commit 470cac2bcd91a0d5ca84b6d136be0977ae48d473

OBS-URL: https://build.opensuse.org/package/show/Kernel:stable/kernel-source?expand=0&rev=805

config.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:be4b63b62c525935b71031628fb3c1ea5c219a7456e87a7456ad0bd49956f179
-size 175534
+oid sha256:f8ab736c4c6563827d0a5a1a30443f9754c89668a6e025cb731cda96eefcd969
+size 175599

dtb-aarch64.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

dtb-aarch64.spec

@@ -31,7 +31,7 @@
 Name:           dtb-aarch64
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

dtb-armv6l.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

dtb-armv6l.spec

@@ -31,7 +31,7 @@
 Name:           dtb-armv6l
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

dtb-armv7l.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

dtb-armv7l.spec

@@ -31,7 +31,7 @@
 Name:           dtb-armv7l
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-64kb.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-64kb.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-debug.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-debug.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-default.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-default.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-docs.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-docs.spec

@@ -33,7 +33,7 @@ License:        GPL-2.0
 Group:          Documentation/Man
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-lpae.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-lpae.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-obs-build.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-obs-build.spec

@@ -59,7 +59,7 @@ License:        GPL-2.0
 Group:          SLES
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-obs-qa.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-obs-qa.spec

@@ -38,7 +38,7 @@ License:        GPL-2.0
 Group:          SLES
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-pae.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-pae.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-source.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-source.spec

@@ -32,7 +32,7 @@ License:        GPL-2.0
 Group:          Development/Sources
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-syms.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-syms.spec

@@ -27,7 +27,7 @@ Group:          Development/Sources
 Version:        4.14.13
 %if %using_buildservice
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-syzkaller.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-syzkaller.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-vanilla.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-vanilla.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

kernel-zfcpdump.changes

@@ -1,3 +1,222 @@
+-------------------------------------------------------------------
+Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz
+
+- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715).
+- commit 470cac2
+
+-------------------------------------------------------------------
+Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz
+
+- dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
+  (bnc#1012628).
+- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628).
+- can: vxcan: improve handling of missing peer name attribute
+  (bnc#1012628).
+- can: gs_usb: fix return value of the "set_bittiming" callback
+  (bnc#1012628).
+- IB/srpt: Disable RDMA access by the initiator (bnc#1012628).
+- IB/srpt: Fix ACL lookup during login (bnc#1012628).
+- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the
+  ABI of the task (bnc#1012628).
+- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628).
+- MIPS: Guard against any partial write attempt with
+  PTRACE_SETREGSET (bnc#1012628).
+- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
+  (bnc#1012628).
+- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
+  (bnc#1012628).
+- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset
+  accesses (bnc#1012628).
+- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
+  (bnc#1012628).
+- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628).
+- iw_cxgb4: only call the cq comp_handler when the cq is armed
+  (bnc#1012628).
+- iw_cxgb4: atomically flush the qp (bnc#1012628).
+- iw_cxgb4: only clear the ARMED bit if a notification is needed
+  (bnc#1012628).
+- iw_cxgb4: reflect the original WR opcode in drain cqes
+  (bnc#1012628).
+- iw_cxgb4: when flushing, complete all wrs in a chain
+  (bnc#1012628).
+- x86/acpi: Handle SCI interrupts above legacy space gracefully
+  (bnc#1012628).
+- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628).
+- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind
+  error (bnc#1012628).
+- ALSA: pcm: Add missing error checks in OSS emulation plugin
+  builder (bnc#1012628).
+- ALSA: pcm: Abort properly at pending signal in OSS read/write
+  loops (bnc#1012628).
+- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
+  (bnc#1012628).
+- ALSA: aloop: Release cable upon open error path (bnc#1012628).
+- ALSA: aloop: Fix inconsistent format due to incomplete rule
+  (bnc#1012628).
+- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628).
+- x86/acpi: Reduce code duplication in mp_override_legacy_irq()
+  (bnc#1012628).
+- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628).
+- ip6_tunnel: disable dst caching if tunnel is dual-stack
+  (bnc#1012628).
+- net: core: fix module type in sock_diag_bind (bnc#1012628).
+- phylink: ensure we report link down when LOS asserted
+  (bnc#1012628).
+- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628).
+- RDS: null pointer dereference in rds_atomic_free_op
+  (bnc#1012628).
+- net: fec: restore dev_id in the cases of probe error
+  (bnc#1012628).
+- net: fec: defer probe if regulator is not ready (bnc#1012628).
+- net: fec: free/restore resource in related probe error pathes
+  (bnc#1012628).
+- sctp: do not retransmit upon FragNeeded if PMTU discovery is
+  disabled (bnc#1012628).
+- sctp: fix the handling of ICMP Frag Needed for too small MTUs
+  (bnc#1012628).
+- sh_eth: fix TSU resource handling (bnc#1012628).
+- net: stmmac: enable EEE in MII, GMII or RGMII only
+  (bnc#1012628).
+- sh_eth: fix SH7757 GEther initialization (bnc#1012628).
+- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628).
+- ethtool: do not print warning for applications using legacy API
+  (bnc#1012628).
+- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628).
+- net/sched: Fix update of lastuse in act modules implementing
+  stats_update (bnc#1012628).
+- ipv6: sr: fix TLVs not being copied using setsockopt
+  (bnc#1012628).
+- mlxsw: spectrum: Relax sanity checks during enslavement
+  (bnc#1012628).
+- sfp: fix sfp-bus oops when removing socket/upstream
+  (bnc#1012628).
+- Revert "Revert "xfrm: Fix stack-out-of-bounds read in
+  xfrm_state_find."" (bnc#1012628).
+- membarrier: Disable preemption when calling
+  smp_call_function_many() (bnc#1012628).
+- crypto: algapi - fix NULL dereference in crypto_remove_spawns()
+  (bnc#1012628).
+- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628).
+- rbd: reacquire lock should update lock owner client id
+  (bnc#1012628).
+- rbd: set max_segments to USHRT_MAX (bnc#1012628).
+- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628).
+- x86/microcode/intel: Extend BDW late-loading with a revision
+  check (bnc#1012628).
+- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628).
+- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628).
+- KVM: PPC: Book3S HV: Drop prepare_done from struct
+  kvm_resize_hpt (bnc#1012628).
+- KVM: PPC: Book3S HV: Fix use after free in case of multiple
+  resize requests (bnc#1012628).
+- KVM: PPC: Book3S HV: Always flush TLB in
+  kvmppc_alloc_reset_hpt() (bnc#1012628).
+- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628).
+- drm/vmwgfx: Potential off by one in vmw_view_add()
+  (bnc#1012628).
+- drm/i915/gvt: Clear the shadow page table entry after post-sync
+  (bnc#1012628).
+- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake
+  (bnc#1012628).
+- drm/i915: Move init_clock_gating() back to where it was
+  (bnc#1012628).
+- drm/i915: Fix init_clock_gating for resume (bnc#1012628).
+- bpf: arsh is not supported in 32 bit alu thus reject it
+  (bnc#1012628).
+- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
+  (bnc#1012628).
+- USB: serial: cp210x: add new device ID ELV ALC 8xxx
+  (bnc#1012628).
+- usb: misc: usb3503: make sure reset is low for at least 100us
+  (bnc#1012628).
+- USB: fix usbmon BUG trigger (bnc#1012628).
+- USB: UDC core: fix double-free in usb_add_gadget_udc_release
+  (bnc#1012628).
+- usbip: remove kernel addresses from usb device and urb debug
+  msgs (bnc#1012628).
+- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious
+  input (bnc#1012628).
+- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null
+  xfer buffer (bnc#1012628).
+- staging: android: ashmem: fix a race condition in
+  ASHMEM_SET_SIZE ioctl (bnc#1012628).
+- Bluetooth: Prevent stack info leak from the EFS element
+  (bnc#1012628).
+- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628).
+- mux: core: fix double get_device() (bnc#1012628).
+- kdump: write correct address of mem_section into vmcoreinfo
+  (bnc#1012628).
+- apparmor: fix ptrace label match when matching stacked labels
+  (bnc#1012628).
+- e1000e: Fix e1000_check_for_copper_link_ich8lan return value
+  (bnc#1012628).
+- x86/pti: Unbreak EFI old_memmap (bnc#1012628).
+- x86/Documentation: Add PTI description (bnc#1012628).
+- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628).
+- sysfs/cpu: Add vulnerability folder (bnc#1012628).
+- x86/cpu: Implement CPU vulnerabilites sysfs functions
+  (bnc#1012628).
+- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628).
+- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
+  (bnc#1012628).
+- sysfs/cpu: Fix typos in vulnerability documentation
+  (bnc#1012628).
+- x86/alternatives: Fix optimize_nops() checking (bnc#1012628).
+- x86/pti: Make unpoison of pgd for trusted boot work for real
+  (bnc#1012628).
+- objtool: Detect jumps to retpoline thunks (bnc#1012628).
+- objtool: Allow alternatives to be ignored (bnc#1012628).
+- x86/retpoline: Add initial retpoline support (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- x86/spectre: Add boot time option to select Spectre v2
+  mitigation (bnc#1012628).
+- x86/retpoline/crypto: Convert crypto assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/entry: Convert entry assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/hyperv: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/xen: Convert Xen hypercall indirect jumps
+  (bnc#1012628).
+- x86/retpoline/checksum32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline/irq32: Convert assembler indirect jumps
+  (bnc#1012628).
+- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628
+  bnc#1068032 CVE-2017-5715).
+- selftests/x86: Add test_vsyscall (bnc#1012628).
+- x86/pti: Fix !PCID and sanitize defines (bnc#1012628).
+- security/Kconfig: Correct the Documentation reference for PTI
+  (bnc#1012628).
+- x86,perf: Disable intel_bts when PTI (bnc#1012628).
+- x86/retpoline: Remove compile time warning (bnc#1012628).
+- Update config files.
+- Refresh
+  patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch.
+- Refresh
+  patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Refresh
+  patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch.
+- Refresh
+  patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch.
+- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch.
+- Delete
+  patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch.
+- Delete
+  patches.suse/0036-Clear-the-host-registers-after-setbe.patch.
+- commit edd3e75
+
 -------------------------------------------------------------------
 Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz
 

kernel-zfcpdump.spec

@@ -60,7 +60,7 @@ License:        GPL-2.0
 Group:          System/Kernel
 Version:        4.14.13
 %if 0%{?is_kotd}
-Release:        <RELEASE>.g3283516
+Release:        <RELEASE>.g470cac2
 %else
 Release:        0
 %endif

patches.kernel.org.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:9ebd03615ee50d0f1e19432e1eca524eae3560b7380549103eec12dcdd6a94cd
-size 936518
+oid sha256:3a6398d2a1c4b5d18d2ba2f57eda641a543d686b255f92c81b1cf2f10a0fa98f
+size 1024085

patches.suse.tar.bz2

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:31ec0c61880100721858b72477ed2229d076f25c9d56cf69be7bd85f455eb3f5
-size 82759
+oid sha256:b40b7aa8c2fcae82d176ebf257100d99df2a1749d34790930f3800344e5d3c48
+size 76372

series.conf

@@ -1282,6 +1282,124 @@
 	patches.kernel.org/4.14.13-037-KVM-s390-fix-cmma-migration-for-multiple-memo.patch
 	patches.kernel.org/4.14.13-038-KVM-s390-prevent-buffer-overrun-on-memory-hot.patch
 	patches.kernel.org/4.14.13-039-Linux-4.14.13.patch
+	patches.kernel.org/4.14.14-001-dm-bufio-fix-shrinker-scans-when-nr_to_scan-r.patch
+	patches.kernel.org/4.14.14-002-KVM-Fix-stack-out-of-bounds-read-in-write_mmi.patch
+	patches.kernel.org/4.14.14-003-can-vxcan-improve-handling-of-missing-peer-na.patch
+	patches.kernel.org/4.14.14-004-can-gs_usb-fix-return-value-of-the-set_bittim.patch
+	patches.kernel.org/4.14.14-005-IB-srpt-Disable-RDMA-access-by-the-initiator.patch
+	patches.kernel.org/4.14.14-006-IB-srpt-Fix-ACL-lookup-during-login.patch
+	patches.kernel.org/4.14.14-007-MIPS-Validate-PR_SET_FP_MODE-prctl-2-requests.patch
+	patches.kernel.org/4.14.14-008-MIPS-Factor-out-NT_PRFPREG-regset-access-help.patch
+	patches.kernel.org/4.14.14-009-MIPS-Guard-against-any-partial-write-attempt-.patch
+	patches.kernel.org/4.14.14-010-MIPS-Consistently-handle-buffer-counter-with-.patch
+	patches.kernel.org/4.14.14-011-MIPS-Fix-an-FCSR-access-API-regression-with-N.patch
+	patches.kernel.org/4.14.14-012-MIPS-Also-verify-sizeof-elf_fpreg_t-with-PTRA.patch
+	patches.kernel.org/4.14.14-013-MIPS-Disallow-outsized-PTRACE_SETREGSET-NT_PR.patch
+	patches.kernel.org/4.14.14-014-cgroup-fix-css_task_iter-crash-on-CSS_TASK_IT.patch
+	patches.kernel.org/4.14.14-015-kvm-vmx-Scrub-hardware-GPRs-at-VM-exit.patch
+	patches.kernel.org/4.14.14-016-platform-x86-wmi-Call-acpi_wmi_init-later.patch
+	patches.kernel.org/4.14.14-017-iw_cxgb4-only-call-the-cq-comp_handler-when-t.patch
+	patches.kernel.org/4.14.14-018-iw_cxgb4-atomically-flush-the-qp.patch
+	patches.kernel.org/4.14.14-019-iw_cxgb4-only-clear-the-ARMED-bit-if-a-notifi.patch
+	patches.kernel.org/4.14.14-020-iw_cxgb4-reflect-the-original-WR-opcode-in-dr.patch
+	patches.kernel.org/4.14.14-021-iw_cxgb4-when-flushing-complete-all-wrs-in-a-.patch
+	patches.kernel.org/4.14.14-022-x86-acpi-Handle-SCI-interrupts-above-legacy-s.patch
+	patches.kernel.org/4.14.14-023-ALSA-pcm-Remove-incorrect-snd_BUG_ON-usages.patch
+	patches.kernel.org/4.14.14-024-ALSA-pcm-Workaround-for-weird-PulseAudio-beha.patch
+	patches.kernel.org/4.14.14-025-ALSA-pcm-Add-missing-error-checks-in-OSS-emul.patch
+	patches.kernel.org/4.14.14-026-ALSA-pcm-Abort-properly-at-pending-signal-in-.patch
+	patches.kernel.org/4.14.14-027-ALSA-pcm-Allow-aborting-mutex-lock-at-OSS-rea.patch
+	patches.kernel.org/4.14.14-028-ALSA-aloop-Release-cable-upon-open-error-path.patch
+	patches.kernel.org/4.14.14-029-ALSA-aloop-Fix-inconsistent-format-due-to-inc.patch
+	patches.kernel.org/4.14.14-030-ALSA-aloop-Fix-racy-hw-constraints-adjustment.patch
+	patches.kernel.org/4.14.14-031-x86-acpi-Reduce-code-duplication-in-mp_overri.patch
+	patches.kernel.org/4.14.14-032-8021q-fix-a-memory-leak-for-VLAN-0-device.patch
+	patches.kernel.org/4.14.14-033-ip6_tunnel-disable-dst-caching-if-tunnel-is-d.patch
+	patches.kernel.org/4.14.14-034-net-core-fix-module-type-in-sock_diag_bind.patch
+	patches.kernel.org/4.14.14-035-phylink-ensure-we-report-link-down-when-LOS-a.patch
+	patches.kernel.org/4.14.14-036-RDS-Heap-OOB-write-in-rds_message_alloc_sgs.patch
+	patches.kernel.org/4.14.14-037-RDS-null-pointer-dereference-in-rds_atomic_fr.patch
+	patches.kernel.org/4.14.14-038-net-fec-restore-dev_id-in-the-cases-of-probe-.patch
+	patches.kernel.org/4.14.14-039-net-fec-defer-probe-if-regulator-is-not-ready.patch
+	patches.kernel.org/4.14.14-040-net-fec-free-restore-resource-in-related-prob.patch
+	patches.kernel.org/4.14.14-041-sctp-do-not-retransmit-upon-FragNeeded-if-PMT.patch
+	patches.kernel.org/4.14.14-042-sctp-fix-the-handling-of-ICMP-Frag-Needed-for.patch
+	patches.kernel.org/4.14.14-043-sh_eth-fix-TSU-resource-handling.patch
+	patches.kernel.org/4.14.14-044-net-stmmac-enable-EEE-in-MII-GMII-or-RGMII-on.patch
+	patches.kernel.org/4.14.14-045-sh_eth-fix-SH7757-GEther-initialization.patch
+	patches.kernel.org/4.14.14-046-ipv6-fix-possible-mem-leaks-in-ipv6_make_skb.patch
+	patches.kernel.org/4.14.14-047-ethtool-do-not-print-warning-for-applications.patch
+	patches.kernel.org/4.14.14-048-mlxsw-spectrum_router-Fix-NULL-pointer-deref.patch
+	patches.kernel.org/4.14.14-049-net-sched-Fix-update-of-lastuse-in-act-module.patch
+	patches.kernel.org/4.14.14-050-ipv6-sr-fix-TLVs-not-being-copied-using-setso.patch
+	patches.kernel.org/4.14.14-051-mlxsw-spectrum-Relax-sanity-checks-during-ens.patch
+	patches.kernel.org/4.14.14-052-sfp-fix-sfp-bus-oops-when-removing-socket-ups.patch
+	patches.kernel.org/4.14.14-053-Revert-Revert-xfrm-Fix-stack-out-of-bounds-re.patch
+	patches.kernel.org/4.14.14-054-membarrier-Disable-preemption-when-calling-sm.patch
+	patches.kernel.org/4.14.14-055-crypto-algapi-fix-NULL-dereference-in-crypto_.patch
+	patches.kernel.org/4.14.14-056-mmc-renesas_sdhi-Add-MODULE_LICENSE.patch
+	patches.kernel.org/4.14.14-057-rbd-reacquire-lock-should-update-lock-owner-c.patch
+	patches.kernel.org/4.14.14-058-rbd-set-max_segments-to-USHRT_MAX.patch
+	patches.kernel.org/4.14.14-059-iwlwifi-pcie-fix-DMA-memory-mapping-unmapping.patch
+	patches.kernel.org/4.14.14-060-x86-microcode-intel-Extend-BDW-late-loading-w.patch
+	patches.kernel.org/4.14.14-061-KVM-x86-Add-memory-barrier-on-vmcs-field-look.patch
+	patches.kernel.org/4.14.14-062-KVM-PPC-Book3S-PR-Fix-WIMG-handling-under-pHy.patch
+	patches.kernel.org/4.14.14-063-KVM-PPC-Book3S-HV-Drop-prepare_done-from-stru.patch
+	patches.kernel.org/4.14.14-064-KVM-PPC-Book3S-HV-Fix-use-after-free-in-case-.patch
+	patches.kernel.org/4.14.14-065-KVM-PPC-Book3S-HV-Always-flush-TLB-in-kvmppc_.patch
+	patches.kernel.org/4.14.14-066-drm-vmwgfx-Don-t-cache-framebuffer-maps.patch
+	patches.kernel.org/4.14.14-067-drm-vmwgfx-Potential-off-by-one-in-vmw_view_a.patch
+	patches.kernel.org/4.14.14-068-drm-i915-gvt-Clear-the-shadow-page-table-entr.patch
+	patches.kernel.org/4.14.14-069-drm-i915-Whitelist-SLICE_COMMON_ECO_CHICKEN1-.patch
+	patches.kernel.org/4.14.14-070-drm-i915-Move-init_clock_gating-back-to-where.patch
+	patches.kernel.org/4.14.14-071-drm-i915-Fix-init_clock_gating-for-resume.patch
+	patches.kernel.org/4.14.14-072-bpf-prevent-out-of-bounds-speculation.patch
+	patches.kernel.org/4.14.14-073-bpf-array-fix-overflow-in-max_entries-and-und.patch
+	patches.kernel.org/4.14.14-074-bpf-arsh-is-not-supported-in-32-bit-alu-thus-.patch
+	patches.kernel.org/4.14.14-075-USB-serial-cp210x-add-IDs-for-LifeScan-OneTou.patch
+	patches.kernel.org/4.14.14-076-USB-serial-cp210x-add-new-device-ID-ELV-ALC-8.patch
+	patches.kernel.org/4.14.14-077-usb-misc-usb3503-make-sure-reset-is-low-for-a.patch
+	patches.kernel.org/4.14.14-078-USB-fix-usbmon-BUG-trigger.patch
+	patches.kernel.org/4.14.14-079-USB-UDC-core-fix-double-free-in-usb_add_gadge.patch
+	patches.kernel.org/4.14.14-080-usbip-remove-kernel-addresses-from-usb-device.patch
+	patches.kernel.org/4.14.14-081-usbip-fix-vudc_rx-harden-CMD_SUBMIT-path-to-h.patch
+	patches.kernel.org/4.14.14-082-usbip-vudc_tx-fix-v_send_ret_submit-vulnerabi.patch
+	patches.kernel.org/4.14.14-083-staging-android-ashmem-fix-a-race-condition-i.patch
+	patches.kernel.org/4.14.14-084-Bluetooth-Prevent-stack-info-leak-from-the-EF.patch
+	patches.kernel.org/4.14.14-085-uas-ignore-UAS-for-Norelsys-NS1068-X-chips.patch
+	patches.kernel.org/4.14.14-086-mux-core-fix-double-get_device.patch
+	patches.kernel.org/4.14.14-087-kdump-write-correct-address-of-mem_section-in.patch
+	patches.kernel.org/4.14.14-088-apparmor-fix-ptrace-label-match-when-matching.patch
+	patches.kernel.org/4.14.14-089-e1000e-Fix-e1000_check_for_copper_link_ich8la.patch
+	patches.kernel.org/4.14.14-090-x86-pti-Unbreak-EFI-old_memmap.patch
+	patches.kernel.org/4.14.14-091-x86-Documentation-Add-PTI-description.patch
+	patches.kernel.org/4.14.14-092-x86-cpufeatures-Add-X86_BUG_SPECTRE_V-12.patch
+	patches.kernel.org/4.14.14-093-sysfs-cpu-Add-vulnerability-folder.patch
+	patches.kernel.org/4.14.14-094-x86-cpu-Implement-CPU-vulnerabilites-sysfs-fu.patch
+	patches.kernel.org/4.14.14-095-x86-tboot-Unbreak-tboot-with-PTI-enabled.patch
+	patches.kernel.org/4.14.14-096-x86-mm-pti-Remove-dead-logic-in-pti_user_page.patch
+	patches.kernel.org/4.14.14-097-x86-cpu-AMD-Make-LFENCE-a-serializing-instruc.patch
+	patches.kernel.org/4.14.14-098-x86-cpu-AMD-Use-LFENCE_RDTSC-in-preference-to.patch
+	patches.kernel.org/4.14.14-099-sysfs-cpu-Fix-typos-in-vulnerability-document.patch
+	patches.kernel.org/4.14.14-100-x86-alternatives-Fix-optimize_nops-checking.patch
+	patches.kernel.org/4.14.14-101-x86-pti-Make-unpoison-of-pgd-for-trusted-boot.patch
+	patches.kernel.org/4.14.14-102-objtool-Detect-jumps-to-retpoline-thunks.patch
+	patches.kernel.org/4.14.14-103-objtool-Allow-alternatives-to-be-ignored.patch
+	patches.kernel.org/4.14.14-104-x86-retpoline-Add-initial-retpoline-support.patch
+	patches.kernel.org/4.14.14-105-x86-spectre-Add-boot-time-option-to-select-Sp.patch
+	patches.kernel.org/4.14.14-106-x86-retpoline-crypto-Convert-crypto-assembler.patch
+	patches.kernel.org/4.14.14-107-x86-retpoline-entry-Convert-entry-assembler-i.patch
+	patches.kernel.org/4.14.14-108-x86-retpoline-ftrace-Convert-ftrace-assembler.patch
+	patches.kernel.org/4.14.14-109-x86-retpoline-hyperv-Convert-assembler-indire.patch
+	patches.kernel.org/4.14.14-110-x86-retpoline-xen-Convert-Xen-hypercall-indir.patch
+	patches.kernel.org/4.14.14-111-x86-retpoline-checksum32-Convert-assembler-in.patch
+	patches.kernel.org/4.14.14-112-x86-retpoline-irq32-Convert-assembler-indirec.patch
+	patches.kernel.org/4.14.14-113-x86-retpoline-Fill-return-stack-buffer-on-vme.patch
+	patches.kernel.org/4.14.14-114-selftests-x86-Add-test_vsyscall.patch
+	patches.kernel.org/4.14.14-115-x86-pti-Fix-PCID-and-sanitize-defines.patch
+	patches.kernel.org/4.14.14-116-security-Kconfig-Correct-the-Documentation-re.patch
+	patches.kernel.org/4.14.14-117-x86-perf-Disable-intel_bts-when-PTI.patch
+	patches.kernel.org/4.14.14-118-x86-retpoline-Remove-compile-time-warning.patch
 
 	########################################################
 	# Build fixes that apply to the vanilla kernel too.
@@ -1329,8 +1447,6 @@
 	patches.suse/setuid-dumpable-wrongdir
 	patches.suse/0002-futex-futex_wake_op-fix-sign_extend32-sign-bits.patch
 
-	patches.suse/0001-x86-cpu-AMD-Make-LFENCE-a-serializing-instruction.patch
-	patches.suse/0002-x86-cpu-AMD-Use-LFENCE_RDTSC-in-preference-to-MFENCE.patch
 	patches.suse/0003-locking-barriers-introduce-new-observable-speculatio.patch
 	patches.suse/0005-x86-bpf-jit-prevent-speculative-execution-when-JIT-i.patch
 	patches.suse/0006-uvcvideo-prevent-speculative-execution.patch
@@ -1346,9 +1462,6 @@
 	patches.suse/0016-udf-prevent-speculative-execution.patch
 	patches.suse/0017-userns-prevent-speculative-execution.patch
 
-	patches.suse/bpf-prevent-out-of-bounds-speculation.patch
-	patches.suse/bpf-array-fix-overflow-in-max_entries-and-undefined-.patch
-
 	patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch
 	patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch
 	patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch
@@ -1367,15 +1480,11 @@
 	patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch
 	patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch
 	patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch
-	patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch
-	patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch
 	patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch
 	patches.suse/0022-x86-spec_ctrl-Add-lock-to-serialize-changes-to-ibrs-.patch
 	patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch
 	patches.suse/0024-x86-microcode-Recheck-IBRS-and-IBPB-feature-on-micro.patch
 	patches.suse/0025-x86-cpu-AMD-Add-speculative-control-support-for-AMD.patch
-	patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch
-	patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch
 	patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch
 	patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch
 	patches.suse/0030-Use-the-ibrs_inuse-variable.patch
@@ -1384,9 +1493,9 @@
 	patches.suse/0033-KVM-x86-add-SPEC_CTRL-to-MSR-and-CPUID-lists.patch
 	patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch
 	patches.suse/0035-Use-the-ibpb_inuse-variable.patch
-	patches.suse/0036-Clear-the-host-registers-after-setbe.patch
 	patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch
 
+	patches.suse/orc-fix-retpolines-segfaults.patch
 
 	########################################################
 	# Architecture-specific patches. These used to be all

source-timestamp

@@ -1,3 +1,3 @@
-2018-01-12 17:35:09 +0100
-GIT Revision: 3283516d37a349ceeb90630650c41e99f9c7593c
+2018-01-16 14:38:07 +0100
+GIT Revision: 470cac2bcd91a0d5ca84b6d136be0977ae48d473
 GIT Branch: stable