From 46388e6345f917b95b6bf9db48664249e1422f4b861a770fc21a19017678c28a Mon Sep 17 00:00:00 2001
From: Michal Suchanek <msuchanek@suse.com>
Date: Mon, 22 Jan 2018 07:02:01 +0000
Subject: [PATCH] commit 5790c9a8ade634fc9469aad06597fe050c918f0e

OBS-URL: https://build.opensuse.org/package/show/Kernel:stable/kernel-source?expand=0&rev=807
---
 dtb-aarch64.changes      | 55 ++++++++++++++++++++++++++++++++++++++++
 dtb-aarch64.spec         |  2 +-
 dtb-armv6l.changes       | 55 ++++++++++++++++++++++++++++++++++++++++
 dtb-armv6l.spec          |  2 +-
 dtb-armv7l.changes       | 55 ++++++++++++++++++++++++++++++++++++++++
 dtb-armv7l.spec          |  2 +-
 kernel-64kb.changes      | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-64kb.spec         |  2 +-
 kernel-debug.changes     | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-debug.spec        |  2 +-
 kernel-default.changes   | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-default.spec      |  2 +-
 kernel-docs.changes      | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-docs.spec         |  2 +-
 kernel-lpae.changes      | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-lpae.spec         |  2 +-
 kernel-obs-build.changes | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-obs-build.spec    |  2 +-
 kernel-obs-qa.changes    | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-obs-qa.spec       |  2 +-
 kernel-pae.changes       | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-pae.spec          |  2 +-
 kernel-source.changes    | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-source.spec       |  2 +-
 kernel-syms.changes      | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-syms.spec         |  2 +-
 kernel-syzkaller.changes | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-syzkaller.spec    |  2 +-
 kernel-vanilla.changes   | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-vanilla.spec      |  2 +-
 kernel-zfcpdump.changes  | 55 ++++++++++++++++++++++++++++++++++++++++
 kernel-zfcpdump.spec     |  2 +-
 patches.suse.tar.bz2     |  4 +--
 series.conf              | 11 +++++---
 source-timestamp         |  4 +--
 35 files changed, 908 insertions(+), 23 deletions(-)

diff --git a/dtb-aarch64.changes b/dtb-aarch64.changes
index 0d03bd6c..7ddf67ff 100644
--- a/dtb-aarch64.changes
+++ b/dtb-aarch64.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/dtb-aarch64.spec b/dtb-aarch64.spec
index 3f2b054f..a80f8036 100644
--- a/dtb-aarch64.spec
+++ b/dtb-aarch64.spec
@@ -31,7 +31,7 @@
 Name:           dtb-aarch64
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/dtb-armv6l.changes b/dtb-armv6l.changes
index 0d03bd6c..7ddf67ff 100644
--- a/dtb-armv6l.changes
+++ b/dtb-armv6l.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/dtb-armv6l.spec b/dtb-armv6l.spec
index b561c30b..ef620d6f 100644
--- a/dtb-armv6l.spec
+++ b/dtb-armv6l.spec
@@ -31,7 +31,7 @@
 Name:           dtb-armv6l
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/dtb-armv7l.changes b/dtb-armv7l.changes
index 0d03bd6c..7ddf67ff 100644
--- a/dtb-armv7l.changes
+++ b/dtb-armv7l.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/dtb-armv7l.spec b/dtb-armv7l.spec
index 59c0ed18..2cda8ebd 100644
--- a/dtb-armv7l.spec
+++ b/dtb-armv7l.spec
@@ -31,7 +31,7 @@
 Name:           dtb-armv7l
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-64kb.changes b/kernel-64kb.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-64kb.changes
+++ b/kernel-64kb.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-64kb.spec b/kernel-64kb.spec
index 2ccf01a5..4c704e58 100644
--- a/kernel-64kb.spec
+++ b/kernel-64kb.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-debug.changes b/kernel-debug.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-debug.changes
+++ b/kernel-debug.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-debug.spec b/kernel-debug.spec
index 39a48645..0629924e 100644
--- a/kernel-debug.spec
+++ b/kernel-debug.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-default.changes b/kernel-default.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-default.changes
+++ b/kernel-default.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-default.spec b/kernel-default.spec
index a4a2547c..76400abe 100644
--- a/kernel-default.spec
+++ b/kernel-default.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-docs.changes b/kernel-docs.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-docs.changes
+++ b/kernel-docs.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-docs.spec b/kernel-docs.spec
index eb340fa9..b3f261b0 100644
--- a/kernel-docs.spec
+++ b/kernel-docs.spec
@@ -33,7 +33,7 @@ License:        GPL-2.0
 Group:          Documentation/Man
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-lpae.changes b/kernel-lpae.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-lpae.changes
+++ b/kernel-lpae.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-lpae.spec b/kernel-lpae.spec
index 26f82711..b978a90b 100644
--- a/kernel-lpae.spec
+++ b/kernel-lpae.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-obs-build.changes b/kernel-obs-build.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-obs-build.changes
+++ b/kernel-obs-build.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-obs-build.spec b/kernel-obs-build.spec
index f6cc0751..a34b99d6 100644
--- a/kernel-obs-build.spec
+++ b/kernel-obs-build.spec
@@ -59,7 +59,7 @@ License:        GPL-2.0
 Group:          SLES
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-obs-qa.changes b/kernel-obs-qa.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-obs-qa.changes
+++ b/kernel-obs-qa.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-obs-qa.spec b/kernel-obs-qa.spec
index f7c3bd1d..ba21a18a 100644
--- a/kernel-obs-qa.spec
+++ b/kernel-obs-qa.spec
@@ -38,7 +38,7 @@ License:        GPL-2.0
 Group:          SLES
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-pae.changes b/kernel-pae.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-pae.changes
+++ b/kernel-pae.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-pae.spec b/kernel-pae.spec
index 5a183a8b..ea125a1b 100644
--- a/kernel-pae.spec
+++ b/kernel-pae.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-source.changes b/kernel-source.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-source.changes
+++ b/kernel-source.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-source.spec b/kernel-source.spec
index 7db93176..68c1fb32 100644
--- a/kernel-source.spec
+++ b/kernel-source.spec
@@ -32,7 +32,7 @@ License:        GPL-2.0
 Group:          Development/Sources
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-syms.changes b/kernel-syms.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-syms.changes
+++ b/kernel-syms.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-syms.spec b/kernel-syms.spec
index 015d2dbc..60bcba29 100644
--- a/kernel-syms.spec
+++ b/kernel-syms.spec
@@ -27,7 +27,7 @@ Group:          Development/Sources
 Version:        4.14.14
 %if %using_buildservice
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-syzkaller.changes b/kernel-syzkaller.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-syzkaller.changes
+++ b/kernel-syzkaller.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-syzkaller.spec b/kernel-syzkaller.spec
index ec620d69..0883b747 100644
--- a/kernel-syzkaller.spec
+++ b/kernel-syzkaller.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-vanilla.changes b/kernel-vanilla.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-vanilla.changes
+++ b/kernel-vanilla.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-vanilla.spec b/kernel-vanilla.spec
index 4069976f..d3ed2beb 100644
--- a/kernel-vanilla.spec
+++ b/kernel-vanilla.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/kernel-zfcpdump.changes b/kernel-zfcpdump.changes
index 0d03bd6c..7ddf67ff 100644
--- a/kernel-zfcpdump.changes
+++ b/kernel-zfcpdump.changes
@@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Sun Jan 21 14:58:37 CET 2018 - jslaby@suse.cz
+
+- x86/cpufeatures: Add Intel feature bits for Speculation Control
+  (bsc#1068032 CVE-2017-5715).
+- x86/cpufeatures: Add AMD feature bits for Prediction Command
+  (bsc#1068032 CVE-2017-5715).
+- x86/msr: Add definitions for new speculation control MSRs
+  (bsc#1068032 CVE-2017-5715).
+- module: Add retpoline tag to VERMAGIC (bsc#1068032
+  CVE-2017-5715).
+- x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB
+  macros (bsc#1068032 CVE-2017-5715).
+- x86/retpoline: Fill RSB on context switch for affected CPUs
+  (bsc#1068032 CVE-2017-5715).
+- Refresh
+  patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch.
+- Refresh
+  patches.suse/0008-x86-spec_ctrl-save-IBRS-MSR-value-in-paranoid_entry.patch.
+- Refresh
+  patches.suse/0009-x86-idle-Disable-IBRS-entering-idle-and-enable-it-on.patch.
+- Refresh
+  patches.suse/0010-x86-idle-Disable-IBRS-when-offlining-cpu-and-re-enab.patch.
+- Refresh
+  patches.suse/0011-x86-mm-Set-IBPB-upon-context-switch.patch.
+- Refresh
+  patches.suse/0012-x86-mm-Only-set-IBPB-when-the-new-thread-cannot-ptra.patch.
+- Refresh
+  patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch.
+- Refresh
+  patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch.
+- Refresh
+  patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch.
+- Refresh
+  patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch.
+- Refresh
+  patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh patches.suse/0030-Use-the-ibrs_inuse-variable.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch.
+- Refresh patches.suse/0035-Use-the-ibpb_inuse-variable.patch.
+- Refresh
+  patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch.
+- Delete
+  patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch.
+- Delete
+  patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch.
+- Delete
+  patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch.
+- commit 5790c9a
+
 -------------------------------------------------------------------
 Wed Jan 17 10:26:10 CET 2018 - jslaby@suse.cz
 
diff --git a/kernel-zfcpdump.spec b/kernel-zfcpdump.spec
index 1407d83f..5ac8ecdb 100644
--- a/kernel-zfcpdump.spec
+++ b/kernel-zfcpdump.spec
@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.14
 %if 0%{?is_kotd}
-Release:        <RELEASE>.geef6178
+Release:        <RELEASE>.g5790c9a
 %else
 Release:        0
 %endif
diff --git a/patches.suse.tar.bz2 b/patches.suse.tar.bz2
index cd72b04d..e66cd367 100644
--- a/patches.suse.tar.bz2
+++ b/patches.suse.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b2311dc1f0a491ead6a9ba9fab25a07b19c5bc542b9d86ba4c2371e0c6cf9f1c
-size 77048
+oid sha256:8b8fce43293d9fd53cd14dd2235fad347c7f78263ee51551ca846f075fc4a37d
+size 80615
diff --git a/series.conf b/series.conf
index 04f2e85b..680c7b83 100644
--- a/series.conf
+++ b/series.conf
@@ -1447,6 +1447,10 @@
 	patches.suse/setuid-dumpable-wrongdir
 	patches.suse/0002-futex-futex_wake_op-fix-sign_extend32-sign-bits.patch
 
+	patches.suse/module-Add-retpoline-tag-to-VERMAGIC.patch
+	patches.suse/x86-retpoline-Add-LFENCE-to-the-retpoline-RSB-fillin.patch
+	patches.suse/x86-retpoline-Fill-RSB-on-context-switch-for-affecte.patch
+
 	patches.suse/0003-locking-barriers-introduce-new-observable-speculatio.patch
 	patches.suse/0005-x86-bpf-jit-prevent-speculative-execution-when-JIT-i.patch
 	patches.suse/0006-uvcvideo-prevent-speculative-execution.patch
@@ -1462,9 +1466,10 @@
 	patches.suse/0016-udf-prevent-speculative-execution.patch
 	patches.suse/0017-userns-prevent-speculative-execution.patch
 
-	patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch
-	patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch
-	patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch
+	patches.suse/0001-x86-cpufeatures-Add-Intel-feature-bits-for-Speculati.patch
+	patches.suse/0002-x86-cpufeatures-Add-AMD-feature-bits-for-Prediction-.patch
+	patches.suse/0003-x86-msr-Add-definitions-for-new-speculation-control-.patch
+
 	patches.suse/0004-x86-feature-Report-presence-of-IBPB-and-IBRS-control.patch
 	patches.suse/0005-x86-enter-MACROS-to-set-clear-IBRS-and-set-IBPB.patch
 	patches.suse/0006-x86-Add-macro-that-does-not-save-rax-rcx-rdx-on-stac.patch
diff --git a/source-timestamp b/source-timestamp
index aa39e17e..0704150c 100644
--- a/source-timestamp
+++ b/source-timestamp
@@ -1,3 +1,3 @@
-2018-01-17 10:26:10 +0100
-GIT Revision: eef6178e931bfaf3a7984a2c6af465cde4702702
+2018-01-21 14:58:37 +0100
+GIT Revision: 5790c9a8ade634fc9469aad06597fe050c918f0e
 GIT Branch: stable