diff --git a/dtb-aarch64.changes b/dtb-aarch64.changes index 26866d0a..f71397d2 100644 --- a/dtb-aarch64.changes +++ b/dtb-aarch64.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/dtb-aarch64.spec b/dtb-aarch64.spec index f3d656da..dea96c5e 100644 --- a/dtb-aarch64.spec +++ b/dtb-aarch64.spec @@ -31,7 +31,7 @@ Name: dtb-aarch64 Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif diff --git a/dtb-armv6l.changes b/dtb-armv6l.changes index 26866d0a..f71397d2 100644 --- a/dtb-armv6l.changes +++ b/dtb-armv6l.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/dtb-armv6l.spec b/dtb-armv6l.spec index 5149e792..4de84620 100644 --- a/dtb-armv6l.spec +++ b/dtb-armv6l.spec @@ -31,7 +31,7 @@ Name: dtb-armv6l Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif diff --git a/dtb-armv7l.changes b/dtb-armv7l.changes index 26866d0a..f71397d2 100644 --- a/dtb-armv7l.changes +++ b/dtb-armv7l.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/dtb-armv7l.spec b/dtb-armv7l.spec index dd5dbd83..af7db5cd 100644 --- a/dtb-armv7l.spec +++ b/dtb-armv7l.spec @@ -31,7 +31,7 @@ Name: dtb-armv7l Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif diff --git a/kernel-64kb.changes b/kernel-64kb.changes index 26866d0a..f71397d2 100644 --- a/kernel-64kb.changes +++ b/kernel-64kb.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-64kb.spec b/kernel-64kb.spec index 84153344..f757c6d0 100644 --- a/kernel-64kb.spec +++ b/kernel-64kb.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh diff --git a/kernel-debug.changes b/kernel-debug.changes index 26866d0a..f71397d2 100644 --- a/kernel-debug.changes +++ b/kernel-debug.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-debug.spec b/kernel-debug.spec index f915302a..7656e7b4 100644 --- a/kernel-debug.spec +++ b/kernel-debug.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 diff --git a/kernel-default.changes b/kernel-default.changes index 26866d0a..f71397d2 100644 --- a/kernel-default.changes +++ b/kernel-default.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-default.spec b/kernel-default.spec index 26c0b5c0..ad8f4619 100644 --- a/kernel-default.spec +++ b/kernel-default.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 diff --git a/kernel-docs.changes b/kernel-docs.changes index 26866d0a..f71397d2 100644 --- a/kernel-docs.changes +++ b/kernel-docs.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-docs.spec b/kernel-docs.spec index 60dcc9ff..535dcf1e 100644 --- a/kernel-docs.spec +++ b/kernel-docs.spec @@ -33,7 +33,7 @@ License: GPL-2.0 Group: Documentation/Man Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -63,7 +63,7 @@ BuildRequires: texlive-zapfding %endif Url: http://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz diff --git a/kernel-kvmsmall.changes b/kernel-kvmsmall.changes index 26866d0a..f71397d2 100644 --- a/kernel-kvmsmall.changes +++ b/kernel-kvmsmall.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-kvmsmall.spec b/kernel-kvmsmall.spec index 11ba34b5..f6629220 100644 --- a/kernel-kvmsmall.spec +++ b/kernel-kvmsmall.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh diff --git a/kernel-lpae.changes b/kernel-lpae.changes index 26866d0a..f71397d2 100644 --- a/kernel-lpae.changes +++ b/kernel-lpae.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-lpae.spec b/kernel-lpae.spec index 40707b8c..508fb562 100644 --- a/kernel-lpae.spec +++ b/kernel-lpae.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh diff --git a/kernel-obs-build.changes b/kernel-obs-build.changes index 26866d0a..f71397d2 100644 --- a/kernel-obs-build.changes +++ b/kernel-obs-build.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-obs-build.spec b/kernel-obs-build.spec index 09c956ab..1fe4aeb0 100644 --- a/kernel-obs-build.spec +++ b/kernel-obs-build.spec @@ -45,7 +45,7 @@ BuildRequires: util-linux %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +BuildRequires: kernel%kernel_flavor-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %if 0%{?rhel_version} BuildRequires: kernel @@ -66,7 +66,7 @@ License: GPL-2.0 Group: SLES Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif diff --git a/kernel-obs-qa.changes b/kernel-obs-qa.changes index 26866d0a..f71397d2 100644 --- a/kernel-obs-qa.changes +++ b/kernel-obs-qa.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-obs-qa.spec b/kernel-obs-qa.spec index 7e9d8e42..d8ef4e59 100644 --- a/kernel-obs-qa.spec +++ b/kernel-obs-qa.spec @@ -38,7 +38,7 @@ License: GPL-2.0 Group: SLES Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif diff --git a/kernel-pae.changes b/kernel-pae.changes index 26866d0a..f71397d2 100644 --- a/kernel-pae.changes +++ b/kernel-pae.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-pae.spec b/kernel-pae.spec index c6d574fe..a3f8b525 100644 --- a/kernel-pae.spec +++ b/kernel-pae.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 diff --git a/kernel-source.changes b/kernel-source.changes index 26866d0a..f71397d2 100644 --- a/kernel-source.changes +++ b/kernel-source.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-source.spec b/kernel-source.spec index b14ed5bb..db9dd636 100644 --- a/kernel-source.spec +++ b/kernel-source.spec @@ -32,7 +32,7 @@ License: GPL-2.0 Group: Development/Sources Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -43,7 +43,7 @@ BuildRequires: fdupes BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 Provides: linux Provides: multiversion(kernel) Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz diff --git a/kernel-syms.changes b/kernel-syms.changes index 26866d0a..f71397d2 100644 --- a/kernel-syms.changes +++ b/kernel-syms.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-syms.spec b/kernel-syms.spec index 635a1439..2aa895ba 100644 --- a/kernel-syms.spec +++ b/kernel-syms.spec @@ -27,7 +27,7 @@ Group: Development/Sources Version: 5.0.7 %if %using_buildservice %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -55,7 +55,7 @@ Requires: kernel-zfcpdump-devel = %version-%source_rel %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel diff --git a/kernel-vanilla.changes b/kernel-vanilla.changes index 26866d0a..f71397d2 100644 --- a/kernel-vanilla.changes +++ b/kernel-vanilla.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-vanilla.spec b/kernel-vanilla.spec index 8fe60492..80b14116 100644 --- a/kernel-vanilla.spec +++ b/kernel-vanilla.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh diff --git a/kernel-zfcpdump.changes b/kernel-zfcpdump.changes index 26866d0a..f71397d2 100644 --- a/kernel-zfcpdump.changes +++ b/kernel-zfcpdump.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Mon Apr 15 20:14:10 CEST 2019 - jkosina@suse.cz + +- Delete + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Delete + patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. +- Delete + patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. +- Delete + patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. +- Delete + patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. + Drop SUSE-specific IBRS-on-SKL implementation. Please refer to + page 16 of Intel's paper [1]: "Intel considers the risk of an attack + based on exploiting deep call stacks low." + [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf +- commit 2cfda4d + ------------------------------------------------------------------- Mon Apr 15 12:44:40 CEST 2019 - jslaby@suse.cz diff --git a/kernel-zfcpdump.spec b/kernel-zfcpdump.spec index b40c5293..00ad22d8 100644 --- a/kernel-zfcpdump.spec +++ b/kernel-zfcpdump.spec @@ -64,7 +64,7 @@ License: GPL-2.0 Group: System/Kernel Version: 5.0.7 %if 0%{?is_kotd} -Release: .g8a6bcaf +Release: .g2cfda4d %else Release: 0 %endif @@ -169,10 +169,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a -Provides: kernel-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: kernel-%build_flavor-base-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 +Provides: kernel-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 # END COMMON DEPS -Provides: %name-srchash-8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +Provides: %name-srchash-2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%srcversion.tar.xz Source2: source-post.sh diff --git a/patches.suse.tar.bz2 b/patches.suse.tar.bz2 index 6a24b784..24f30082 100644 --- a/patches.suse.tar.bz2 +++ b/patches.suse.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bf15c5415b4231c35d8ded709c60f618ed8fae819b5f3c36bc7887ae8a424e30 -size 64932 +oid sha256:484e9dff78c735205f9d7e215bf13f9feec990da6110c568a7f163cdfdedf594 +size 57700 diff --git a/series.conf b/series.conf index adb5f45b..a04e10e0 100644 --- a/series.conf +++ b/series.conf @@ -884,12 +884,6 @@ ######################################################## patches.suse/setuid-dumpable-wrongdir - patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch - patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch - patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch - patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch - patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch - ######################################################## # Architecture-specific patches. These used to be all # at the end of series.conf, but since we don't do diff --git a/source-timestamp b/source-timestamp index 3aae0d82..5db94974 100644 --- a/source-timestamp +++ b/source-timestamp @@ -1,3 +1,3 @@ -2019-04-15 10:44:40 +0000 -GIT Revision: 8a6bcaff649fe1ebc483fd261eca6095e34b9b9a +2019-04-17 06:41:55 +0000 +GIT Revision: 2cfda4d1d1e1e98c4dffaf10f9cf8c433237ded1 GIT Branch: stable