diff --git a/config.tar.bz2 b/config.tar.bz2 index 8689f971..cf459aca 100644 --- a/config.tar.bz2 +++ b/config.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:878ef454c905783444b27944a6b4f51a1d21496cfe03f755d5b901dca5f30a87 -size 184130 +oid sha256:9db9aea03c5bf0d14460612ffa9f6073a5024573581fc2505fe74eae67ab52ba +size 184074 diff --git a/dtb-aarch64.changes b/dtb-aarch64.changes index 3e7cb37a..93c6ecbd 100644 --- a/dtb-aarch64.changes +++ b/dtb-aarch64.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/dtb-aarch64.spec b/dtb-aarch64.spec index 34dd268d..7a29b157 100644 --- a/dtb-aarch64.spec +++ b/dtb-aarch64.spec @@ -31,7 +31,7 @@ Name: dtb-aarch64 Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif diff --git a/kernel-64kb.changes b/kernel-64kb.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-64kb.changes +++ b/kernel-64kb.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-64kb.spec b/kernel-64kb.spec index 1ad5fd62..93aba343 100644 --- a/kernel-64kb.spec +++ b/kernel-64kb.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1097,8 +1097,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name-base %ifarch %ix86 diff --git a/kernel-debug.changes b/kernel-debug.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-debug.changes +++ b/kernel-debug.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-debug.spec b/kernel-debug.spec index aa10b9fd..8902f452 100644 --- a/kernel-debug.spec +++ b/kernel-debug.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch ppc64 Provides: kernel-kdump = 2.6.28 Obsoletes: kernel-kdump <= 2.6.28 @@ -1103,8 +1103,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch ppc64 Provides: kernel-kdump-base = 2.6.28 diff --git a/kernel-default.changes b/kernel-default.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-default.changes +++ b/kernel-default.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-default.spec b/kernel-default.spec index 5e3b96c8..8831eca5 100644 --- a/kernel-default.spec +++ b/kernel-default.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch %ix86 Provides: kernel-smp = 2.6.17 Obsoletes: kernel-smp <= 2.6.17 @@ -1146,8 +1146,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch %ix86 Provides: kernel-trace-base = 3.13 diff --git a/kernel-docs.changes b/kernel-docs.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-docs.changes +++ b/kernel-docs.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-docs.spec b/kernel-docs.spec index 6f0e6402..889200db 100644 --- a/kernel-docs.spec +++ b/kernel-docs.spec @@ -33,7 +33,7 @@ License: GPL-2.0 Group: Documentation/Man Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -63,7 +63,7 @@ BuildRequires: texlive-zapfding %endif Url: http://www.kernel.org/ Provides: %name = %version-%source_rel -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz diff --git a/kernel-kvmsmall.changes b/kernel-kvmsmall.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-kvmsmall.changes +++ b/kernel-kvmsmall.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-kvmsmall.spec b/kernel-kvmsmall.spec index 6a458b2f..4bcbadc8 100644 --- a/kernel-kvmsmall.spec +++ b/kernel-kvmsmall.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1101,8 +1101,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name-base %ifarch %ix86 diff --git a/kernel-obs-build.changes b/kernel-obs-build.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-obs-build.changes +++ b/kernel-obs-build.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-obs-build.spec b/kernel-obs-build.spec index 017a1571..1b5b13ae 100644 --- a/kernel-obs-build.spec +++ b/kernel-obs-build.spec @@ -45,7 +45,7 @@ BuildRequires: util-linux %endif %endif %endif -BuildRequires: kernel%kernel_flavor-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +BuildRequires: kernel%kernel_flavor-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %if 0%{?rhel_version} BuildRequires: kernel @@ -66,7 +66,7 @@ License: GPL-2.0 Group: SLES Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif diff --git a/kernel-obs-qa.changes b/kernel-obs-qa.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-obs-qa.changes +++ b/kernel-obs-qa.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-obs-qa.spec b/kernel-obs-qa.spec index 8e0ea6ce..5c3b2fc4 100644 --- a/kernel-obs-qa.spec +++ b/kernel-obs-qa.spec @@ -38,7 +38,7 @@ License: GPL-2.0 Group: SLES Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif diff --git a/kernel-pae.changes b/kernel-pae.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-pae.changes +++ b/kernel-pae.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-pae.spec b/kernel-pae.spec index 8d4d26b4..ea2ce7b5 100644 --- a/kernel-pae.spec +++ b/kernel-pae.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch %ix86 Provides: kernel-bigsmp = 2.6.17 Obsoletes: kernel-bigsmp <= 2.6.17 @@ -1123,8 +1123,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %ifarch %ix86 Provides: kernel-vmi-base = 2.6.38 diff --git a/kernel-source.changes b/kernel-source.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-source.changes +++ b/kernel-source.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-source.spec b/kernel-source.spec index 85ed60b2..735dc8a2 100644 --- a/kernel-source.spec +++ b/kernel-source.spec @@ -32,7 +32,7 @@ License: GPL-2.0 Group: Development/Sources Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -43,7 +43,7 @@ BuildRequires: fdupes BuildRequires: sed Requires(post): coreutils sed Provides: %name = %version-%source_rel -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 Provides: linux Provides: multiversion(kernel) Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz diff --git a/kernel-syms.changes b/kernel-syms.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-syms.changes +++ b/kernel-syms.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-syms.spec b/kernel-syms.spec index d07b3ff9..9243db64 100644 --- a/kernel-syms.spec +++ b/kernel-syms.spec @@ -27,7 +27,7 @@ Group: Development/Sources Version: 4.18.0 %if %using_buildservice %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -52,7 +52,7 @@ Requires: kernel-zfcpdump-devel = %version-%source_rel %endif Requires: pesign-obs-integration Provides: %name = %version-%source_rel -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 Provides: multiversion(kernel) Source: README.KSYMS Requires: kernel-devel%variant = %version-%source_rel diff --git a/kernel-vanilla.changes b/kernel-vanilla.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-vanilla.changes +++ b/kernel-vanilla.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-vanilla.spec b/kernel-vanilla.spec index 1c536806..e1eb4c3c 100644 --- a/kernel-vanilla.spec +++ b/kernel-vanilla.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1094,8 +1094,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name-base %ifarch %ix86 diff --git a/kernel-zfcpdump.changes b/kernel-zfcpdump.changes index 3e7cb37a..93c6ecbd 100644 --- a/kernel-zfcpdump.changes +++ b/kernel-zfcpdump.changes @@ -1,3 +1,154 @@ +------------------------------------------------------------------- +Wed Aug 15 08:47:25 CEST 2018 - jslaby@suse.cz + +- Linux 4.18.1-rc1 + It contains the L1TF fixes, so push the rc1 for now. +- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests + (bnc#1012628). +- x86/speculation: Protect against userspace-userspace spectreRSB + (bnc#1012628). +- kprobes/x86: Fix %p uses in error messages (bnc#1012628). +- x86/irqflags: Provide a declaration for native_save_fl + (bnc#1012628). +- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT + (bnc#1012628). +- x86/speculation/l1tf: Change order of offset/type in swap entry + (bnc#1012628). +- x86/speculation/l1tf: Protect swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation + (bnc#1012628). +- x86/speculation/l1tf: Make sure the first page is always + reserved (bnc#1012628). +- x86/speculation/l1tf: Add sysfs reporting for l1tf + (bnc#1012628). +- x86/speculation/l1tf: Disallow non privileged high MMIO + PROT_NONE mappings (bnc#1012628). +- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 + (bnc#1012628). +- x86/bugs: Move the l1tf function and define pr_fmt properly + (bnc#1012628). +- sched/smt: Update sched_smt_present at runtime (bnc#1012628). +- x86/smp: Provide topology_is_primary_thread() (bnc#1012628). +- x86/topology: Provide topology_smt_supported() (bnc#1012628). +- cpu/hotplug: Make bringup/teardown of smp threads symmetric + (bnc#1012628). +- cpu/hotplug: Split do_cpu_down() (bnc#1012628). +- cpu/hotplug: Provide knobs to control SMT (bnc#1012628). +- x86/cpu: Remove the pointless CPU printout (bnc#1012628). +- x86/cpu/AMD: Remove the pointless detect_ht() call + (bnc#1012628). +- x86/cpu/common: Provide detect_ht_early() (bnc#1012628). +- x86/cpu/topology: Provide detect_extended_topology_early() + (bnc#1012628). +- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628). +- x86/CPU/AMD: Do not check CPUID max ext level before parsing + SMP info (bnc#1012628). +- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628). +- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628). +- x86/speculation/l1tf: Extend 64bit swap file size limit + (bnc#1012628). +- x86/cpufeatures: Add detection of L1D cache flush support + (bnc#1012628). +- x86/CPU/AMD: Move TOPOEXT reenablement before reading + smp_num_siblings (bnc#1012628). +- x86/speculation/l1tf: Protect PAE swap entries against L1TF + (bnc#1012628). +- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE + (bnc#1012628). +- Revert "x86/apic: Ignore secondary threads if nosmt=force" + (bnc#1012628). +- cpu/hotplug: Boot HT siblings at least once (bnc#1012628). +- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being + present (bnc#1012628). +- x86/KVM/VMX: Add module argument for L1TF mitigation + (bnc#1012628). +- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628). +- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628). +- x86/KVM/VMX: Add L1D flush logic (bnc#1012628). +- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an + host/guest numbers (bnc#1012628). +- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628). +- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number + accounting (bnc#1012628). +- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER + only MSRs (bnc#1012628). +- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required + (bnc#1012628). +- cpu/hotplug: Online siblings when SMT control is turned on + (bnc#1012628). +- x86/litf: Introduce vmx status variable (bnc#1012628). +- x86/kvm: Drop L1TF MSR list approach (bnc#1012628). +- x86/l1tf: Handle EPT disabled state proper (bnc#1012628). +- x86/kvm: Move l1tf setup function (bnc#1012628). +- x86/kvm: Add static key for flush always (bnc#1012628). +- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628). +- x86/kvm: Allow runtime control of L1D flush (bnc#1012628). +- cpu/hotplug: Expose SMT control init function (bnc#1012628). +- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628). +- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations + (bnc#1012628). +- Documentation: Add section about CPU vulnerabilities + (bnc#1012628). +- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED + architectures (bnc#1012628). +- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content + (bnc#1012628). +- Documentation/l1tf: Fix typos (bnc#1012628). +- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from + vmx_l1d_flush() (bnc#1012628). +- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with + 'vmx_l1d_flush_cond' (bnc#1012628). +- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() + (bnc#1012628). +- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16 + (bnc#1012628). +- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d + (bnc#1012628). +- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628). +- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d + (bnc#1012628). +- x86/KVM/VMX: Don't set l1tf_flush_l1d from + vmx_handle_external_intr() (bnc#1012628). +- Documentation/l1tf: Remove Yonah processors from not vulnerable + list (bnc#1012628). +- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability + (bnc#1012628). +- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on + vmentry (bnc#1012628). +- KVM: VMX: Tell the nested hypervisor to skip L1D flush on + vmentry (bnc#1012628). +- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628). +- x86/speculation/l1tf: Invert all not present mappings + (bnc#1012628). +- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert + (bnc#1012628). +- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628). +- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628). +- tools headers: Synchronise x86 cpufeatures.h for L1TF additions + (bnc#1012628). +- x86/microcode: Allow late microcode loading with SMT disabled + (bnc#1012628). +- Refresh + patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. +- Update config files. +- commit a23e15c + +------------------------------------------------------------------- +Tue Aug 14 21:43:31 CEST 2018 - mkubecek@suse.cz + +- Update upstream reference: + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch. +- commit 0425184 + +------------------------------------------------------------------- +Tue Aug 14 20:02:18 CEST 2018 - tiwai@suse.de + +- hv/netvsc: Fix NULL dereference at single queue mode fallback + (bsc#1104708). +- commit a0cb9f6 + ------------------------------------------------------------------- Mon Aug 13 08:39:28 CEST 2018 - jslaby@suse.cz diff --git a/kernel-zfcpdump.spec b/kernel-zfcpdump.spec index beb564cb..16c380fe 100644 --- a/kernel-zfcpdump.spec +++ b/kernel-zfcpdump.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.18.0 %if 0%{?is_kotd} -Release: .g6e2c3e0 +Release: .g280ac93 %else Release: 0 %endif @@ -165,10 +165,10 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 # END COMMON DEPS -Provides: %name-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: %name-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz Source2: source-post.sh @@ -1097,8 +1097,8 @@ Conflicts: hyper-v < 4 Conflicts: libc.so.6()(64bit) %endif Provides: kernel = %version-%source_rel -Provides: kernel-%build_flavor-base-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 -Provides: kernel-srchash = 6e2c3e02ead5b3947d01693d516b8864acc77323 +Provides: kernel-%build_flavor-base-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 +Provides: kernel-srchash = 280ac93040f9161b1b1cb3d79112a66fd82a7e09 %obsolete_rebuilds %name-base %ifarch %ix86 diff --git a/patches.kernel.org.tar.bz2 b/patches.kernel.org.tar.bz2 index 3f8741cd..4ac6d6d5 100644 --- a/patches.kernel.org.tar.bz2 +++ b/patches.kernel.org.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:ee18541c0eac40ab98a3cc2afffb20d24e6531f3cdbb7990b74d2deb7c88225b -size 133 +oid sha256:873bbab4bd4db9fa6e847caa48149194544bf70092557c1cfa63290daee1de46 +size 66062 diff --git a/patches.suse.tar.bz2 b/patches.suse.tar.bz2 index 452aa3a9..e2c3ec97 100644 --- a/patches.suse.tar.bz2 +++ b/patches.suse.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1b3351b9ecbe9cbcda17c8a8969bfbab3d1f177fe4af436efcd45776d80f96df -size 65664 +oid sha256:28f8c67b7fd47d6d8c9e4f360aeb779442e1bbd5965c05670c448f204be2051d +size 66068 diff --git a/series.conf b/series.conf index aefaacbf..2f45fb01 100644 --- a/series.conf +++ b/series.conf @@ -27,6 +27,85 @@ # DO NOT MODIFY THEM! # Send separate patches upstream if you find a problem... ######################################################## + patches.kernel.org/4.18.1-001-x86-paravirt-Fix-spectre-v2-mitigations-for-pa.patch + patches.kernel.org/4.18.1-002-x86-speculation-Protect-against-userspace-user.patch + patches.kernel.org/4.18.1-003-kprobes-x86-Fix-p-uses-in-error-messages.patch + patches.kernel.org/4.18.1-004-x86-irqflags-Provide-a-declaration-for-native_.patch + patches.kernel.org/4.18.1-005-x86-speculation-l1tf-Increase-32bit-PAE-__PHYS.patch + patches.kernel.org/4.18.1-006-x86-speculation-l1tf-Change-order-of-offset-ty.patch + patches.kernel.org/4.18.1-007-x86-speculation-l1tf-Protect-swap-entries-agai.patch + patches.kernel.org/4.18.1-008-x86-speculation-l1tf-Protect-PROT_NONE-PTEs-ag.patch + patches.kernel.org/4.18.1-009-x86-speculation-l1tf-Make-sure-the-first-page-.patch + patches.kernel.org/4.18.1-010-x86-speculation-l1tf-Add-sysfs-reporting-for-l.patch + patches.kernel.org/4.18.1-011-x86-speculation-l1tf-Disallow-non-privileged-h.patch + patches.kernel.org/4.18.1-012-x86-speculation-l1tf-Limit-swap-file-size-to-M.patch + patches.kernel.org/4.18.1-013-x86-bugs-Move-the-l1tf-function-and-define-pr_.patch + patches.kernel.org/4.18.1-014-sched-smt-Update-sched_smt_present-at-runtime.patch + patches.kernel.org/4.18.1-015-x86-smp-Provide-topology_is_primary_thread.patch + patches.kernel.org/4.18.1-016-x86-topology-Provide-topology_smt_supported.patch + patches.kernel.org/4.18.1-017-cpu-hotplug-Make-bringup-teardown-of-smp-threa.patch + patches.kernel.org/4.18.1-018-cpu-hotplug-Split-do_cpu_down.patch + patches.kernel.org/4.18.1-019-cpu-hotplug-Provide-knobs-to-control-SMT.patch + patches.kernel.org/4.18.1-020-x86-cpu-Remove-the-pointless-CPU-printout.patch + patches.kernel.org/4.18.1-021-x86-cpu-AMD-Remove-the-pointless-detect_ht-cal.patch + patches.kernel.org/4.18.1-022-x86-cpu-common-Provide-detect_ht_early.patch + patches.kernel.org/4.18.1-023-x86-cpu-topology-Provide-detect_extended_topol.patch + patches.kernel.org/4.18.1-024-x86-cpu-intel-Evaluate-smp_num_siblings-early.patch + patches.kernel.org/4.18.1-025-x86-CPU-AMD-Do-not-check-CPUID-max-ext-level-b.patch + patches.kernel.org/4.18.1-026-x86-cpu-AMD-Evaluate-smp_num_siblings-early.patch + patches.kernel.org/4.18.1-027-x86-apic-Ignore-secondary-threads-if-nosmt-for.patch + patches.kernel.org/4.18.1-028-x86-speculation-l1tf-Extend-64bit-swap-file-si.patch + patches.kernel.org/4.18.1-029-x86-cpufeatures-Add-detection-of-L1D-cache-flu.patch + patches.kernel.org/4.18.1-030-x86-CPU-AMD-Move-TOPOEXT-reenablement-before-r.patch + patches.kernel.org/4.18.1-031-x86-speculation-l1tf-Protect-PAE-swap-entries-.patch + patches.kernel.org/4.18.1-032-x86-speculation-l1tf-Fix-up-pte-pfn-conversion.patch + patches.kernel.org/4.18.1-033-Revert-x86-apic-Ignore-secondary-threads-if-no.patch + patches.kernel.org/4.18.1-034-cpu-hotplug-Boot-HT-siblings-at-least-once.patch + patches.kernel.org/4.18.1-035-x86-KVM-Warn-user-if-KVM-is-loaded-SMT-and-L1T.patch + patches.kernel.org/4.18.1-036-x86-KVM-VMX-Add-module-argument-for-L1TF-mitig.patch + patches.kernel.org/4.18.1-037-x86-KVM-VMX-Add-L1D-flush-algorithm.patch + patches.kernel.org/4.18.1-038-x86-KVM-VMX-Add-L1D-MSR-based-flush.patch + patches.kernel.org/4.18.1-039-x86-KVM-VMX-Add-L1D-flush-logic.patch + patches.kernel.org/4.18.1-040-x86-KVM-VMX-Split-the-VMX-MSR-LOAD-structures-.patch + patches.kernel.org/4.18.1-041-x86-KVM-VMX-Add-find_msr-helper-function.patch + patches.kernel.org/4.18.1-042-x86-KVM-VMX-Separate-the-VMX-AUTOLOAD-guest-ho.patch + patches.kernel.org/4.18.1-043-x86-KVM-VMX-Extend-add_atomic_switch_msr-to-al.patch + patches.kernel.org/4.18.1-044-x86-KVM-VMX-Use-MSR-save-list-for-IA32_FLUSH_C.patch + patches.kernel.org/4.18.1-045-cpu-hotplug-Online-siblings-when-SMT-control-i.patch + patches.kernel.org/4.18.1-046-x86-litf-Introduce-vmx-status-variable.patch + patches.kernel.org/4.18.1-047-x86-kvm-Drop-L1TF-MSR-list-approach.patch + patches.kernel.org/4.18.1-048-x86-l1tf-Handle-EPT-disabled-state-proper.patch + patches.kernel.org/4.18.1-049-x86-kvm-Move-l1tf-setup-function.patch + patches.kernel.org/4.18.1-050-x86-kvm-Add-static-key-for-flush-always.patch + patches.kernel.org/4.18.1-051-x86-kvm-Serialize-L1D-flush-parameter-setter.patch + patches.kernel.org/4.18.1-052-x86-kvm-Allow-runtime-control-of-L1D-flush.patch + patches.kernel.org/4.18.1-053-cpu-hotplug-Expose-SMT-control-init-function.patch + patches.kernel.org/4.18.1-054-cpu-hotplug-Set-CPU_SMT_NOT_SUPPORTED-early.patch + patches.kernel.org/4.18.1-055-x86-bugs-kvm-Introduce-boot-time-control-of-L1.patch + patches.kernel.org/4.18.1-056-Documentation-Add-section-about-CPU-vulnerabil.patch + patches.kernel.org/4.18.1-057-x86-speculation-l1tf-Unbreak-__HAVE_ARCH_PFN_M.patch + patches.kernel.org/4.18.1-058-x86-KVM-VMX-Initialize-the-vmx_l1d_flush_pages.patch + patches.kernel.org/4.18.1-059-Documentation-l1tf-Fix-typos.patch + patches.kernel.org/4.18.1-060-cpu-hotplug-detect-SMT-disabled-by-BIOS.patch + patches.kernel.org/4.18.1-061-x86-KVM-VMX-Don-t-set-l1tf_flush_l1d-to-true-f.patch + patches.kernel.org/4.18.1-062-x86-KVM-VMX-Replace-vmx_l1d_flush_always-with-.patch + patches.kernel.org/4.18.1-063-x86-KVM-VMX-Move-the-l1tf_flush_l1d-test-to-vm.patch + patches.kernel.org/4.18.1-064-x86-irq-Demote-irq_cpustat_t-__softirq_pending.patch + patches.kernel.org/4.18.1-065-x86-KVM-VMX-Introduce-per-host-cpu-analogue-of.patch + patches.kernel.org/4.18.1-066-x86-Don-t-include-linux-irq.h-from-asm-hardirq.patch + patches.kernel.org/4.18.1-067-x86-irq-Let-interrupt-handlers-set-kvm_cpu_l1t.patch + patches.kernel.org/4.18.1-068-x86-KVM-VMX-Don-t-set-l1tf_flush_l1d-from-vmx_.patch + patches.kernel.org/4.18.1-069-Documentation-l1tf-Remove-Yonah-processors-fro.patch + patches.kernel.org/4.18.1-070-x86-speculation-Simplify-sysfs-report-of-VMX-L.patch + patches.kernel.org/4.18.1-071-x86-speculation-Use-ARCH_CAPABILITIES-to-skip-.patch + patches.kernel.org/4.18.1-072-KVM-VMX-Tell-the-nested-hypervisor-to-skip-L1D.patch + patches.kernel.org/4.18.1-073-cpu-hotplug-Fix-SMT-supported-evaluation.patch + patches.kernel.org/4.18.1-074-x86-speculation-l1tf-Invert-all-not-present-ma.patch + patches.kernel.org/4.18.1-075-x86-speculation-l1tf-Make-pmd-pud_mknotpresent.patch + patches.kernel.org/4.18.1-076-x86-mm-pat-Make-set_memory_np-L1TF-safe.patch + patches.kernel.org/4.18.1-077-x86-mm-kmmio-Make-the-tracer-robust-against-L1.patch + patches.kernel.org/4.18.1-078-tools-headers-Synchronise-x86-cpufeatures.h-fo.patch + patches.kernel.org/4.18.1-079-x86-microcode-Allow-late-microcode-loading-wit.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -309,6 +388,7 @@ ######################################################## # Network ######################################################## + patches.suse/hv-netvsc-Fix-NULL-dereference-at-single-queue-mode-.patch ######################################################## # Wireless Networking diff --git a/source-timestamp b/source-timestamp index a778ee3d..d19dd8b3 100644 --- a/source-timestamp +++ b/source-timestamp @@ -1,3 +1,3 @@ -2018-08-13 06:42:20 +0000 -GIT Revision: 6e2c3e02ead5b3947d01693d516b8864acc77323 +2018-08-15 09:02:07 +0200 +GIT Revision: 280ac93040f9161b1b1cb3d79112a66fd82a7e09 GIT Branch: stable