Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2020-06-21 19:03:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source" Sun Jun 21 19:03:37 2020 rev:545 rq:814606 version:5.7.2 Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes 2020-06-12 21:37:27.479790757 +0200 +++ /work/SRC/openSUSE:Factory/.kernel-source.new.3606/dtb-aarch64.changes 2020-06-21 19:48:38.909523264 +0200 @@ -1,0 +2,71 @@ +Fri Jun 12 19:07:00 CEST 2020 - [email protected] + +- x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect + branches (bsc#1172783 CVE-2020-10768). +- commit 3bb02b8 + +------------------------------------------------------------------- +Fri Jun 12 11:47:42 CEST 2020 - [email protected] + +- x86/speculation: Prevent rogue cross-process SSBD shutdown + (bsc#1172781 CVE-2020-10766). +- commit 765c970 + +------------------------------------------------------------------- +Fri Jun 12 10:21:21 CEST 2020 - [email protected] + +- iwl: fix crash in iwl_dbg_tlv_alloc_trigger (iwlwifi crash). +- commit 6645a57 + +------------------------------------------------------------------- +Thu Jun 11 18:18:57 CEST 2020 - [email protected] + +- x86/speculation: Avoid force-disabling IBPB based on STIBP + and enhanced IBRS (bsc#1172782 CVE-2020-10767). +- commit 5c5774f + +------------------------------------------------------------------- +Thu Jun 11 09:35:04 CEST 2020 - [email protected] + +- Linux 5.7.2 (bnc#1012628). +- uprobes: ensure that uprobe->offset and ->ref_ctr_offset are + properly aligned (bnc#1012628). +- x86/speculation: Add Ivy Bridge to affected list (bnc#1012628). +- x86/speculation: Add SRBDS vulnerability and mitigation + documentation (bnc#1012628). +- x86/speculation: Add Special Register Buffer Data Sampling + (SRBDS) mitigation (bnc#1012628). +- x86/cpu: Add 'table' argument to cpu_matches() (bnc#1012628). +- x86/cpu: Add a steppings field to struct x86_cpu_id + (bnc#1012628). +- nvmem: qfprom: remove incorrect write support (bnc#1012628). +- CDC-ACM: heed quirk also in error handling (bnc#1012628). +- staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK + (bnc#1012628). +- tty: hvc_console, fix crashes on parallel open/close + (bnc#1012628). +- vt: keyboard: avoid signed integer overflow in k_ascii + (bnc#1012628). +- serial: 8250: Enable 16550A variants by default on non-x86 + (bnc#1012628). +- usb: musb: jz4740: Prevent lockup when CONFIG_SMP is set + (bnc#1012628). +- usb: musb: Fix runtime PM imbalance on error (bnc#1012628). +- usb: musb: start session in resume for host port (bnc#1012628). +- iio: adc: stm32-adc: fix a wrong error message when probing + interrupts (bnc#1012628). +- iio:chemical:pms7003: Fix timestamp alignment and prevent data + leak (bnc#1012628). +- iio: vcnl4000: Fix i2c swapped word reading (bnc#1012628). +- iio:chemical:sps30: Fix timestamp alignment (bnc#1012628). +- USB: serial: ch341: fix lockup of devices with limited prescaler + (bnc#1012628). +- USB: serial: ch341: add basis for quirk detection (bnc#1012628). +- USB: serial: option: add Telit LE910C1-EUX compositions + (bnc#1012628). +- USB: serial: usb_wwan: do not resubmit rx urb on fatal errors + (bnc#1012628). +- USB: serial: qcserial: add DW5816e QDL support (bnc#1012628). +- commit 936fe4f + +------------------------------------------------------------------- dtb-armv6l.changes: same change dtb-armv7l.changes: same change dtb-riscv64.changes: same change kernel-64kb.changes: same change kernel-debug.changes: same change kernel-default.changes: same change kernel-docs.changes: same change kernel-kvmsmall.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-vanilla.changes: same change kernel-zfcpdump.changes: same change ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dtb-aarch64.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.093536013 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.093536013 +0200 @@ -17,7 +17,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build}) Name: dtb-aarch64 -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif dtb-armv6l.spec: same change dtb-armv7l.spec: same change dtb-riscv64.spec: same change ++++++ kernel-64kb.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.185536381 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.185536381 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.209536477 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.213536493 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: A Debug Version of the Kernel License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 ++++++ kernel-default.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.229536558 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.229536558 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: The Standard Kernel License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.249536638 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.253536653 +0200 @@ -17,7 +17,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Summary: Kernel Documentation License: GPL-2.0 Group: Documentation/Man -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -63,7 +63,7 @@ %endif Url: http://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz ++++++ kernel-kvmsmall.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.269536717 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.273536733 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: The Small Developer Kernel for KVM License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh kernel-lpae.spec: same change ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.309536877 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.309536877 +0200 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 @@ -45,7 +45,7 @@ %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +BuildRequires: kernel%kernel_flavor-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %if 0%{?rhel_version} BuildRequires: kernel @@ -64,9 +64,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0 Group: SLES -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.325536942 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.329536957 +0200 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0 Group: SLES -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.345537022 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.349537038 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: Kernel with PAE Support License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.365537102 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.369537118 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Summary: The Linux Kernel Sources License: GPL-2.0 Group: Development/Sources -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -43,7 +43,7 @@ BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b Provides: linux Provides: multiversion(kernel) Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.385537182 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.385537182 +0200 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0 Group: Development/Sources -Version: 5.7.1 +Version: 5.7.2 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -52,7 +52,7 @@ %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:42.401537246 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:42.401537246 +0200 @@ -18,7 +18,7 @@ %define srcversion 5.7 -%define patchversion 5.7.1 +%define patchversion 5.7.2 %define variant %{nil} %define vanilla_only 0 %define compress_modules xz @@ -65,9 +65,9 @@ Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0 Group: System/Kernel -Version: 5.7.1 +Version: 5.7.2 %if 0%{?is_kotd} -Release: <RELEASE>.g6a549f6 +Release: <RELEASE>.ga96d63c %else Release: 0 %endif @@ -176,10 +176,10 @@ Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 -Provides: kernel-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: kernel-%build_flavor-base-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b +Provides: kernel-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b # END COMMON DEPS -Provides: %name-srchash-6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +Provides: %name-srchash-a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh kernel-zfcpdump.spec: same change ++++++ patches.kernel.org.tar.bz2 ++++++ ++++ 2284 lines of diff (skipped) ++++++ patches.suse.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/iwl-fix-crash-in-iwl_dbg_tlv_alloc_trigger.patch new/patches.suse/iwl-fix-crash-in-iwl_dbg_tlv_alloc_trigger.patch --- old/patches.suse/iwl-fix-crash-in-iwl_dbg_tlv_alloc_trigger.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/iwl-fix-crash-in-iwl_dbg_tlv_alloc_trigger.patch 2020-06-12 19:07:00.000000000 +0200 @@ -0,0 +1,100 @@ +From: Jiri Slaby <[email protected]> +Date: Mon, 8 Jun 2020 11:56:58 +0200 +Subject: iwl: fix crash in iwl_dbg_tlv_alloc_trigger +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +Patch-mainline: Submitted 2020/06/12 +References: iwlwifi crash + +The tlv passed to iwl_dbg_tlv_alloc_trigger comes from a loaded firmware +file. The memory can be marked as read-only as firmware could be +shared. In anyway, writing to this memory is not expected. So, +iwl_dbg_tlv_alloc_trigger can crash now: + + BUG: unable to handle page fault for address: ffffae2c01bfa794 + PF: supervisor write access in kernel mode + PF: error_code(0x0003) - permissions violation + PGD 107d51067 P4D 107d51067 PUD 107d52067 PMD 659ad2067 PTE 8000000662298161 + CPU: 2 PID: 161 Comm: kworker/2:1 Not tainted 5.7.0-3.gad96a07-default #1 openSUSE Tumbleweed (unreleased) + RIP: 0010:iwl_dbg_tlv_alloc_trigger+0x25/0x60 [iwlwifi] + Code: eb f2 0f 1f 00 66 66 66 66 90 83 7e 04 33 48 89 f8 44 8b 46 10 48 89 f7 76 40 41 8d 50 ff 83 fa 19 77 23 8b 56 20 85 d2 75 07 <c7> 46 20 ff ff ff ff 4b 8d 14 40 48 c1 e2 04 48 8d b4 10 00 05 00 + RSP: 0018:ffffae2c00417ce8 EFLAGS: 00010246 + RAX: ffff8f0522334018 RBX: ffff8f0522334018 RCX: ffffffffc0fc26c0 + RDX: 0000000000000000 RSI: ffffae2c01bfa774 RDI: ffffae2c01bfa774 + RBP: 0000000000000000 R08: 0000000000000004 R09: 0000000000000001 + R10: 0000000000000034 R11: ffffae2c01bfa77c R12: ffff8f0522334230 + R13: 0000000001000009 R14: ffff8f0523fdbc00 R15: ffff8f051f395800 + FS: 0000000000000000(0000) GS:ffff8f0527c80000(0000) knlGS:0000000000000000 + CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 + CR2: ffffae2c01bfa794 CR3: 0000000389eba000 CR4: 00000000000006e0 + Call Trace: + iwl_dbg_tlv_alloc+0x79/0x120 [iwlwifi] + iwl_parse_tlv_firmware.isra.0+0x57d/0x1550 [iwlwifi] + iwl_req_fw_callback+0x3f8/0x6a0 [iwlwifi] + request_firmware_work_func+0x47/0x90 + process_one_work+0x1e3/0x3b0 + worker_thread+0x46/0x340 + kthread+0x115/0x140 + ret_from_fork+0x1f/0x40 + +As can be seen, write bit is not set in the PTE. Read of +trig->occurrences succeeds in iwl_dbg_tlv_alloc_trigger, but +trig->occurrences = cpu_to_le32(-1); fails there, obviously. + +This is likely because we (at SUSE) use compressed firmware and that is +marked as RO after decompression (see fw_map_paged_buf). + +Fix it by creating a temporary buffer in case we need to change the +memory. + +Signed-off-by: Jiri Slaby <[email protected]> +Reported-by: Dieter Nützel <[email protected]> +Tested-by: Dieter Nützel <[email protected]> +Cc: Johannes Berg <[email protected]> +Cc: Emmanuel Grumbach <[email protected]> +Cc: Luca Coelho <[email protected]> +Cc: Intel Linux Wireless <[email protected]> +Cc: Kalle Valo <[email protected]> +Cc: "David S. Miller" <[email protected]> +Cc: Jakub Kicinski <[email protected]> +Cc: [email protected] +Cc: [email protected] +--- + drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 16 ++++++++++++++-- + 1 file changed, 14 insertions(+), 2 deletions(-) + +--- a/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c ++++ b/drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c +@@ -263,6 +263,8 @@ static int iwl_dbg_tlv_alloc_trigger(str + { + struct iwl_fw_ini_trigger_tlv *trig = (void *)tlv->data; + u32 tp = le32_to_cpu(trig->time_point); ++ struct iwl_ucode_tlv *dup = NULL; ++ int ret; + + if (le32_to_cpu(tlv->length) < sizeof(*trig)) + return -EINVAL; +@@ -275,10 +277,20 @@ static int iwl_dbg_tlv_alloc_trigger(str + return -EINVAL; + } + +- if (!le32_to_cpu(trig->occurrences)) ++ if (!le32_to_cpu(trig->occurrences)) { ++ dup = kmemdup(tlv, sizeof(*tlv) + le32_to_cpu(tlv->length), ++ GFP_KERNEL); ++ if (!dup) ++ return -ENOMEM; ++ trig = (void *)dup->data; + trig->occurrences = cpu_to_le32(-1); ++ tlv = dup; ++ } ++ ++ ret = iwl_dbg_tlv_add(tlv, &trans->dbg.time_point[tp].trig_list); ++ kfree(dup); + +- return iwl_dbg_tlv_add(tlv, &trans->dbg.time_point[tp].trig_list); ++ return ret; + } + + static int (*dbg_tlv_alloc[])(struct iwl_trans *trans, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch new/patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch --- old/patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch 2020-06-12 19:07:00.000000000 +0200 @@ -0,0 +1,224 @@ +From: Anthony Steinhauser <[email protected]> +Date: Tue, 19 May 2020 06:40:42 -0700 +Subject: x86/speculation: Avoid force-disabling IBPB based on STIBP and + enhanced IBRS. +Git-commit: 21998a351512eba4ed5969006f0c55882d995ada +Patch-mainline: v5.8-rc1 +References: bsc#1172782 CVE-2020-10767 + +When STIBP is unavailable or enhanced IBRS is available, Linux +force-disables the IBPB mitigation of Spectre-BTB even when simultaneous +multithreading is disabled. While attempts to enable IBPB using +prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, ...) fail with +EPERM, the seccomp syscall (or its prctl(PR_SET_SECCOMP, ...) equivalent) +which are used e.g. by Chromium or OpenSSH succeed with no errors but the +application remains silently vulnerable to cross-process Spectre v2 attacks +(classical BTB poisoning). At the same time the SYSFS reporting +(/sys/devices/system/cpu/vulnerabilities/spectre_v2) displays that IBPB is +conditionally enabled when in fact it is unconditionally disabled. + +STIBP is useful only when SMT is enabled. When SMT is disabled and STIBP is +unavailable, it makes no sense to force-disable also IBPB, because IBPB +protects against cross-process Spectre-BTB attacks regardless of the SMT +state. At the same time since missing STIBP was only observed on AMD CPUs, +AMD does not recommend using STIBP, but recommends using IBPB, so disabling +IBPB because of missing STIBP goes directly against AMD's advice: +https://developer.amd.com/wp-content/resources/Architecture_Guidelines_Update_Indirect_Branch_Control.pdf + +Similarly, enhanced IBRS is designed to protect cross-core BTB poisoning +and BTB-poisoning attacks from user space against kernel (and +BTB-poisoning attacks from guest against hypervisor), it is not designed +to prevent cross-process (or cross-VM) BTB poisoning between processes (or +VMs) running on the same core. Therefore, even with enhanced IBRS it is +necessary to flush the BTB during context-switches, so there is no reason +to force disable IBPB when enhanced IBRS is available. + +Enable the prctl control of IBPB even when STIBP is unavailable or enhanced +IBRS is available. + +Fixes: 7cc765a67d8e ("x86/speculation: Enable prctl mode for spectre_v2_user") +Signed-off-by: Anthony Steinhauser <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Cc: [email protected] + +Acked-by: Borislav Petkov <[email protected]> +--- + arch/x86/kernel/cpu/bugs.c | 87 ++++++++++++++++++++++++++-------------------- + 1 file changed, 50 insertions(+), 37 deletions(-) + +diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c +index ed54b3b21c39..8d57562b1d2c 100644 +--- a/arch/x86/kernel/cpu/bugs.c ++++ b/arch/x86/kernel/cpu/bugs.c +@@ -495,7 +495,9 @@ early_param("nospectre_v1", nospectre_v1_cmdline); + static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = + SPECTRE_V2_NONE; + +-static enum spectre_v2_user_mitigation spectre_v2_user __ro_after_init = ++static enum spectre_v2_user_mitigation spectre_v2_user_stibp __ro_after_init = ++ SPECTRE_V2_USER_NONE; ++static enum spectre_v2_user_mitigation spectre_v2_user_ibpb __ro_after_init = + SPECTRE_V2_USER_NONE; + + #ifdef CONFIG_RETPOLINE +@@ -641,15 +643,6 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd) + break; + } + +- /* +- * At this point, an STIBP mode other than "off" has been set. +- * If STIBP support is not being forced, check if STIBP always-on +- * is preferred. +- */ +- if (mode != SPECTRE_V2_USER_STRICT && +- boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) +- mode = SPECTRE_V2_USER_STRICT_PREFERRED; +- + /* Initialize Indirect Branch Prediction Barrier */ + if (boot_cpu_has(X86_FEATURE_IBPB)) { + setup_force_cpu_cap(X86_FEATURE_USE_IBPB); +@@ -672,23 +665,36 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd) + pr_info("mitigation: Enabling %s Indirect Branch Prediction Barrier\n", + static_key_enabled(&switch_mm_always_ibpb) ? + "always-on" : "conditional"); ++ ++ spectre_v2_user_ibpb = mode; + } + +- /* If enhanced IBRS is enabled no STIBP required */ +- if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) ++ /* ++ * If enhanced IBRS is enabled or SMT impossible, STIBP is not ++ * required. ++ */ ++ if (!smt_possible || spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) + return; + + /* +- * If SMT is not possible or STIBP is not available clear the STIBP +- * mode. ++ * At this point, an STIBP mode other than "off" has been set. ++ * If STIBP support is not being forced, check if STIBP always-on ++ * is preferred. ++ */ ++ if (mode != SPECTRE_V2_USER_STRICT && ++ boot_cpu_has(X86_FEATURE_AMD_STIBP_ALWAYS_ON)) ++ mode = SPECTRE_V2_USER_STRICT_PREFERRED; ++ ++ /* ++ * If STIBP is not available, clear the STIBP mode. + */ +- if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP)) ++ if (!boot_cpu_has(X86_FEATURE_STIBP)) + mode = SPECTRE_V2_USER_NONE; ++ ++ spectre_v2_user_stibp = mode; ++ + set_mode: +- spectre_v2_user = mode; +- /* Only print the STIBP mode when SMT possible */ +- if (smt_possible) +- pr_info("%s\n", spectre_v2_user_strings[mode]); ++ pr_info("%s\n", spectre_v2_user_strings[mode]); + } + + static const char * const spectre_v2_strings[] = { +@@ -921,7 +927,7 @@ void cpu_bugs_smt_update(void) + { + mutex_lock(&spec_ctrl_mutex); + +- switch (spectre_v2_user) { ++ switch (spectre_v2_user_stibp) { + case SPECTRE_V2_USER_NONE: + break; + case SPECTRE_V2_USER_STRICT: +@@ -1164,14 +1170,16 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) + { + switch (ctrl) { + case PR_SPEC_ENABLE: +- if (spectre_v2_user == SPECTRE_V2_USER_NONE) ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && ++ spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) + return 0; + /* + * Indirect branch speculation is always disabled in strict + * mode. + */ +- if (spectre_v2_user == SPECTRE_V2_USER_STRICT || +- spectre_v2_user == SPECTRE_V2_USER_STRICT_PREFERRED) ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) + return -EPERM; + task_clear_spec_ib_disable(task); + task_update_spec_tif(task); +@@ -1182,10 +1190,12 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) + * Indirect branch speculation is always allowed when + * mitigation is force disabled. + */ +- if (spectre_v2_user == SPECTRE_V2_USER_NONE) ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && ++ spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) + return -EPERM; +- if (spectre_v2_user == SPECTRE_V2_USER_STRICT || +- spectre_v2_user == SPECTRE_V2_USER_STRICT_PREFERRED) ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) + return 0; + task_set_spec_ib_disable(task); + if (ctrl == PR_SPEC_FORCE_DISABLE) +@@ -1216,7 +1226,8 @@ void arch_seccomp_spec_mitigate(struct task_struct *task) + { + if (ssb_mode == SPEC_STORE_BYPASS_SECCOMP) + ssb_prctl_set(task, PR_SPEC_FORCE_DISABLE); +- if (spectre_v2_user == SPECTRE_V2_USER_SECCOMP) ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) + ib_prctl_set(task, PR_SPEC_FORCE_DISABLE); + } + #endif +@@ -1247,22 +1258,24 @@ static int ib_prctl_get(struct task_struct *task) + if (!boot_cpu_has_bug(X86_BUG_SPECTRE_V2)) + return PR_SPEC_NOT_AFFECTED; + +- switch (spectre_v2_user) { +- case SPECTRE_V2_USER_NONE: ++ if (spectre_v2_user_ibpb == SPECTRE_V2_USER_NONE && ++ spectre_v2_user_stibp == SPECTRE_V2_USER_NONE) + return PR_SPEC_ENABLE; +- case SPECTRE_V2_USER_PRCTL: +- case SPECTRE_V2_USER_SECCOMP: ++ else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) ++ return PR_SPEC_DISABLE; ++ else if (spectre_v2_user_ibpb == SPECTRE_V2_USER_PRCTL || ++ spectre_v2_user_ibpb == SPECTRE_V2_USER_SECCOMP || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_PRCTL || ++ spectre_v2_user_stibp == SPECTRE_V2_USER_SECCOMP) { + if (task_spec_ib_force_disable(task)) + return PR_SPEC_PRCTL | PR_SPEC_FORCE_DISABLE; + if (task_spec_ib_disable(task)) + return PR_SPEC_PRCTL | PR_SPEC_DISABLE; + return PR_SPEC_PRCTL | PR_SPEC_ENABLE; +- case SPECTRE_V2_USER_STRICT: +- case SPECTRE_V2_USER_STRICT_PREFERRED: +- return PR_SPEC_DISABLE; +- default: ++ } else + return PR_SPEC_NOT_AFFECTED; +- } + } + + int arch_prctl_spec_ctrl_get(struct task_struct *task, unsigned long which) +@@ -1501,7 +1514,7 @@ static char *stibp_state(void) + if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED) + return ""; + +- switch (spectre_v2_user) { ++ switch (spectre_v2_user_stibp) { + case SPECTRE_V2_USER_NONE: + return ", STIBP: disabled"; + case SPECTRE_V2_USER_STRICT: + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch new/patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch --- old/patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch 2020-06-12 19:07:00.000000000 +0200 @@ -0,0 +1,51 @@ +From: Anthony Steinhauser <[email protected]> +Date: Sun, 7 Jun 2020 05:44:19 -0700 +Subject: x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect + branches. +Git-commit: 4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf +Patch-mainline: v5.8-rc1 +References: bsc#1172783 CVE-2020-10768 + +Currently, it is possible to enable indirect branch speculation even after +it was force-disabled using the PR_SPEC_FORCE_DISABLE option. Moreover, the +PR_GET_SPECULATION_CTRL command gives afterwards an incorrect result +(force-disabled when it is in fact enabled). This also is inconsistent +vs. STIBP and the documention which cleary states that +PR_SPEC_FORCE_DISABLE cannot be undone. + +Fix this by actually enforcing force-disabled indirect branch +speculation. PR_SPEC_ENABLE called after PR_SPEC_FORCE_DISABLE now fails +with -EPERM as described in the documentation. + +Fixes: 9137bb27e60e ("x86/speculation: Add prctl() control for indirect branch speculation") +Signed-off-by: Anthony Steinhauser <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Cc: [email protected] + +Acked-by: Borislav Petkov <[email protected]> +--- + arch/x86/kernel/cpu/bugs.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c +index 8d57562b1d2c..56f573aa764f 100644 +--- a/arch/x86/kernel/cpu/bugs.c ++++ b/arch/x86/kernel/cpu/bugs.c +@@ -1175,11 +1175,14 @@ static int ib_prctl_set(struct task_struct *task, unsigned long ctrl) + return 0; + /* + * Indirect branch speculation is always disabled in strict +- * mode. ++ * mode. It can neither be enabled if it was force-disabled ++ * by a previous prctl call. ++ + */ + if (spectre_v2_user_ibpb == SPECTRE_V2_USER_STRICT || + spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT || +- spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED) ++ spectre_v2_user_stibp == SPECTRE_V2_USER_STRICT_PREFERRED || ++ task_spec_ib_force_disable(task)) + return -EPERM; + task_clear_spec_ib_disable(task); + task_update_spec_tif(task); + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch new/patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch --- old/patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch 2020-06-12 19:07:00.000000000 +0200 @@ -0,0 +1,97 @@ +From: Anthony Steinhauser <[email protected]> +Date: Sun, 5 Jan 2020 12:19:43 -0800 +Subject: x86/speculation: Prevent rogue cross-process SSBD shutdown +Git-commit: dbbe2ad02e9df26e372f38cc3e70dab9222c832e +Patch-mainline: v5.8-rc1 +References: bsc#1172781 CVE-2020-10766 + +On context switch the change of TIF_SSBD and TIF_SPEC_IB are evaluated +to adjust the mitigations accordingly. This is optimized to avoid the +expensive MSR write if not needed. + +This optimization is buggy and allows an attacker to shutdown the SSBD +protection of a victim process. + +The update logic reads the cached base value for the speculation control +MSR which has neither the SSBD nor the STIBP bit set. It then OR's the +SSBD bit only when TIF_SSBD is different and requests the MSR update. + +That means if TIF_SSBD of the previous and next task are the same, then +the base value is not updated, even if TIF_SSBD is set. The MSR write is +not requested. + +Subsequently if the TIF_STIBP bit differs then the STIBP bit is updated +in the base value and the MSR is written with a wrong SSBD value. + +This was introduced when the per task/process conditional STIPB +switching was added on top of the existing SSBD switching. + +It is exploitable if the attacker creates a process which enforces SSBD +and has the contrary value of STIBP than the victim process (i.e. if the +victim process enforces STIBP, the attacker process must not enforce it; +if the victim process does not enforce STIBP, the attacker process must +enforce it) and schedule it on the same core as the victim process. If +the victim runs after the attacker the victim becomes vulnerable to +Spectre V4. + +To fix this, update the MSR value independent of the TIF_SSBD difference +and dependent on the SSBD mitigation method available. This ensures that +a subsequent STIPB initiated MSR write has the correct state of SSBD. + +[ tglx: Handle X86_FEATURE_VIRT_SSBD & X86_FEATURE_VIRT_SSBD correctly + and massaged changelog ] + +Fixes: 5bfbe3ad5840 ("x86/speculation: Prepare for per task indirect branch speculation control") +Signed-off-by: Anthony Steinhauser <[email protected]> +Signed-off-by: Thomas Gleixner <[email protected]> +Cc: [email protected] + +Acked-by: Borislav Petkov <[email protected]> +--- + arch/x86/kernel/process.c | 28 ++++++++++------------------ + 1 file changed, 10 insertions(+), 18 deletions(-) + +diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c +index 35638f1c5791..8f4533c1a4ec 100644 +--- a/arch/x86/kernel/process.c ++++ b/arch/x86/kernel/process.c +@@ -545,28 +545,20 @@ static __always_inline void __speculation_ctrl_update(unsigned long tifp, + + lockdep_assert_irqs_disabled(); + +- /* +- * If TIF_SSBD is different, select the proper mitigation +- * method. Note that if SSBD mitigation is disabled or permanentely +- * enabled this branch can't be taken because nothing can set +- * TIF_SSBD. +- */ +- if (tif_diff & _TIF_SSBD) { +- if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) { ++ /* Handle change of TIF_SSBD depending on the mitigation method. */ ++ if (static_cpu_has(X86_FEATURE_VIRT_SSBD)) { ++ if (tif_diff & _TIF_SSBD) + amd_set_ssb_virt_state(tifn); +- } else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) { ++ } else if (static_cpu_has(X86_FEATURE_LS_CFG_SSBD)) { ++ if (tif_diff & _TIF_SSBD) + amd_set_core_ssb_state(tifn); +- } else if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD) || +- static_cpu_has(X86_FEATURE_AMD_SSBD)) { +- msr |= ssbd_tif_to_spec_ctrl(tifn); +- updmsr = true; +- } ++ } else if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD) || ++ static_cpu_has(X86_FEATURE_AMD_SSBD)) { ++ updmsr |= !!(tif_diff & _TIF_SSBD); ++ msr |= ssbd_tif_to_spec_ctrl(tifn); + } + +- /* +- * Only evaluate TIF_SPEC_IB if conditional STIBP is enabled, +- * otherwise avoid the MSR write. +- */ ++ /* Only evaluate TIF_SPEC_IB if conditional STIBP is enabled. */ + if (IS_ENABLED(CONFIG_SMP) && + static_branch_unlikely(&switch_to_cond_stibp)) { + updmsr |= !!(tif_diff & _TIF_SPEC_IB); + ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:43.217540513 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:43.217540513 +0200 @@ -42,6 +42,31 @@ patches.kernel.org/5.7.1-013-net-dsa-mt7530-set-CPU-port-to-fallback-mode.patch patches.kernel.org/5.7.1-014-airo-Fix-read-overflows-sending-packets.patch patches.kernel.org/5.7.1-015-Linux-5.7.1.patch + patches.kernel.org/5.7.2-001-USB-serial-qcserial-add-DW5816e-QDL-support.patch + patches.kernel.org/5.7.2-002-USB-serial-usb_wwan-do-not-resubmit-rx-urb-on-f.patch + patches.kernel.org/5.7.2-003-USB-serial-option-add-Telit-LE910C1-EUX-composi.patch + patches.kernel.org/5.7.2-004-USB-serial-ch341-add-basis-for-quirk-detection.patch + patches.kernel.org/5.7.2-005-USB-serial-ch341-fix-lockup-of-devices-with-lim.patch + patches.kernel.org/5.7.2-006-iio-chemical-sps30-Fix-timestamp-alignment.patch + patches.kernel.org/5.7.2-007-iio-vcnl4000-Fix-i2c-swapped-word-reading.patch + patches.kernel.org/5.7.2-008-iio-chemical-pms7003-Fix-timestamp-alignment-an.patch + patches.kernel.org/5.7.2-009-iio-adc-stm32-adc-fix-a-wrong-error-message-whe.patch + patches.kernel.org/5.7.2-010-usb-musb-start-session-in-resume-for-host-port.patch + patches.kernel.org/5.7.2-011-usb-musb-Fix-runtime-PM-imbalance-on-error.patch + patches.kernel.org/5.7.2-012-usb-musb-jz4740-Prevent-lockup-when-CONFIG_SMP-.patch + patches.kernel.org/5.7.2-013-serial-8250-Enable-16550A-variants-by-default-o.patch + patches.kernel.org/5.7.2-014-vt-keyboard-avoid-signed-integer-overflow-in-k_.patch + patches.kernel.org/5.7.2-015-tty-hvc_console-fix-crashes-on-parallel-open-cl.patch + patches.kernel.org/5.7.2-016-staging-rtl8712-Fix-IEEE80211_ADDBA_PARAM_BUF_S.patch + patches.kernel.org/5.7.2-017-CDC-ACM-heed-quirk-also-in-error-handling.patch + patches.kernel.org/5.7.2-018-nvmem-qfprom-remove-incorrect-write-support.patch + patches.kernel.org/5.7.2-019-x86-cpu-Add-a-steppings-field-to-struct-x86_cpu.patch + patches.kernel.org/5.7.2-020-x86-cpu-Add-table-argument-to-cpu_matches.patch + patches.kernel.org/5.7.2-021-x86-speculation-Add-Special-Register-Buffer-Dat.patch + patches.kernel.org/5.7.2-022-x86-speculation-Add-SRBDS-vulnerability-and-mit.patch + patches.kernel.org/5.7.2-023-x86-speculation-Add-Ivy-Bridge-to-affected-list.patch + patches.kernel.org/5.7.2-024-uprobes-ensure-that-uprobe-offset-and-ref_ctr_o.patch + patches.kernel.org/5.7.2-025-Linux-5.7.2.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -70,6 +95,10 @@ patches.suse/KVM-x86-only-do-L1TF-workaround-on-affected-processo.patch patches.suse/KVM-x86-mmu-Set-mmio_value-to-0-if-reserved-PF-can-t.patch patches.suse/syscalls-fix-offset-type-of-ksys_ftruncate.patch + patches.suse/iwl-fix-crash-in-iwl_dbg_tlv_alloc_trigger.patch + patches.suse/x86-speculation-avoid-force-disabling-ibpb-based-on-stibp-and-enhanced-ibrs.patch + patches.suse/x86-speculation-prevent-rogue-cross-process-ssbd-shutdown.patch + patches.suse/x86-speculation-pr_spec_force_disable-enforcement-for-indirect-branches.patch ######################################################## # kbuild/module infrastructure fixes ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.eaJR3h/_old 2020-06-21 19:48:43.241540609 +0200 +++ /var/tmp/diff_new_pack.eaJR3h/_new 2020-06-21 19:48:43.241540609 +0200 @@ -1,3 +1,3 @@ -2020-06-10 11:53:46 +0000 -GIT Revision: 6a549f6dd07f682dbe4308ce21c26c40dca1ffa2 +2020-06-15 04:24:51 +0000 +GIT Revision: a96d63c5f6033d80d0d23e591f21ee0fda8d4e5b GIT Branch: stable
