16 sp_reg=ORC_REG_DI pushq 7*8(%rdi) /* regs->ss */ -@@ -1265,6 +1278,7 @@ ENTRY(paranoid_entry) +@@ -1271,6 +1284,7 @@ ENTRY(paranoid_entry) 1: SAVE_AND_SWITCH_TO_KERNEL_CR3 scratch_reg=%rax save_reg=%r14 @@ -78,7 +78,7 @@ ret END(paranoid_entry) -@@ -1318,6 +1332,7 @@ ENTRY(error_entry) +@@ -1324,6 +1338,7 @@ ENTRY(error_entry) SWAPGS /* We have user CR3. Change to kernel CR3. */ SWITCH_TO_KERNEL_CR3 scratch_reg=%rax @@ -86,7 +86,7 @@ .Lerror_entry_from_usermode_after_swapgs: /* Put us onto the real thread stack. */ -@@ -1365,6 +1380,7 @@ ENTRY(error_entry) +@@ -1371,6 +1386,7 @@ ENTRY(error_entry) */ SWAPGS SWITCH_TO_KERNEL_CR3 scratch_reg=%rax @@ -94,7 +94,7 @@ jmp .Lerror_entry_done .Lbstep_iret: -@@ -1379,6 +1395,7 @@ ENTRY(error_entry) +@@ -1385,6 +1401,7 @@ ENTRY(error_entry) */ SWAPGS SWITCH_TO_KERNEL_CR3 scratch_reg=%rax @@ -102,7 +102,7 @@ /* * Pretend that the exception came from user mode: set up pt_regs -@@ -1480,6 +1497,7 @@ ENTRY(nmi) +@@ -1486,6 +1503,7 @@ ENTRY(nmi) SWITCH_TO_KERNEL_CR3 scratch_reg=%rdx movq %rsp, %rdx movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch new/patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch --- old/patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-16 18:01:44.000000000 +0100 @@ -9,13 +9,11 @@ Signed-off-by: Wei Wang <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/include/asm/kvm_host.h | 2 ++ - arch/x86/kvm/vmx.c | 10 ++++++++++ - arch/x86/kvm/x86.c | 2 +- + arch/x86/include/asm/kvm_host.h | 2 ++ + arch/x86/kvm/vmx.c | 10 ++++++++++ + arch/x86/kvm/x86.c | 2 +- 3 files changed, 13 insertions(+), 1 deletion(-) -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index eb38ac9d9a31..612dc4c63507 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -628,6 +628,8 @@ struct kvm_vcpu_arch { @@ -27,19 +25,17 @@ /* Cache MMIO info */ u64 mmio_gva; unsigned access; -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 47d9432756f3..1bd53cb9828e 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c -@@ -50,6 +50,7 @@ - #include <asm/apic.h> +@@ -51,6 +51,7 @@ #include <asm/irq_remapping.h> #include <asm/mmu_context.h> + #include <asm/nospec-branch.h> +#include <asm/microcode.h> #include "trace.h" #include "pmu.h" -@@ -3264,6 +3265,9 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3273,6 +3274,9 @@ static int vmx_get_msr(struct kvm_vcpu * case MSR_IA32_TSC: msr_info->data = guest_read_tsc(vcpu); break; @@ -49,7 +45,7 @@ case MSR_IA32_SYSENTER_CS: msr_info->data = vmcs_read32(GUEST_SYSENTER_CS); break; -@@ -3371,6 +3375,9 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3380,6 +3384,9 @@ static int vmx_set_msr(struct kvm_vcpu * case MSR_IA32_TSC: kvm_write_tsc(vcpu, msr_info); break; @@ -59,7 +55,7 @@ case MSR_IA32_CR_PAT: if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) { if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data)) -@@ -6279,6 +6286,7 @@ static int handle_rdmsr(struct kvm_vcpu *vcpu) +@@ -6288,6 +6295,7 @@ static int handle_rdmsr(struct kvm_vcpu msr_info.index = ecx; msr_info.host_initiated = false; @@ -67,7 +63,7 @@ if (vmx_get_msr(vcpu, &msr_info)) { trace_kvm_msr_read_ex(ecx); kvm_inject_gp(vcpu, 0); -@@ -6826,6 +6834,8 @@ static __init int hardware_setup(void) +@@ -6835,6 +6843,8 @@ static __init int hardware_setup(void) vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false); @@ -76,8 +72,6 @@ memcpy(vmx_msr_bitmap_legacy_x2apic_apicv, vmx_msr_bitmap_legacy, PAGE_SIZE); -diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 075619a92ce7..9b2f7bb32586 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1005,7 +1005,7 @@ static u32 msrs_to_save[] = { @@ -89,6 +83,3 @@ }; static unsigned num_msrs_to_save; --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch new/patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch --- old/patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,145 +0,0 @@ -From: Tim Chen <[email protected]> -Date: Fri, 20 Oct 2017 17:05:54 -0700 -Subject: x86/kvm: Pad RSB on VM transition -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5715 - -Add code to pad the local CPU's RSB entries to protect -from previous less privilege mode. - -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/include/asm/kvm_host.h | 103 ++++++++++++++++++++++++++++++++++++++++ - arch/x86/kvm/vmx.c | 2 + - 2 files changed, 105 insertions(+) - -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index 612dc4c63507..093242868b06 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -124,6 +124,109 @@ static inline gfn_t gfn_to_index(gfn_t gfn, gfn_t base_gfn, int level) - - #define ASYNC_PF_PER_VCPU 64 - -+static inline void stuff_RSB(void) -+{ -+ __asm__ __volatile__(" \n\ -+ call .label1 \n\ -+ pause \n\ -+.label1: \n\ -+ call .label2 \n\ -+ pause \n\ -+.label2: \n\ -+ call .label3 \n\ -+ pause \n\ -+.label3: \n\ -+ call .label4 \n\ -+ pause \n\ -+.label4: \n\ -+ call .label5 \n\ -+ pause \n\ -+.label5: \n\ -+ call .label6 \n\ -+ pause \n\ -+.label6: \n\ -+ call .label7 \n\ -+ pause \n\ -+.label7: \n\ -+ call .label8 \n\ -+ pause \n\ -+.label8: \n\ -+ call .label9 \n\ -+ pause \n\ -+.label9: \n\ -+ call .label10 \n\ -+ pause \n\ -+.label10: \n\ -+ call .label11 \n\ -+ pause \n\ -+.label11: \n\ -+ call .label12 \n\ -+ pause \n\ -+.label12: \n\ -+ call .label13 \n\ -+ pause \n\ -+.label13: \n\ -+ call .label14 \n\ -+ pause \n\ -+.label14: \n\ -+ call .label15 \n\ -+ pause \n\ -+.label15: \n\ -+ call .label16 \n\ -+ pause \n\ -+.label16: \n\ -+ call .label17 \n\ -+ pause \n\ -+.label17: \n\ -+ call .label18 \n\ -+ pause \n\ -+.label18: \n\ -+ call .label19 \n\ -+ pause \n\ -+.label19: \n\ -+ call .label20 \n\ -+ pause \n\ -+.label20: \n\ -+ call .label21 \n\ -+ pause \n\ -+.label21: \n\ -+ call .label22 \n\ -+ pause \n\ -+.label22: \n\ -+ call .label23 \n\ -+ pause \n\ -+.label23: \n\ -+ call .label24 \n\ -+ pause \n\ -+.label24: \n\ -+ call .label25 \n\ -+ pause \n\ -+.label25: \n\ -+ call .label26 \n\ -+ pause \n\ -+.label26: \n\ -+ call .label27 \n\ -+ pause \n\ -+.label27: \n\ -+ call .label28 \n\ -+ pause \n\ -+.label28: \n\ -+ call .label29 \n\ -+ pause \n\ -+.label29: \n\ -+ call .label30 \n\ -+ pause \n\ -+.label30: \n\ -+ call .label31 \n\ -+ pause \n\ -+.label31: \n\ -+ call .label32 \n\ -+ pause \n\ -+.label32: \n\ -+ add $(32*8), %%rsp \n\ -+": : :"memory"); -+} -+ - enum kvm_reg { - VCPU_REGS_RAX = 0, - VCPU_REGS_RCX = 1, -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index eebbb0382c07..b3998d28c569 100644 ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -9481,6 +9481,8 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - #endif - ); - -+ stuff_RSB(); -+ - /* MSR_IA32_DEBUGCTLMSR is zeroed on vmexit. Restore it if needed */ - if (debugctlmsr) - update_debugctlmsr(debugctlmsr); --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch new/patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch --- old/patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,79 +0,0 @@ -From: Tom Lendacky <[email protected]> -Date: Mon, 18 Dec 2017 07:19:22 -0800 -Subject: x86/kvm: clear registers on VM exit -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5715 - -Clear registers on VM exit to prevent speculative use of them. - -Signed-off-by: Tom Lendacky <[email protected]> -Signed-off-by: Paolo Bonzini <[email protected]> -Signed-off-by: Andrea Arcangeli <[email protected]> -Signed-off-by: Tim Chen <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/kvm/svm.c | 19 +++++++++++++++++++ - arch/x86/kvm/vmx.c | 17 +++++++++++++++++ - 2 files changed, 36 insertions(+) - -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 17fb6c6d939a..714e4804cbe2 100644 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -4964,6 +4964,25 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) - "mov %%r13, %c[r13](%[svm]) \n\t" - "mov %%r14, %c[r14](%[svm]) \n\t" - "mov %%r15, %c[r15](%[svm]) \n\t" -+#endif -+ /* -+ * Clear host registers marked as clobbered to prevent -+ * speculative use. -+ */ -+ "xor %%" _ASM_BX ", %%" _ASM_BX " \n\t" -+ "xor %%" _ASM_CX ", %%" _ASM_CX " \n\t" -+ "xor %%" _ASM_DX ", %%" _ASM_DX " \n\t" -+ "xor %%" _ASM_SI ", %%" _ASM_SI " \n\t" -+ "xor %%" _ASM_DI ", %%" _ASM_DI " \n\t" -+#ifdef CONFIG_X86_64 -+ "xor %%r8, %%r8 \n\t" -+ "xor %%r9, %%r9 \n\t" -+ "xor %%r10, %%r10 \n\t" -+ "xor %%r11, %%r11 \n\t" -+ "xor %%r12, %%r12 \n\t" -+ "xor %%r13, %%r13 \n\t" -+ "xor %%r14, %%r14 \n\t" -+ "xor %%r15, %%r15 \n\t" - #endif - "pop %%" _ASM_BP - : -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index b3998d28c569..1f702c5aaf6d 100644 ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -9439,6 +9439,23 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - "mov %%r13, %c[r13](%0) \n\t" - "mov %%r14, %c[r14](%0) \n\t" - "mov %%r15, %c[r15](%0) \n\t" -+#endif -+ /* -+ * Clear host registers marked as clobbered to prevent -+ * speculative use. -+ */ -+ "xor %%" _ASM_BX ", %%" _ASM_BX " \n\t" -+ "xor %%" _ASM_SI ", %%" _ASM_SI " \n\t" -+ "xor %%" _ASM_DI ", %%" _ASM_DI " \n\t" -+#ifdef CONFIG_X86_64 -+ "xor %%r8, %%r8 \n\t" -+ "xor %%r9, %%r9 \n\t" -+ "xor %%r10, %%r10 \n\t" -+ "xor %%r11, %%r11 \n\t" -+ "xor %%r12, %%r12 \n\t" -+ "xor %%r13, %%r13 \n\t" -+ "xor %%r14, %%r14 \n\t" -+ "xor %%r15, %%r15 \n\t" - #endif - "mov %%cr2, %%" _ASM_AX " \n\t" - "mov %%" _ASM_AX ", %c[cr2](%0) \n\t" --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch new/patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch --- old/patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,154 +0,0 @@ -From: Jun Nakajima <[email protected]> -Date: Wed, 20 Dec 2017 08:04:46 -0800 -Subject: Revert x86/kvm: Pad RSB on VM transition -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5715 - -Reverting the following to apply a patch that covers AMD SVM as well. - Author: Tim Chen <[email protected]> - Date: Fri Oct 20 17:05:54 2017 -0700 - - x86/kvm: Pad RSB on VM transition - - Add code to pad the local CPU's RSB entries to protect - from previous less privilege mode. - - Signed-off-by: Tim Chen <[email protected]> - -Signed-off-by: Jun Nakajima <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/include/asm/kvm_host.h | 103 ---------------------------------------- - arch/x86/kvm/vmx.c | 2 - - 2 files changed, 105 deletions(-) - -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index 093242868b06..612dc4c63507 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -124,109 +124,6 @@ static inline gfn_t gfn_to_index(gfn_t gfn, gfn_t base_gfn, int level) - - #define ASYNC_PF_PER_VCPU 64 - --static inline void stuff_RSB(void) --{ -- __asm__ __volatile__(" \n\ -- call .label1 \n\ -- pause \n\ --.label1: \n\ -- call .label2 \n\ -- pause \n\ --.label2: \n\ -- call .label3 \n\ -- pause \n\ --.label3: \n\ -- call .label4 \n\ -- pause \n\ --.label4: \n\ -- call .label5 \n\ -- pause \n\ --.label5: \n\ -- call .label6 \n\ -- pause \n\ --.label6: \n\ -- call .label7 \n\ -- pause \n\ --.label7: \n\ -- call .label8 \n\ -- pause \n\ --.label8: \n\ -- call .label9 \n\ -- pause \n\ --.label9: \n\ -- call .label10 \n\ -- pause \n\ --.label10: \n\ -- call .label11 \n\ -- pause \n\ --.label11: \n\ -- call .label12 \n\ -- pause \n\ --.label12: \n\ -- call .label13 \n\ -- pause \n\ --.label13: \n\ -- call .label14 \n\ -- pause \n\ --.label14: \n\ -- call .label15 \n\ -- pause \n\ --.label15: \n\ -- call .label16 \n\ -- pause \n\ --.label16: \n\ -- call .label17 \n\ -- pause \n\ --.label17: \n\ -- call .label18 \n\ -- pause \n\ --.label18: \n\ -- call .label19 \n\ -- pause \n\ --.label19: \n\ -- call .label20 \n\ -- pause \n\ --.label20: \n\ -- call .label21 \n\ -- pause \n\ --.label21: \n\ -- call .label22 \n\ -- pause \n\ --.label22: \n\ -- call .label23 \n\ -- pause \n\ --.label23: \n\ -- call .label24 \n\ -- pause \n\ --.label24: \n\ -- call .label25 \n\ -- pause \n\ --.label25: \n\ -- call .label26 \n\ -- pause \n\ --.label26: \n\ -- call .label27 \n\ -- pause \n\ --.label27: \n\ -- call .label28 \n\ -- pause \n\ --.label28: \n\ -- call .label29 \n\ -- pause \n\ --.label29: \n\ -- call .label30 \n\ -- pause \n\ --.label30: \n\ -- call .label31 \n\ -- pause \n\ --.label31: \n\ -- call .label32 \n\ -- pause \n\ --.label32: \n\ -- add $(32*8), %%rsp \n\ --": : :"memory"); --} -- - enum kvm_reg { - VCPU_REGS_RAX = 0, - VCPU_REGS_RCX = 1, -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index b454f9770459..3e8a154160ec 100644 ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -9498,8 +9498,6 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - #endif - ); - -- stuff_RSB(); -- - /* MSR_IA32_DEBUGCTLMSR is zeroed on vmexit. Restore it if needed */ - if (debugctlmsr) - update_debugctlmsr(debugctlmsr); --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch new/patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch --- old/patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,113 +0,0 @@ -From: Tim Chen <[email protected]> -Date: Wed, 20 Dec 2017 08:04:47 -0800 -Subject: x86/kvm: Pad RSB on VM transition -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5715 - -Appylying the patch: - - From: Tim Chen <[email protected]> - Date: Thu, 30 Nov 2017 15:00:10 +0100 - Subject: [RHEL7.5 PATCH 05/35] x86/kvm: Pad RSB on VM transition - - Add code to pad the local CPU's RSB entries to protect - from previous less privilege mode. - - Signed-off-by: Tim Chen <[email protected]> - Signed-off-by: Paolo Bonzini <[email protected]> - Signed-off-by: Andrea Arcangeli <[email protected]> - --- - arch/x86/include/asm/kvm_host.h | 37 +++++++++++++++++++++++++++++++++++++ - arch/x86/kvm/svm.c | 2 ++ - arch/x86/kvm/vmx.c | 2 ++ - 3 files changed, 41 insertions(+) - -[js] x86_64 only - -Signed-off-by: Jun Nakajima <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/include/asm/kvm_host.h | 39 +++++++++++++++++++++++++++++++++++++++ - arch/x86/kvm/svm.c | 2 ++ - arch/x86/kvm/vmx.c | 2 ++ - 3 files changed, 43 insertions(+) - -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index 612dc4c63507..7ad8dc164b7e 100644 ---- a/arch/x86/include/asm/kvm_host.h -+++ b/arch/x86/include/asm/kvm_host.h -@@ -124,6 +124,45 @@ static inline gfn_t gfn_to_index(gfn_t gfn, gfn_t base_gfn, int level) - - #define ASYNC_PF_PER_VCPU 64 - -+static inline void stuff_RSB(void) -+{ -+#ifdef CONFIG_X86_64 -+ __asm__ __volatile__(" call 1f; pause;" -+ "1: call 2f; pause;" -+ "2: call 3f; pause;" -+ "3: call 4f; pause;" -+ "4: call 5f; pause;" -+ "5: call 6f; pause;" -+ "6: call 7f; pause;" -+ "7: call 8f; pause;" -+ "8: call 9f; pause;" -+ "9: call 10f; pause;" -+ "10: call 11f; pause;" -+ "11: call 12f; pause;" -+ "12: call 13f; pause;" -+ "13: call 14f; pause;" -+ "14: call 15f; pause;" -+ "15: call 16f; pause;" -+ "16: call 17f; pause;" -+ "17: call 18f; pause;" -+ "18: call 19f; pause;" -+ "19: call 20f; pause;" -+ "20: call 21f; pause;" -+ "21: call 22f; pause;" -+ "22: call 23f; pause;" -+ "23: call 24f; pause;" -+ "24: call 25f; pause;" -+ "25: call 26f; pause;" -+ "26: call 27f; pause;" -+ "27: call 28f; pause;" -+ "28: call 29f; pause;" -+ "29: call 30f; pause;" -+ "30: call 31f; pause;" -+ "31: call 32f; pause;" -+ "32: add $(32*8), %%rsp": : :"memory"); -+#endif -+} -+ - enum kvm_reg { - VCPU_REGS_RAX = 0, - VCPU_REGS_RCX = 1, -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 714e4804cbe2..a31183f7203d 100644 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -5013,6 +5013,8 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) - #endif - ); - -+ stuff_RSB(); -+ - #ifdef CONFIG_X86_64 - wrmsrl(MSR_GS_BASE, svm->host.gs_base); - #else -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 3e8a154160ec..b454f9770459 100644 ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -9498,6 +9498,8 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - #endif - ); - -+ stuff_RSB(); -+ - /* MSR_IA32_DEBUGCTLMSR is zeroed on vmexit. Restore it if needed */ - if (debugctlmsr) - update_debugctlmsr(debugctlmsr); --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch new/patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch --- old/patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-16 18:01:44.000000000 +0100 @@ -7,14 +7,12 @@ Signed-off-by: Andrea Arcangeli <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/kvm/svm.c | 22 ++++++++++++++++++++++ + arch/x86/kvm/svm.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 4e792cdc10b1..a04ec1d2b5e8 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c -@@ -183,6 +183,8 @@ struct vcpu_svm { +@@ -184,6 +184,8 @@ struct vcpu_svm { u64 gs_base; } host; @@ -23,7 +21,7 @@ u32 *msrpm; ulong nmi_iret_rip; -@@ -252,6 +254,8 @@ static const struct svm_direct_access_msrs { +@@ -253,6 +255,8 @@ static const struct svm_direct_access_ms { .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false }, { .index = MSR_IA32_LASTINTTOIP, .always = false }, @@ -32,7 +30,7 @@ { .index = MSR_INVALID, .always = false }, }; -@@ -919,6 +923,9 @@ static void svm_vcpu_init_msrpm(u32 *msrpm) +@@ -920,6 +924,9 @@ static void svm_vcpu_init_msrpm(u32 *msr set_msr_interception(msrpm, direct_access_msrs[i].index, 1, 1); } @@ -42,7 +40,7 @@ } static void add_msr_offset(u32 offset) -@@ -3604,6 +3611,9 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3605,6 +3612,9 @@ static int svm_get_msr(struct kvm_vcpu * case MSR_VM_CR: msr_info->data = svm->nested.vm_cr_msr; break; @@ -52,7 +50,7 @@ case MSR_IA32_UCODE_REV: msr_info->data = 0x01000065; break; -@@ -3759,6 +3769,9 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) +@@ -3760,6 +3770,9 @@ static int svm_set_msr(struct kvm_vcpu * case MSR_VM_IGNNE: vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data 0x%llx\n", ecx, data); break; @@ -62,7 +60,7 @@ case MSR_IA32_APICBASE: if (kvm_vcpu_apicv_active(vcpu)) avic_update_vapic_bar(to_svm(vcpu), data); -@@ -4947,6 +4960,10 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) +@@ -4948,6 +4961,10 @@ static void svm_vcpu_run(struct kvm_vcpu local_irq_enable(); @@ -73,7 +71,7 @@ asm volatile ( "push %%" _ASM_BP "; \n\t" "mov %c[rbx](%[svm]), %%" _ASM_BX " \n\t" -@@ -5039,6 +5056,11 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) +@@ -5040,6 +5057,11 @@ static void svm_vcpu_run(struct kvm_vcpu #endif ); @@ -82,9 +80,6 @@ + if (svm->spec_ctrl != FEATURE_ENABLE_IBRS) + wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + } - stuff_RSB(); + /* Eliminate branch target predictions from guest mode */ + vmexit_fill_RSB(); - #ifdef CONFIG_X86_64 --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch new/patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch --- old/patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch 2018-01-16 18:01:44.000000000 +0100 @@ -7,16 +7,14 @@ Signed-off-by: Jun Nakajima <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/include/asm/kvm_host.h | 2 -- - arch/x86/kvm/vmx.c | 10 ---------- - arch/x86/kvm/x86.c | 2 +- + arch/x86/include/asm/kvm_host.h | 2 -- + arch/x86/kvm/vmx.c | 10 ---------- + arch/x86/kvm/x86.c | 2 +- 3 files changed, 1 insertion(+), 13 deletions(-) -diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h -index 7ad8dc164b7e..2bf4ba0575b2 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h -@@ -667,8 +667,6 @@ struct kvm_vcpu_arch { +@@ -628,8 +628,6 @@ struct kvm_vcpu_arch { u64 mcg_ext_ctl; u64 *mce_banks; @@ -25,19 +23,17 @@ /* Cache MMIO info */ u64 mmio_gva; unsigned access; -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index b454f9770459..fe37b7d261d9 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c -@@ -50,7 +50,6 @@ - #include <asm/apic.h> +@@ -51,7 +51,6 @@ #include <asm/irq_remapping.h> #include <asm/mmu_context.h> + #include <asm/nospec-branch.h> -#include <asm/microcode.h> #include "trace.h" #include "pmu.h" -@@ -3268,9 +3267,6 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3277,9 +3276,6 @@ static int vmx_get_msr(struct kvm_vcpu * case MSR_IA32_TSC: msr_info->data = guest_read_tsc(vcpu); break; @@ -47,7 +43,7 @@ case MSR_IA32_SYSENTER_CS: msr_info->data = vmcs_read32(GUEST_SYSENTER_CS); break; -@@ -3378,9 +3374,6 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3387,9 +3383,6 @@ static int vmx_set_msr(struct kvm_vcpu * case MSR_IA32_TSC: kvm_write_tsc(vcpu, msr_info); break; @@ -57,7 +53,7 @@ case MSR_IA32_CR_PAT: if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) { if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data)) -@@ -6289,7 +6282,6 @@ static int handle_rdmsr(struct kvm_vcpu *vcpu) +@@ -6298,7 +6291,6 @@ static int handle_rdmsr(struct kvm_vcpu msr_info.index = ecx; msr_info.host_initiated = false; @@ -65,7 +61,7 @@ if (vmx_get_msr(vcpu, &msr_info)) { trace_kvm_msr_read_ex(ecx); kvm_inject_gp(vcpu, 0); -@@ -6837,8 +6829,6 @@ static __init int hardware_setup(void) +@@ -6846,8 +6838,6 @@ static __init int hardware_setup(void) vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false); @@ -74,8 +70,6 @@ memcpy(vmx_msr_bitmap_legacy_x2apic_apicv, vmx_msr_bitmap_legacy, PAGE_SIZE); -diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index 9b2f7bb32586..075619a92ce7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1005,7 +1005,7 @@ static u32 msrs_to_save[] = { @@ -87,6 +81,3 @@ }; static unsigned num_msrs_to_save; --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch new/patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch --- old/patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch 2018-01-16 18:01:44.000000000 +0100 @@ -14,14 +14,12 @@ Signed-off-by: Andrea Arcangeli <[email protected]> Signed-off-by: Jiri Slaby <[email protected]> --- - arch/x86/kvm/vmx.c | 19 +++++++++++++++++++ + arch/x86/kvm/vmx.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index fe37b7d261d9..abb43afc90b4 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c -@@ -580,6 +580,8 @@ struct vcpu_vmx { +@@ -581,6 +581,8 @@ struct vcpu_vmx { u64 msr_host_kernel_gs_base; u64 msr_guest_kernel_gs_base; #endif @@ -30,7 +28,7 @@ u32 vm_entry_controls_shadow; u32 vm_exit_controls_shadow; u32 secondary_exec_control; -@@ -3267,6 +3269,9 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3276,6 +3278,9 @@ static int vmx_get_msr(struct kvm_vcpu * case MSR_IA32_TSC: msr_info->data = guest_read_tsc(vcpu); break; @@ -40,7 +38,7 @@ case MSR_IA32_SYSENTER_CS: msr_info->data = vmcs_read32(GUEST_SYSENTER_CS); break; -@@ -3374,6 +3379,9 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) +@@ -3383,6 +3388,9 @@ static int vmx_set_msr(struct kvm_vcpu * case MSR_IA32_TSC: kvm_write_tsc(vcpu, msr_info); break; @@ -50,7 +48,7 @@ case MSR_IA32_CR_PAT: if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) { if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data)) -@@ -6829,6 +6837,8 @@ static __init int hardware_setup(void) +@@ -6838,6 +6846,8 @@ static __init int hardware_setup(void) vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_CS, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP, false); vmx_disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP, false); @@ -59,7 +57,7 @@ memcpy(vmx_msr_bitmap_legacy_x2apic_apicv, vmx_msr_bitmap_legacy, PAGE_SIZE); -@@ -9355,6 +9365,10 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -9364,6 +9374,10 @@ static void __noclone vmx_vcpu_run(struc vcpu->arch.pkru != vmx->host_pkru) __write_pkru(vcpu->arch.pkru); @@ -70,7 +68,7 @@ atomic_switch_perf_msrs(vmx); if (ibrs_inuse) -@@ -9488,6 +9502,11 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) +@@ -9492,6 +9506,11 @@ static void __noclone vmx_vcpu_run(struc #endif ); @@ -79,9 +77,6 @@ + if (vmx->spec_ctrl) + wrmsrl(MSR_IA32_SPEC_CTRL, FEATURE_ENABLE_IBRS); + } - stuff_RSB(); + /* Eliminate branch target predictions from guest mode */ + vmexit_fill_RSB(); - /* MSR_IA32_DEBUGCTLMSR is zeroed on vmexit. Restore it if needed */ --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/0036-Clear-the-host-registers-after-setbe.patch new/patches.suse/0036-Clear-the-host-registers-after-setbe.patch --- old/patches.suse/0036-Clear-the-host-registers-after-setbe.patch 2018-01-10 10:14:27.000000000 +0100 +++ new/patches.suse/0036-Clear-the-host-registers-after-setbe.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,53 +0,0 @@ -From: Jun Nakajima <[email protected]> -Date: Wed, 20 Dec 2017 08:04:54 -0800 -Subject: Clear the host registers after setbe -Patch-mainline: submitted on 2018/1/9 -References: bnc#1068032 CVE-2017-5715 - -The original patch cleared the host registers before setbe doing XOR, -and it set a false flag as VM enry failure. - -Signed-off-by: Jun Nakajima <[email protected]> -Signed-off-by: Jiri Slaby <[email protected]> ---- - arch/x86/kvm/vmx.c | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c -index 0f76d6303241..8b317ecb9d93 100644 ---- a/arch/x86/kvm/vmx.c -+++ b/arch/x86/kvm/vmx.c -@@ -9440,10 +9440,15 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - "mov %%r14, %c[r14](%0) \n\t" - "mov %%r15, %c[r15](%0) \n\t" - #endif -+ "mov %%cr2, %%" _ASM_AX " \n\t" -+ "mov %%" _ASM_AX ", %c[cr2](%0) \n\t" -+ -+ "pop %%" _ASM_BP "; pop %%" _ASM_DX " \n\t" -+ "setbe %c[fail](%0) \n\t" - /* -- * Clear host registers marked as clobbered to prevent -- * speculative use. -- */ -+ * Clear host registers marked as clobbered to prevent -+ * speculative use. -+ */ - "xor %%" _ASM_BX ", %%" _ASM_BX " \n\t" - "xor %%" _ASM_SI ", %%" _ASM_SI " \n\t" - "xor %%" _ASM_DI ", %%" _ASM_DI " \n\t" -@@ -9457,11 +9462,6 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) - "xor %%r14, %%r14 \n\t" - "xor %%r15, %%r15 \n\t" - #endif -- "mov %%cr2, %%" _ASM_AX " \n\t" -- "mov %%" _ASM_AX ", %c[cr2](%0) \n\t" -- -- "pop %%" _ASM_BP "; pop %%" _ASM_DX " \n\t" -- "setbe %c[fail](%0) \n\t" - ".pushsection .rodata \n\t" - ".global vmx_return \n\t" - "vmx_return: " _ASM_PTR " 2b \n\t" --- -2.15.1 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/ALSA-seq-Make-ioctls-race-free new/patches.suse/ALSA-seq-Make-ioctls-race-free --- old/patches.suse/ALSA-seq-Make-ioctls-race-free 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/ALSA-seq-Make-ioctls-race-free 2018-01-16 18:01:44.000000000 +0100 @@ -0,0 +1,60 @@ +From b3defb791b26ea0683a93a4f49c77ec45ec96f10 Mon Sep 17 00:00:00 2001 +From: Takashi Iwai <[email protected]> +Date: Tue, 9 Jan 2018 23:11:03 +0100 +Subject: [PATCH] ALSA: seq: Make ioctls race-free +Git-commit: b3defb791b26ea0683a93a4f49c77ec45ec96f10 +Patch-mainline: v4.15 +References: CVE-2018-1000004,bsc#1076017 + +The ALSA sequencer ioctls have no protection against racy calls while +the concurrent operations may lead to interfere with each other. As +reported recently, for example, the concurrent calls of setting client +pool with a combination of write calls may lead to either the +unkillable dead-lock or UAF. + +As a slightly big hammer solution, this patch introduces the mutex to +make each ioctl exclusive. Although this may reduce performance via +parallel ioctl calls, usually it's not demanded for sequencer usages, +hence it should be negligible. + +Reported-by: Luo Quan <[email protected]> +Reviewed-by: Kees Cook <[email protected]> +Reviewed-by: Greg Kroah-Hartman <[email protected]> +Cc: <[email protected]> +Signed-off-by: Takashi Iwai <[email protected]> + +--- + sound/core/seq/seq_clientmgr.c | 3 +++ + sound/core/seq/seq_clientmgr.h | 1 + + 2 files changed, 4 insertions(+) + +--- a/sound/core/seq/seq_clientmgr.c ++++ b/sound/core/seq/seq_clientmgr.c +@@ -221,6 +221,7 @@ static struct snd_seq_client *seq_create + rwlock_init(&client->ports_lock); + mutex_init(&client->ports_mutex); + INIT_LIST_HEAD(&client->ports_list_head); ++ mutex_init(&client->ioctl_mutex); + + /* find free slot in the client table */ + spin_lock_irqsave(&clients_lock, flags); +@@ -2126,7 +2127,9 @@ static long snd_seq_ioctl(struct file *f + return -EFAULT; + } + ++ mutex_lock(&client->ioctl_mutex); + err = handler->func(client, &buf); ++ mutex_unlock(&client->ioctl_mutex); + if (err >= 0) { + /* Some commands includes a bug in 'dir' field. */ + if (handler->cmd == SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT || +--- a/sound/core/seq/seq_clientmgr.h ++++ b/sound/core/seq/seq_clientmgr.h +@@ -61,6 +61,7 @@ struct snd_seq_client { + struct list_head ports_list_head; + rwlock_t ports_lock; + struct mutex ports_mutex; ++ struct mutex ioctl_mutex; + int convert32; /* convert 32->64bit */ + + /* output pool */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/drm-nouveau-disp-gf119-add-missing-drive-vfunc-ptr new/patches.suse/drm-nouveau-disp-gf119-add-missing-drive-vfunc-ptr --- old/patches.suse/drm-nouveau-disp-gf119-add-missing-drive-vfunc-ptr 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/drm-nouveau-disp-gf119-add-missing-drive-vfunc-ptr 2018-01-16 18:01:44.000000000 +0100 @@ -0,0 +1,47 @@ +From 1b5c7ef3d0d0610bda9b63263f7c5b7178d11015 Mon Sep 17 00:00:00 2001 +From: Rob Clark <[email protected]> +Date: Sat, 6 Jan 2018 10:59:41 -0500 +Subject: [PATCH] drm/nouveau/disp/gf119: add missing drive vfunc ptr +Git-commit: 1b5c7ef3d0d0610bda9b63263f7c5b7178d11015 +Git-repo: git://people.freedesktop.org/~airlied/linux.git +Patch-mainline: Queued in subsystem maintainer repo +References: bsc#1075613 + +Fixes broken dp on GF119: + + Call Trace: + ? nvkm_dp_train_drive+0x183/0x2c0 [nouveau] + nvkm_dp_acquire+0x4f3/0xcd0 [nouveau] + nv50_disp_super_2_2+0x5d/0x470 [nouveau] + ? nvkm_devinit_pll_set+0xf/0x20 [nouveau] + gf119_disp_super+0x19c/0x2f0 [nouveau] + process_one_work+0x193/0x3c0 + worker_thread+0x35/0x3b0 + kthread+0x125/0x140 + ? process_one_work+0x3c0/0x3c0 + ? kthread_park+0x60/0x60 + ret_from_fork+0x25/0x30 + Code: Bad RIP value. + RIP: (null) RSP: ffffb1e243e4bc38 + CR2: 0000000000000000 + +Fixes: af85389c614a drm/nouveau/disp: shuffle functions around +Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=103421 +Signed-off-by: Rob Clark <[email protected]> +Signed-off-by: Ben Skeggs <[email protected]> +Acked-by: Takashi Iwai <[email protected]> + +--- + drivers/gpu/drm/nouveau/nvkm/engine/disp/sorgf119.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/gpu/drm/nouveau/nvkm/engine/disp/sorgf119.c ++++ b/drivers/gpu/drm/nouveau/nvkm/engine/disp/sorgf119.c +@@ -174,6 +174,7 @@ gf119_sor = { + .links = gf119_sor_dp_links, + .power = g94_sor_dp_power, + .pattern = gf119_sor_dp_pattern, ++ .drive = gf119_sor_dp_drive, + .vcpi = gf119_sor_dp_vcpi, + .audio = gf119_sor_dp_audio, + .audio_sym = gf119_sor_dp_audio_sym, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/orc-fix-retpolines-segfaults.patch new/patches.suse/orc-fix-retpolines-segfaults.patch --- old/patches.suse/orc-fix-retpolines-segfaults.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/orc-fix-retpolines-segfaults.patch 2018-01-16 18:01:44.000000000 +0100 @@ -0,0 +1,30 @@ +From: Jiri Slaby <[email protected]> +Subject: ORC: fix retpolines segfaults +Patch-mainline: never, SUSE specific +References: bnc#1068032 CVE-2017-5715 + +With the non-upstream patch: + patches.suse/0013-x86-entry-Stuff-RSB-for-entry-to-kernel-for-non-SMEP.patch +ORC unwinder crashes due to the functions calling themselves and +insn->call_dest is NULL that case. So handle this case, meaning ORC info +is not valid here. + +When the above patch is in upstream, this patch is to be removed too. + +Signed-off-by: Jiri Slaby <[email protected]> +--- + tools/objtool/check.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/tools/objtool/check.c ++++ b/tools/objtool/check.c +@@ -1744,6 +1744,9 @@ static int validate_branch(struct objtoo + return 0; + + case INSN_CALL: ++ if (!insn->call_dest) ++ break; ++ + if (is_fentry_call(insn)) + break; + ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:05.903706062 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:05.907705874 +0100 @@ -1282,6 +1282,124 @@ patches.kernel.org/4.14.13-037-KVM-s390-fix-cmma-migration-for-multiple-memo.patch patches.kernel.org/4.14.13-038-KVM-s390-prevent-buffer-overrun-on-memory-hot.patch patches.kernel.org/4.14.13-039-Linux-4.14.13.patch + patches.kernel.org/4.14.14-001-dm-bufio-fix-shrinker-scans-when-nr_to_scan-r.patch + patches.kernel.org/4.14.14-002-KVM-Fix-stack-out-of-bounds-read-in-write_mmi.patch + patches.kernel.org/4.14.14-003-can-vxcan-improve-handling-of-missing-peer-na.patch + patches.kernel.org/4.14.14-004-can-gs_usb-fix-return-value-of-the-set_bittim.patch + patches.kernel.org/4.14.14-005-IB-srpt-Disable-RDMA-access-by-the-initiator.patch + patches.kernel.org/4.14.14-006-IB-srpt-Fix-ACL-lookup-during-login.patch + patches.kernel.org/4.14.14-007-MIPS-Validate-PR_SET_FP_MODE-prctl-2-requests.patch + patches.kernel.org/4.14.14-008-MIPS-Factor-out-NT_PRFPREG-regset-access-help.patch + patches.kernel.org/4.14.14-009-MIPS-Guard-against-any-partial-write-attempt-.patch + patches.kernel.org/4.14.14-010-MIPS-Consistently-handle-buffer-counter-with-.patch + patches.kernel.org/4.14.14-011-MIPS-Fix-an-FCSR-access-API-regression-with-N.patch + patches.kernel.org/4.14.14-012-MIPS-Also-verify-sizeof-elf_fpreg_t-with-PTRA.patch + patches.kernel.org/4.14.14-013-MIPS-Disallow-outsized-PTRACE_SETREGSET-NT_PR.patch + patches.kernel.org/4.14.14-014-cgroup-fix-css_task_iter-crash-on-CSS_TASK_IT.patch + patches.kernel.org/4.14.14-015-kvm-vmx-Scrub-hardware-GPRs-at-VM-exit.patch + patches.kernel.org/4.14.14-016-platform-x86-wmi-Call-acpi_wmi_init-later.patch + patches.kernel.org/4.14.14-017-iw_cxgb4-only-call-the-cq-comp_handler-when-t.patch + patches.kernel.org/4.14.14-018-iw_cxgb4-atomically-flush-the-qp.patch + patches.kernel.org/4.14.14-019-iw_cxgb4-only-clear-the-ARMED-bit-if-a-notifi.patch + patches.kernel.org/4.14.14-020-iw_cxgb4-reflect-the-original-WR-opcode-in-dr.patch + patches.kernel.org/4.14.14-021-iw_cxgb4-when-flushing-complete-all-wrs-in-a-.patch + patches.kernel.org/4.14.14-022-x86-acpi-Handle-SCI-interrupts-above-legacy-s.patch + patches.kernel.org/4.14.14-023-ALSA-pcm-Remove-incorrect-snd_BUG_ON-usages.patch + patches.kernel.org/4.14.14-024-ALSA-pcm-Workaround-for-weird-PulseAudio-beha.patch + patches.kernel.org/4.14.14-025-ALSA-pcm-Add-missing-error-checks-in-OSS-emul.patch + patches.kernel.org/4.14.14-026-ALSA-pcm-Abort-properly-at-pending-signal-in-.patch + patches.kernel.org/4.14.14-027-ALSA-pcm-Allow-aborting-mutex-lock-at-OSS-rea.patch + patches.kernel.org/4.14.14-028-ALSA-aloop-Release-cable-upon-open-error-path.patch + patches.kernel.org/4.14.14-029-ALSA-aloop-Fix-inconsistent-format-due-to-inc.patch + patches.kernel.org/4.14.14-030-ALSA-aloop-Fix-racy-hw-constraints-adjustment.patch + patches.kernel.org/4.14.14-031-x86-acpi-Reduce-code-duplication-in-mp_overri.patch + patches.kernel.org/4.14.14-032-8021q-fix-a-memory-leak-for-VLAN-0-device.patch + patches.kernel.org/4.14.14-033-ip6_tunnel-disable-dst-caching-if-tunnel-is-d.patch + patches.kernel.org/4.14.14-034-net-core-fix-module-type-in-sock_diag_bind.patch + patches.kernel.org/4.14.14-035-phylink-ensure-we-report-link-down-when-LOS-a.patch + patches.kernel.org/4.14.14-036-RDS-Heap-OOB-write-in-rds_message_alloc_sgs.patch + patches.kernel.org/4.14.14-037-RDS-null-pointer-dereference-in-rds_atomic_fr.patch + patches.kernel.org/4.14.14-038-net-fec-restore-dev_id-in-the-cases-of-probe-.patch + patches.kernel.org/4.14.14-039-net-fec-defer-probe-if-regulator-is-not-ready.patch + patches.kernel.org/4.14.14-040-net-fec-free-restore-resource-in-related-prob.patch + patches.kernel.org/4.14.14-041-sctp-do-not-retransmit-upon-FragNeeded-if-PMT.patch + patches.kernel.org/4.14.14-042-sctp-fix-the-handling-of-ICMP-Frag-Needed-for.patch + patches.kernel.org/4.14.14-043-sh_eth-fix-TSU-resource-handling.patch + patches.kernel.org/4.14.14-044-net-stmmac-enable-EEE-in-MII-GMII-or-RGMII-on.patch + patches.kernel.org/4.14.14-045-sh_eth-fix-SH7757-GEther-initialization.patch + patches.kernel.org/4.14.14-046-ipv6-fix-possible-mem-leaks-in-ipv6_make_skb.patch + patches.kernel.org/4.14.14-047-ethtool-do-not-print-warning-for-applications.patch + patches.kernel.org/4.14.14-048-mlxsw-spectrum_router-Fix-NULL-pointer-deref.patch + patches.kernel.org/4.14.14-049-net-sched-Fix-update-of-lastuse-in-act-module.patch + patches.kernel.org/4.14.14-050-ipv6-sr-fix-TLVs-not-being-copied-using-setso.patch + patches.kernel.org/4.14.14-051-mlxsw-spectrum-Relax-sanity-checks-during-ens.patch + patches.kernel.org/4.14.14-052-sfp-fix-sfp-bus-oops-when-removing-socket-ups.patch + patches.kernel.org/4.14.14-053-membarrier-Disable-preemption-when-calling-sm.patch + patches.kernel.org/4.14.14-054-crypto-algapi-fix-NULL-dereference-in-crypto_.patch + patches.kernel.org/4.14.14-055-mmc-renesas_sdhi-Add-MODULE_LICENSE.patch + patches.kernel.org/4.14.14-056-rbd-reacquire-lock-should-update-lock-owner-c.patch + patches.kernel.org/4.14.14-057-rbd-set-max_segments-to-USHRT_MAX.patch + patches.kernel.org/4.14.14-058-iwlwifi-pcie-fix-DMA-memory-mapping-unmapping.patch + patches.kernel.org/4.14.14-059-x86-microcode-intel-Extend-BDW-late-loading-w.patch + patches.kernel.org/4.14.14-060-KVM-x86-Add-memory-barrier-on-vmcs-field-look.patch + patches.kernel.org/4.14.14-061-KVM-PPC-Book3S-PR-Fix-WIMG-handling-under-pHy.patch + patches.kernel.org/4.14.14-062-KVM-PPC-Book3S-HV-Drop-prepare_done-from-stru.patch + patches.kernel.org/4.14.14-063-KVM-PPC-Book3S-HV-Fix-use-after-free-in-case-.patch + patches.kernel.org/4.14.14-064-KVM-PPC-Book3S-HV-Always-flush-TLB-in-kvmppc_.patch + patches.kernel.org/4.14.14-065-drm-vmwgfx-Don-t-cache-framebuffer-maps.patch + patches.kernel.org/4.14.14-066-drm-vmwgfx-Potential-off-by-one-in-vmw_view_a.patch + patches.kernel.org/4.14.14-067-drm-i915-gvt-Clear-the-shadow-page-table-entr.patch + patches.kernel.org/4.14.14-068-drm-i915-Whitelist-SLICE_COMMON_ECO_CHICKEN1-.patch + patches.kernel.org/4.14.14-069-drm-i915-Move-init_clock_gating-back-to-where.patch + patches.kernel.org/4.14.14-070-drm-i915-Fix-init_clock_gating-for-resume.patch + patches.kernel.org/4.14.14-071-bpf-prevent-out-of-bounds-speculation.patch + patches.kernel.org/4.14.14-072-bpf-array-fix-overflow-in-max_entries-and-und.patch + patches.kernel.org/4.14.14-073-bpf-arsh-is-not-supported-in-32-bit-alu-thus-.patch + patches.kernel.org/4.14.14-074-USB-serial-cp210x-add-IDs-for-LifeScan-OneTou.patch + patches.kernel.org/4.14.14-075-USB-serial-cp210x-add-new-device-ID-ELV-ALC-8.patch + patches.kernel.org/4.14.14-076-usb-misc-usb3503-make-sure-reset-is-low-for-a.patch + patches.kernel.org/4.14.14-077-USB-fix-usbmon-BUG-trigger.patch + patches.kernel.org/4.14.14-078-USB-UDC-core-fix-double-free-in-usb_add_gadge.patch + patches.kernel.org/4.14.14-079-usbip-remove-kernel-addresses-from-usb-device.patch + patches.kernel.org/4.14.14-080-usbip-fix-vudc_rx-harden-CMD_SUBMIT-path-to-h.patch + patches.kernel.org/4.14.14-081-usbip-vudc_tx-fix-v_send_ret_submit-vulnerabi.patch + patches.kernel.org/4.14.14-082-staging-android-ashmem-fix-a-race-condition-i.patch + patches.kernel.org/4.14.14-083-Bluetooth-Prevent-stack-info-leak-from-the-EF.patch + patches.kernel.org/4.14.14-084-uas-ignore-UAS-for-Norelsys-NS1068-X-chips.patch + patches.kernel.org/4.14.14-085-mux-core-fix-double-get_device.patch + patches.kernel.org/4.14.14-086-kdump-write-correct-address-of-mem_section-in.patch + patches.kernel.org/4.14.14-087-apparmor-fix-ptrace-label-match-when-matching.patch + patches.kernel.org/4.14.14-088-e1000e-Fix-e1000_check_for_copper_link_ich8la.patch + patches.kernel.org/4.14.14-089-x86-pti-Unbreak-EFI-old_memmap.patch + patches.kernel.org/4.14.14-090-x86-Documentation-Add-PTI-description.patch + patches.kernel.org/4.14.14-091-x86-cpufeatures-Add-X86_BUG_SPECTRE_V-12.patch + patches.kernel.org/4.14.14-092-sysfs-cpu-Add-vulnerability-folder.patch + patches.kernel.org/4.14.14-093-x86-cpu-Implement-CPU-vulnerabilites-sysfs-fu.patch + patches.kernel.org/4.14.14-094-x86-tboot-Unbreak-tboot-with-PTI-enabled.patch + patches.kernel.org/4.14.14-095-x86-mm-pti-Remove-dead-logic-in-pti_user_page.patch + patches.kernel.org/4.14.14-096-x86-cpu-AMD-Make-LFENCE-a-serializing-instruc.patch + patches.kernel.org/4.14.14-097-x86-cpu-AMD-Use-LFENCE_RDTSC-in-preference-to.patch + patches.kernel.org/4.14.14-098-sysfs-cpu-Fix-typos-in-vulnerability-document.patch + patches.kernel.org/4.14.14-099-x86-alternatives-Fix-optimize_nops-checking.patch + patches.kernel.org/4.14.14-100-x86-pti-Make-unpoison-of-pgd-for-trusted-boot.patch + patches.kernel.org/4.14.14-101-objtool-Detect-jumps-to-retpoline-thunks.patch + patches.kernel.org/4.14.14-102-objtool-Allow-alternatives-to-be-ignored.patch + patches.kernel.org/4.14.14-103-x86-retpoline-Add-initial-retpoline-support.patch + patches.kernel.org/4.14.14-104-x86-spectre-Add-boot-time-option-to-select-Sp.patch + patches.kernel.org/4.14.14-105-x86-retpoline-crypto-Convert-crypto-assembler.patch + patches.kernel.org/4.14.14-106-x86-retpoline-entry-Convert-entry-assembler-i.patch + patches.kernel.org/4.14.14-107-x86-retpoline-ftrace-Convert-ftrace-assembler.patch + patches.kernel.org/4.14.14-108-x86-retpoline-hyperv-Convert-assembler-indire.patch + patches.kernel.org/4.14.14-109-x86-retpoline-xen-Convert-Xen-hypercall-indir.patch + patches.kernel.org/4.14.14-110-x86-retpoline-checksum32-Convert-assembler-in.patch + patches.kernel.org/4.14.14-111-x86-retpoline-irq32-Convert-assembler-indirec.patch + patches.kernel.org/4.14.14-112-x86-retpoline-Fill-return-stack-buffer-on-vme.patch + patches.kernel.org/4.14.14-113-selftests-x86-Add-test_vsyscall.patch + patches.kernel.org/4.14.14-114-x86-pti-Fix-PCID-and-sanitize-defines.patch + patches.kernel.org/4.14.14-115-security-Kconfig-Correct-the-Documentation-re.patch + patches.kernel.org/4.14.14-116-x86-perf-Disable-intel_bts-when-PTI.patch + patches.kernel.org/4.14.14-117-x86-retpoline-Remove-compile-time-warning.patch + patches.kernel.org/4.14.14-118-Linux-4.14.14.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -1329,10 +1447,7 @@ patches.suse/setuid-dumpable-wrongdir patches.suse/0002-futex-futex_wake_op-fix-sign_extend32-sign-bits.patch - patches.suse/0001-x86-cpu-AMD-Make-the-LFENCE-instruction-serialized.patch - patches.suse/0002-x86-cpu-AMD-Remove-now-unused-definition-of-MFENCE_R.patch patches.suse/0003-locking-barriers-introduce-new-observable-speculatio.patch - patches.suse/0004-bpf-prevent-speculative-execution-in-eBPF-interprete.patch patches.suse/0005-x86-bpf-jit-prevent-speculative-execution-when-JIT-i.patch patches.suse/0006-uvcvideo-prevent-speculative-execution.patch patches.suse/0007-carl9170-prevent-speculative-execution.patch @@ -1365,15 +1480,11 @@ patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch - patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch - patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch patches.suse/0022-x86-spec_ctrl-Add-lock-to-serialize-changes-to-ibrs-.patch patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch patches.suse/0024-x86-microcode-Recheck-IBRS-and-IBPB-feature-on-micro.patch patches.suse/0025-x86-cpu-AMD-Add-speculative-control-support-for-AMD.patch - patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch - patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch patches.suse/0030-Use-the-ibrs_inuse-variable.patch @@ -1382,9 +1493,10 @@ patches.suse/0033-KVM-x86-add-SPEC_CTRL-to-MSR-and-CPUID-lists.patch patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch patches.suse/0035-Use-the-ibpb_inuse-variable.patch - patches.suse/0036-Clear-the-host-registers-after-setbe.patch patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch + patches.suse/orc-fix-retpolines-segfaults.patch + ######################################################## # Architecture-specific patches. These used to be all # at the end of series.conf, but since we don't do @@ -1604,6 +1716,7 @@ ######################################################## # DRM/Video ######################################################## + patches.suse/drm-nouveau-disp-gf119-add-missing-drive-vfunc-ptr ######################################################## # video4linux @@ -1652,6 +1765,7 @@ ########################################################## # Sound ########################################################## + patches.suse/ALSA-seq-Make-ioctls-race-free ######################################################## # Char / serial ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.mjzMTk/_old 2018-01-20 11:24:05.943704191 +0100 +++ /var/tmp/diff_new_pack.mjzMTk/_new 2018-01-20 11:24:05.943704191 +0100 @@ -1,3 +1,3 @@ -2018-01-10 10:14:27 +0100 -GIT Revision: bd444a0ec3f0379d51f2edafa54eaf99cd6a6ca7 +2018-01-17 10:26:10 +0100 +GIT Revision: eef6178e931bfaf3a7984a2c6af465cde4702702 GIT Branch: stable
