diff --git a/config.tar.bz2 b/config.tar.bz2 index 66751294..640794ef 100644 --- a/config.tar.bz2 +++ b/config.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:be4b63b62c525935b71031628fb3c1ea5c219a7456e87a7456ad0bd49956f179 -size 175534 +oid sha256:f8ab736c4c6563827d0a5a1a30443f9754c89668a6e025cb731cda96eefcd969 +size 175599 diff --git a/dtb-aarch64.changes b/dtb-aarch64.changes index 97f0f810..cef58a72 100644 --- a/dtb-aarch64.changes +++ b/dtb-aarch64.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/dtb-aarch64.spec b/dtb-aarch64.spec index 1818dbed..fe3712ba 100644 --- a/dtb-aarch64.spec +++ b/dtb-aarch64.spec @@ -31,7 +31,7 @@ Name: dtb-aarch64 Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/dtb-armv6l.changes b/dtb-armv6l.changes index 97f0f810..cef58a72 100644 --- a/dtb-armv6l.changes +++ b/dtb-armv6l.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/dtb-armv6l.spec b/dtb-armv6l.spec index d5069d03..2cfd6a2d 100644 --- a/dtb-armv6l.spec +++ b/dtb-armv6l.spec @@ -31,7 +31,7 @@ Name: dtb-armv6l Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/dtb-armv7l.changes b/dtb-armv7l.changes index 97f0f810..cef58a72 100644 --- a/dtb-armv7l.changes +++ b/dtb-armv7l.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/dtb-armv7l.spec b/dtb-armv7l.spec index 63241241..030be5bf 100644 --- a/dtb-armv7l.spec +++ b/dtb-armv7l.spec @@ -31,7 +31,7 @@ Name: dtb-armv7l Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-64kb.changes b/kernel-64kb.changes index 97f0f810..cef58a72 100644 --- a/kernel-64kb.changes +++ b/kernel-64kb.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-64kb.spec b/kernel-64kb.spec index 5aa23fd2..b7f126be 100644 --- a/kernel-64kb.spec +++ b/kernel-64kb.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-debug.changes b/kernel-debug.changes index 97f0f810..cef58a72 100644 --- a/kernel-debug.changes +++ b/kernel-debug.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-debug.spec b/kernel-debug.spec index 0ccbf796..24f42500 100644 --- a/kernel-debug.spec +++ b/kernel-debug.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-default.changes b/kernel-default.changes index 97f0f810..cef58a72 100644 --- a/kernel-default.changes +++ b/kernel-default.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-default.spec b/kernel-default.spec index 4139d126..d53ae860 100644 --- a/kernel-default.spec +++ b/kernel-default.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-docs.changes b/kernel-docs.changes index 97f0f810..cef58a72 100644 --- a/kernel-docs.changes +++ b/kernel-docs.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-docs.spec b/kernel-docs.spec index 94c0ffaf..01dac343 100644 --- a/kernel-docs.spec +++ b/kernel-docs.spec @@ -33,7 +33,7 @@ License: GPL-2.0 Group: Documentation/Man Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-lpae.changes b/kernel-lpae.changes index 97f0f810..cef58a72 100644 --- a/kernel-lpae.changes +++ b/kernel-lpae.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-lpae.spec b/kernel-lpae.spec index 6b0bc614..8710024a 100644 --- a/kernel-lpae.spec +++ b/kernel-lpae.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-obs-build.changes b/kernel-obs-build.changes index 97f0f810..cef58a72 100644 --- a/kernel-obs-build.changes +++ b/kernel-obs-build.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-obs-build.spec b/kernel-obs-build.spec index b1994ef7..e6cc0ed4 100644 --- a/kernel-obs-build.spec +++ b/kernel-obs-build.spec @@ -59,7 +59,7 @@ License: GPL-2.0 Group: SLES Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-obs-qa.changes b/kernel-obs-qa.changes index 97f0f810..cef58a72 100644 --- a/kernel-obs-qa.changes +++ b/kernel-obs-qa.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-obs-qa.spec b/kernel-obs-qa.spec index a385e457..d1bbf153 100644 --- a/kernel-obs-qa.spec +++ b/kernel-obs-qa.spec @@ -38,7 +38,7 @@ License: GPL-2.0 Group: SLES Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-pae.changes b/kernel-pae.changes index 97f0f810..cef58a72 100644 --- a/kernel-pae.changes +++ b/kernel-pae.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-pae.spec b/kernel-pae.spec index e011ceaf..17fbebd1 100644 --- a/kernel-pae.spec +++ b/kernel-pae.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-source.changes b/kernel-source.changes index 97f0f810..cef58a72 100644 --- a/kernel-source.changes +++ b/kernel-source.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-source.spec b/kernel-source.spec index 736cd3c0..392e1c4a 100644 --- a/kernel-source.spec +++ b/kernel-source.spec @@ -32,7 +32,7 @@ License: GPL-2.0 Group: Development/Sources Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-syms.changes b/kernel-syms.changes index 97f0f810..cef58a72 100644 --- a/kernel-syms.changes +++ b/kernel-syms.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-syms.spec b/kernel-syms.spec index 01c13f50..779ec9cb 100644 --- a/kernel-syms.spec +++ b/kernel-syms.spec @@ -27,7 +27,7 @@ Group: Development/Sources Version: 4.14.13 %if %using_buildservice %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-syzkaller.changes b/kernel-syzkaller.changes index 97f0f810..cef58a72 100644 --- a/kernel-syzkaller.changes +++ b/kernel-syzkaller.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-syzkaller.spec b/kernel-syzkaller.spec index fe3c43eb..5c43b10a 100644 --- a/kernel-syzkaller.spec +++ b/kernel-syzkaller.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-vanilla.changes b/kernel-vanilla.changes index 97f0f810..cef58a72 100644 --- a/kernel-vanilla.changes +++ b/kernel-vanilla.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-vanilla.spec b/kernel-vanilla.spec index 49c88fcd..80bab69e 100644 --- a/kernel-vanilla.spec +++ b/kernel-vanilla.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/kernel-zfcpdump.changes b/kernel-zfcpdump.changes index 97f0f810..cef58a72 100644 --- a/kernel-zfcpdump.changes +++ b/kernel-zfcpdump.changes @@ -1,3 +1,222 @@ +------------------------------------------------------------------- +Tue Jan 16 14:38:07 CET 2018 - jslaby@suse.cz + +- ORC: fix retpolines segfaults (bnc#1068032 CVE-2017-5715). +- commit 470cac2 + +------------------------------------------------------------------- +Tue Jan 16 13:54:06 CET 2018 - jslaby@suse.cz + +- dm bufio: fix shrinker scans when (nr_to_scan < retain_target) + (bnc#1012628). +- KVM: Fix stack-out-of-bounds read in write_mmio (bnc#1012628). +- can: vxcan: improve handling of missing peer name attribute + (bnc#1012628). +- can: gs_usb: fix return value of the "set_bittiming" callback + (bnc#1012628). +- IB/srpt: Disable RDMA access by the initiator (bnc#1012628). +- IB/srpt: Fix ACL lookup during login (bnc#1012628). +- MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the + ABI of the task (bnc#1012628). +- MIPS: Factor out NT_PRFPREG regset access helpers (bnc#1012628). +- MIPS: Guard against any partial write attempt with + PTRACE_SETREGSET (bnc#1012628). +- MIPS: Consistently handle buffer counter with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA + (bnc#1012628). +- MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET + (bnc#1012628). +- MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset + accesses (bnc#1012628). +- cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + (bnc#1012628). +- kvm: vmx: Scrub hardware GPRs at VM-exit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- platform/x86: wmi: Call acpi_wmi_init() later (bnc#1012628). +- iw_cxgb4: only call the cq comp_handler when the cq is armed + (bnc#1012628). +- iw_cxgb4: atomically flush the qp (bnc#1012628). +- iw_cxgb4: only clear the ARMED bit if a notification is needed + (bnc#1012628). +- iw_cxgb4: reflect the original WR opcode in drain cqes + (bnc#1012628). +- iw_cxgb4: when flushing, complete all wrs in a chain + (bnc#1012628). +- x86/acpi: Handle SCI interrupts above legacy space gracefully + (bnc#1012628). +- ALSA: pcm: Remove incorrect snd_BUG_ON() usages (bnc#1012628). +- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind + error (bnc#1012628). +- ALSA: pcm: Add missing error checks in OSS emulation plugin + builder (bnc#1012628). +- ALSA: pcm: Abort properly at pending signal in OSS read/write + loops (bnc#1012628). +- ALSA: pcm: Allow aborting mutex lock at OSS read/write loops + (bnc#1012628). +- ALSA: aloop: Release cable upon open error path (bnc#1012628). +- ALSA: aloop: Fix inconsistent format due to incomplete rule + (bnc#1012628). +- ALSA: aloop: Fix racy hw constraints adjustment (bnc#1012628). +- x86/acpi: Reduce code duplication in mp_override_legacy_irq() + (bnc#1012628). +- 8021q: fix a memory leak for VLAN 0 device (bnc#1012628). +- ip6_tunnel: disable dst caching if tunnel is dual-stack + (bnc#1012628). +- net: core: fix module type in sock_diag_bind (bnc#1012628). +- phylink: ensure we report link down when LOS asserted + (bnc#1012628). +- RDS: Heap OOB write in rds_message_alloc_sgs() (bnc#1012628). +- RDS: null pointer dereference in rds_atomic_free_op + (bnc#1012628). +- net: fec: restore dev_id in the cases of probe error + (bnc#1012628). +- net: fec: defer probe if regulator is not ready (bnc#1012628). +- net: fec: free/restore resource in related probe error pathes + (bnc#1012628). +- sctp: do not retransmit upon FragNeeded if PMTU discovery is + disabled (bnc#1012628). +- sctp: fix the handling of ICMP Frag Needed for too small MTUs + (bnc#1012628). +- sh_eth: fix TSU resource handling (bnc#1012628). +- net: stmmac: enable EEE in MII, GMII or RGMII only + (bnc#1012628). +- sh_eth: fix SH7757 GEther initialization (bnc#1012628). +- ipv6: fix possible mem leaks in ipv6_make_skb() (bnc#1012628). +- ethtool: do not print warning for applications using legacy API + (bnc#1012628). +- mlxsw: spectrum_router: Fix NULL pointer deref (bnc#1012628). +- net/sched: Fix update of lastuse in act modules implementing + stats_update (bnc#1012628). +- ipv6: sr: fix TLVs not being copied using setsockopt + (bnc#1012628). +- mlxsw: spectrum: Relax sanity checks during enslavement + (bnc#1012628). +- sfp: fix sfp-bus oops when removing socket/upstream + (bnc#1012628). +- Revert "Revert "xfrm: Fix stack-out-of-bounds read in + xfrm_state_find."" (bnc#1012628). +- membarrier: Disable preemption when calling + smp_call_function_many() (bnc#1012628). +- crypto: algapi - fix NULL dereference in crypto_remove_spawns() + (bnc#1012628). +- mmc: renesas_sdhi: Add MODULE_LICENSE (bnc#1012628). +- rbd: reacquire lock should update lock owner client id + (bnc#1012628). +- rbd: set max_segments to USHRT_MAX (bnc#1012628). +- iwlwifi: pcie: fix DMA memory mapping / unmapping (bnc#1012628). +- x86/microcode/intel: Extend BDW late-loading with a revision + check (bnc#1012628). +- KVM: x86: Add memory barrier on vmcs field lookup (bnc#1012628). +- KVM: PPC: Book3S PR: Fix WIMG handling under pHyp (bnc#1012628). +- KVM: PPC: Book3S HV: Drop prepare_done from struct + kvm_resize_hpt (bnc#1012628). +- KVM: PPC: Book3S HV: Fix use after free in case of multiple + resize requests (bnc#1012628). +- KVM: PPC: Book3S HV: Always flush TLB in + kvmppc_alloc_reset_hpt() (bnc#1012628). +- drm/vmwgfx: Don't cache framebuffer maps (bnc#1012628). +- drm/vmwgfx: Potential off by one in vmw_view_add() + (bnc#1012628). +- drm/i915/gvt: Clear the shadow page table entry after post-sync + (bnc#1012628). +- drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake + (bnc#1012628). +- drm/i915: Move init_clock_gating() back to where it was + (bnc#1012628). +- drm/i915: Fix init_clock_gating for resume (bnc#1012628). +- bpf: arsh is not supported in 32 bit alu thus reject it + (bnc#1012628). +- USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ + (bnc#1012628). +- USB: serial: cp210x: add new device ID ELV ALC 8xxx + (bnc#1012628). +- usb: misc: usb3503: make sure reset is low for at least 100us + (bnc#1012628). +- USB: fix usbmon BUG trigger (bnc#1012628). +- USB: UDC core: fix double-free in usb_add_gadget_udc_release + (bnc#1012628). +- usbip: remove kernel addresses from usb device and urb debug + msgs (bnc#1012628). +- usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious + input (bnc#1012628). +- usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null + xfer buffer (bnc#1012628). +- staging: android: ashmem: fix a race condition in + ASHMEM_SET_SIZE ioctl (bnc#1012628). +- Bluetooth: Prevent stack info leak from the EFS element + (bnc#1012628). +- uas: ignore UAS for Norelsys NS1068(X) chips (bnc#1012628). +- mux: core: fix double get_device() (bnc#1012628). +- kdump: write correct address of mem_section into vmcoreinfo + (bnc#1012628). +- apparmor: fix ptrace label match when matching stacked labels + (bnc#1012628). +- e1000e: Fix e1000_check_for_copper_link_ich8lan return value + (bnc#1012628). +- x86/pti: Unbreak EFI old_memmap (bnc#1012628). +- x86/Documentation: Add PTI description (bnc#1012628). +- x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] (bnc#1012628). +- sysfs/cpu: Add vulnerability folder (bnc#1012628). +- x86/cpu: Implement CPU vulnerabilites sysfs functions + (bnc#1012628). +- x86/tboot: Unbreak tboot with PTI enabled (bnc#1012628). +- x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() + (bnc#1012628). +- sysfs/cpu: Fix typos in vulnerability documentation + (bnc#1012628). +- x86/alternatives: Fix optimize_nops() checking (bnc#1012628). +- x86/pti: Make unpoison of pgd for trusted boot work for real + (bnc#1012628). +- objtool: Detect jumps to retpoline thunks (bnc#1012628). +- objtool: Allow alternatives to be ignored (bnc#1012628). +- x86/retpoline: Add initial retpoline support (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- x86/spectre: Add boot time option to select Spectre v2 + mitigation (bnc#1012628). +- x86/retpoline/crypto: Convert crypto assembler indirect jumps + (bnc#1012628). +- x86/retpoline/entry: Convert entry assembler indirect jumps + (bnc#1012628). +- x86/retpoline/ftrace: Convert ftrace assembler indirect jumps + (bnc#1012628). +- x86/retpoline/hyperv: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/xen: Convert Xen hypercall indirect jumps + (bnc#1012628). +- x86/retpoline/checksum32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline/irq32: Convert assembler indirect jumps + (bnc#1012628). +- x86/retpoline: Fill return stack buffer on vmexit (bnc#1012628 + bnc#1068032 CVE-2017-5715). +- selftests/x86: Add test_vsyscall (bnc#1012628). +- x86/pti: Fix !PCID and sanitize defines (bnc#1012628). +- security/Kconfig: Correct the Documentation reference for PTI + (bnc#1012628). +- x86,perf: Disable intel_bts when PTI (bnc#1012628). +- x86/retpoline: Remove compile time warning (bnc#1012628). +- Update config files. +- Refresh + patches.suse/0007-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. +- Refresh + patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Refresh + patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. +- Refresh + patches.suse/0032-kvm-vmx-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch. +- Delete patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch. +- Delete + patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. +- Delete + patches.suse/0036-Clear-the-host-registers-after-setbe.patch. +- commit edd3e75 + ------------------------------------------------------------------- Fri Jan 12 17:34:16 CET 2018 - jslaby@suse.cz diff --git a/kernel-zfcpdump.spec b/kernel-zfcpdump.spec index d49c3c4f..cb2fb12f 100644 --- a/kernel-zfcpdump.spec +++ b/kernel-zfcpdump.spec @@ -60,7 +60,7 @@ License: GPL-2.0 Group: System/Kernel Version: 4.14.13 %if 0%{?is_kotd} -Release: .g3283516 +Release: .g470cac2 %else Release: 0 %endif diff --git a/patches.kernel.org.tar.bz2 b/patches.kernel.org.tar.bz2 index 67171fc0..7cea1372 100644 --- a/patches.kernel.org.tar.bz2 +++ b/patches.kernel.org.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9ebd03615ee50d0f1e19432e1eca524eae3560b7380549103eec12dcdd6a94cd -size 936518 +oid sha256:3a6398d2a1c4b5d18d2ba2f57eda641a543d686b255f92c81b1cf2f10a0fa98f +size 1024085 diff --git a/patches.suse.tar.bz2 b/patches.suse.tar.bz2 index a07985a7..425df3f8 100644 --- a/patches.suse.tar.bz2 +++ b/patches.suse.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:31ec0c61880100721858b72477ed2229d076f25c9d56cf69be7bd85f455eb3f5 -size 82759 +oid sha256:b40b7aa8c2fcae82d176ebf257100d99df2a1749d34790930f3800344e5d3c48 +size 76372 diff --git a/series.conf b/series.conf index 575df6f7..8147ce95 100644 --- a/series.conf +++ b/series.conf @@ -1282,6 +1282,124 @@ patches.kernel.org/4.14.13-037-KVM-s390-fix-cmma-migration-for-multiple-memo.patch patches.kernel.org/4.14.13-038-KVM-s390-prevent-buffer-overrun-on-memory-hot.patch patches.kernel.org/4.14.13-039-Linux-4.14.13.patch + patches.kernel.org/4.14.14-001-dm-bufio-fix-shrinker-scans-when-nr_to_scan-r.patch + patches.kernel.org/4.14.14-002-KVM-Fix-stack-out-of-bounds-read-in-write_mmi.patch + patches.kernel.org/4.14.14-003-can-vxcan-improve-handling-of-missing-peer-na.patch + patches.kernel.org/4.14.14-004-can-gs_usb-fix-return-value-of-the-set_bittim.patch + patches.kernel.org/4.14.14-005-IB-srpt-Disable-RDMA-access-by-the-initiator.patch + patches.kernel.org/4.14.14-006-IB-srpt-Fix-ACL-lookup-during-login.patch + patches.kernel.org/4.14.14-007-MIPS-Validate-PR_SET_FP_MODE-prctl-2-requests.patch + patches.kernel.org/4.14.14-008-MIPS-Factor-out-NT_PRFPREG-regset-access-help.patch + patches.kernel.org/4.14.14-009-MIPS-Guard-against-any-partial-write-attempt-.patch + patches.kernel.org/4.14.14-010-MIPS-Consistently-handle-buffer-counter-with-.patch + patches.kernel.org/4.14.14-011-MIPS-Fix-an-FCSR-access-API-regression-with-N.patch + patches.kernel.org/4.14.14-012-MIPS-Also-verify-sizeof-elf_fpreg_t-with-PTRA.patch + patches.kernel.org/4.14.14-013-MIPS-Disallow-outsized-PTRACE_SETREGSET-NT_PR.patch + patches.kernel.org/4.14.14-014-cgroup-fix-css_task_iter-crash-on-CSS_TASK_IT.patch + patches.kernel.org/4.14.14-015-kvm-vmx-Scrub-hardware-GPRs-at-VM-exit.patch + patches.kernel.org/4.14.14-016-platform-x86-wmi-Call-acpi_wmi_init-later.patch + patches.kernel.org/4.14.14-017-iw_cxgb4-only-call-the-cq-comp_handler-when-t.patch + patches.kernel.org/4.14.14-018-iw_cxgb4-atomically-flush-the-qp.patch + patches.kernel.org/4.14.14-019-iw_cxgb4-only-clear-the-ARMED-bit-if-a-notifi.patch + patches.kernel.org/4.14.14-020-iw_cxgb4-reflect-the-original-WR-opcode-in-dr.patch + patches.kernel.org/4.14.14-021-iw_cxgb4-when-flushing-complete-all-wrs-in-a-.patch + patches.kernel.org/4.14.14-022-x86-acpi-Handle-SCI-interrupts-above-legacy-s.patch + patches.kernel.org/4.14.14-023-ALSA-pcm-Remove-incorrect-snd_BUG_ON-usages.patch + patches.kernel.org/4.14.14-024-ALSA-pcm-Workaround-for-weird-PulseAudio-beha.patch + patches.kernel.org/4.14.14-025-ALSA-pcm-Add-missing-error-checks-in-OSS-emul.patch + patches.kernel.org/4.14.14-026-ALSA-pcm-Abort-properly-at-pending-signal-in-.patch + patches.kernel.org/4.14.14-027-ALSA-pcm-Allow-aborting-mutex-lock-at-OSS-rea.patch + patches.kernel.org/4.14.14-028-ALSA-aloop-Release-cable-upon-open-error-path.patch + patches.kernel.org/4.14.14-029-ALSA-aloop-Fix-inconsistent-format-due-to-inc.patch + patches.kernel.org/4.14.14-030-ALSA-aloop-Fix-racy-hw-constraints-adjustment.patch + patches.kernel.org/4.14.14-031-x86-acpi-Reduce-code-duplication-in-mp_overri.patch + patches.kernel.org/4.14.14-032-8021q-fix-a-memory-leak-for-VLAN-0-device.patch + patches.kernel.org/4.14.14-033-ip6_tunnel-disable-dst-caching-if-tunnel-is-d.patch + patches.kernel.org/4.14.14-034-net-core-fix-module-type-in-sock_diag_bind.patch + patches.kernel.org/4.14.14-035-phylink-ensure-we-report-link-down-when-LOS-a.patch + patches.kernel.org/4.14.14-036-RDS-Heap-OOB-write-in-rds_message_alloc_sgs.patch + patches.kernel.org/4.14.14-037-RDS-null-pointer-dereference-in-rds_atomic_fr.patch + patches.kernel.org/4.14.14-038-net-fec-restore-dev_id-in-the-cases-of-probe-.patch + patches.kernel.org/4.14.14-039-net-fec-defer-probe-if-regulator-is-not-ready.patch + patches.kernel.org/4.14.14-040-net-fec-free-restore-resource-in-related-prob.patch + patches.kernel.org/4.14.14-041-sctp-do-not-retransmit-upon-FragNeeded-if-PMT.patch + patches.kernel.org/4.14.14-042-sctp-fix-the-handling-of-ICMP-Frag-Needed-for.patch + patches.kernel.org/4.14.14-043-sh_eth-fix-TSU-resource-handling.patch + patches.kernel.org/4.14.14-044-net-stmmac-enable-EEE-in-MII-GMII-or-RGMII-on.patch + patches.kernel.org/4.14.14-045-sh_eth-fix-SH7757-GEther-initialization.patch + patches.kernel.org/4.14.14-046-ipv6-fix-possible-mem-leaks-in-ipv6_make_skb.patch + patches.kernel.org/4.14.14-047-ethtool-do-not-print-warning-for-applications.patch + patches.kernel.org/4.14.14-048-mlxsw-spectrum_router-Fix-NULL-pointer-deref.patch + patches.kernel.org/4.14.14-049-net-sched-Fix-update-of-lastuse-in-act-module.patch + patches.kernel.org/4.14.14-050-ipv6-sr-fix-TLVs-not-being-copied-using-setso.patch + patches.kernel.org/4.14.14-051-mlxsw-spectrum-Relax-sanity-checks-during-ens.patch + patches.kernel.org/4.14.14-052-sfp-fix-sfp-bus-oops-when-removing-socket-ups.patch + patches.kernel.org/4.14.14-053-Revert-Revert-xfrm-Fix-stack-out-of-bounds-re.patch + patches.kernel.org/4.14.14-054-membarrier-Disable-preemption-when-calling-sm.patch + patches.kernel.org/4.14.14-055-crypto-algapi-fix-NULL-dereference-in-crypto_.patch + patches.kernel.org/4.14.14-056-mmc-renesas_sdhi-Add-MODULE_LICENSE.patch + patches.kernel.org/4.14.14-057-rbd-reacquire-lock-should-update-lock-owner-c.patch + patches.kernel.org/4.14.14-058-rbd-set-max_segments-to-USHRT_MAX.patch + patches.kernel.org/4.14.14-059-iwlwifi-pcie-fix-DMA-memory-mapping-unmapping.patch + patches.kernel.org/4.14.14-060-x86-microcode-intel-Extend-BDW-late-loading-w.patch + patches.kernel.org/4.14.14-061-KVM-x86-Add-memory-barrier-on-vmcs-field-look.patch + patches.kernel.org/4.14.14-062-KVM-PPC-Book3S-PR-Fix-WIMG-handling-under-pHy.patch + patches.kernel.org/4.14.14-063-KVM-PPC-Book3S-HV-Drop-prepare_done-from-stru.patch + patches.kernel.org/4.14.14-064-KVM-PPC-Book3S-HV-Fix-use-after-free-in-case-.patch + patches.kernel.org/4.14.14-065-KVM-PPC-Book3S-HV-Always-flush-TLB-in-kvmppc_.patch + patches.kernel.org/4.14.14-066-drm-vmwgfx-Don-t-cache-framebuffer-maps.patch + patches.kernel.org/4.14.14-067-drm-vmwgfx-Potential-off-by-one-in-vmw_view_a.patch + patches.kernel.org/4.14.14-068-drm-i915-gvt-Clear-the-shadow-page-table-entr.patch + patches.kernel.org/4.14.14-069-drm-i915-Whitelist-SLICE_COMMON_ECO_CHICKEN1-.patch + patches.kernel.org/4.14.14-070-drm-i915-Move-init_clock_gating-back-to-where.patch + patches.kernel.org/4.14.14-071-drm-i915-Fix-init_clock_gating-for-resume.patch + patches.kernel.org/4.14.14-072-bpf-prevent-out-of-bounds-speculation.patch + patches.kernel.org/4.14.14-073-bpf-array-fix-overflow-in-max_entries-and-und.patch + patches.kernel.org/4.14.14-074-bpf-arsh-is-not-supported-in-32-bit-alu-thus-.patch + patches.kernel.org/4.14.14-075-USB-serial-cp210x-add-IDs-for-LifeScan-OneTou.patch + patches.kernel.org/4.14.14-076-USB-serial-cp210x-add-new-device-ID-ELV-ALC-8.patch + patches.kernel.org/4.14.14-077-usb-misc-usb3503-make-sure-reset-is-low-for-a.patch + patches.kernel.org/4.14.14-078-USB-fix-usbmon-BUG-trigger.patch + patches.kernel.org/4.14.14-079-USB-UDC-core-fix-double-free-in-usb_add_gadge.patch + patches.kernel.org/4.14.14-080-usbip-remove-kernel-addresses-from-usb-device.patch + patches.kernel.org/4.14.14-081-usbip-fix-vudc_rx-harden-CMD_SUBMIT-path-to-h.patch + patches.kernel.org/4.14.14-082-usbip-vudc_tx-fix-v_send_ret_submit-vulnerabi.patch + patches.kernel.org/4.14.14-083-staging-android-ashmem-fix-a-race-condition-i.patch + patches.kernel.org/4.14.14-084-Bluetooth-Prevent-stack-info-leak-from-the-EF.patch + patches.kernel.org/4.14.14-085-uas-ignore-UAS-for-Norelsys-NS1068-X-chips.patch + patches.kernel.org/4.14.14-086-mux-core-fix-double-get_device.patch + patches.kernel.org/4.14.14-087-kdump-write-correct-address-of-mem_section-in.patch + patches.kernel.org/4.14.14-088-apparmor-fix-ptrace-label-match-when-matching.patch + patches.kernel.org/4.14.14-089-e1000e-Fix-e1000_check_for_copper_link_ich8la.patch + patches.kernel.org/4.14.14-090-x86-pti-Unbreak-EFI-old_memmap.patch + patches.kernel.org/4.14.14-091-x86-Documentation-Add-PTI-description.patch + patches.kernel.org/4.14.14-092-x86-cpufeatures-Add-X86_BUG_SPECTRE_V-12.patch + patches.kernel.org/4.14.14-093-sysfs-cpu-Add-vulnerability-folder.patch + patches.kernel.org/4.14.14-094-x86-cpu-Implement-CPU-vulnerabilites-sysfs-fu.patch + patches.kernel.org/4.14.14-095-x86-tboot-Unbreak-tboot-with-PTI-enabled.patch + patches.kernel.org/4.14.14-096-x86-mm-pti-Remove-dead-logic-in-pti_user_page.patch + patches.kernel.org/4.14.14-097-x86-cpu-AMD-Make-LFENCE-a-serializing-instruc.patch + patches.kernel.org/4.14.14-098-x86-cpu-AMD-Use-LFENCE_RDTSC-in-preference-to.patch + patches.kernel.org/4.14.14-099-sysfs-cpu-Fix-typos-in-vulnerability-document.patch + patches.kernel.org/4.14.14-100-x86-alternatives-Fix-optimize_nops-checking.patch + patches.kernel.org/4.14.14-101-x86-pti-Make-unpoison-of-pgd-for-trusted-boot.patch + patches.kernel.org/4.14.14-102-objtool-Detect-jumps-to-retpoline-thunks.patch + patches.kernel.org/4.14.14-103-objtool-Allow-alternatives-to-be-ignored.patch + patches.kernel.org/4.14.14-104-x86-retpoline-Add-initial-retpoline-support.patch + patches.kernel.org/4.14.14-105-x86-spectre-Add-boot-time-option-to-select-Sp.patch + patches.kernel.org/4.14.14-106-x86-retpoline-crypto-Convert-crypto-assembler.patch + patches.kernel.org/4.14.14-107-x86-retpoline-entry-Convert-entry-assembler-i.patch + patches.kernel.org/4.14.14-108-x86-retpoline-ftrace-Convert-ftrace-assembler.patch + patches.kernel.org/4.14.14-109-x86-retpoline-hyperv-Convert-assembler-indire.patch + patches.kernel.org/4.14.14-110-x86-retpoline-xen-Convert-Xen-hypercall-indir.patch + patches.kernel.org/4.14.14-111-x86-retpoline-checksum32-Convert-assembler-in.patch + patches.kernel.org/4.14.14-112-x86-retpoline-irq32-Convert-assembler-indirec.patch + patches.kernel.org/4.14.14-113-x86-retpoline-Fill-return-stack-buffer-on-vme.patch + patches.kernel.org/4.14.14-114-selftests-x86-Add-test_vsyscall.patch + patches.kernel.org/4.14.14-115-x86-pti-Fix-PCID-and-sanitize-defines.patch + patches.kernel.org/4.14.14-116-security-Kconfig-Correct-the-Documentation-re.patch + patches.kernel.org/4.14.14-117-x86-perf-Disable-intel_bts-when-PTI.patch + patches.kernel.org/4.14.14-118-x86-retpoline-Remove-compile-time-warning.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -1329,8 +1447,6 @@ patches.suse/setuid-dumpable-wrongdir patches.suse/0002-futex-futex_wake_op-fix-sign_extend32-sign-bits.patch - patches.suse/0001-x86-cpu-AMD-Make-LFENCE-a-serializing-instruction.patch - patches.suse/0002-x86-cpu-AMD-Use-LFENCE_RDTSC-in-preference-to-MFENCE.patch patches.suse/0003-locking-barriers-introduce-new-observable-speculatio.patch patches.suse/0005-x86-bpf-jit-prevent-speculative-execution-when-JIT-i.patch patches.suse/0006-uvcvideo-prevent-speculative-execution.patch @@ -1346,9 +1462,6 @@ patches.suse/0016-udf-prevent-speculative-execution.patch patches.suse/0017-userns-prevent-speculative-execution.patch - patches.suse/bpf-prevent-out-of-bounds-speculation.patch - patches.suse/bpf-array-fix-overflow-in-max_entries-and-undefined-.patch - patches.suse/0001-x86-feature-Enable-the-x86-feature-to-control-Specul.patch patches.suse/0002-x86-cpufeature-Add-X86_FEATURE_IA32_ARCH_CAPS-and-X8.patch patches.suse/0003-x86-Add-STIBP-feature-enumeration.patch @@ -1367,15 +1480,11 @@ patches.suse/0016-x86-kvm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch patches.suse/0017-x86-kvm-Set-IBPB-when-switching-VM.patch patches.suse/0018-x86-kvm-Toggle-IBRS-on-VM-entry-and-exit.patch - patches.suse/0019-x86-kvm-Pad-RSB-on-VM-transition.patch - patches.suse/0020-x86-kvm-clear-registers-on-VM-exit.patch patches.suse/0021-x86-spec_ctrl-Add-sysctl-knobs-to-enable-disable-SPE.patch patches.suse/0022-x86-spec_ctrl-Add-lock-to-serialize-changes-to-ibrs-.patch patches.suse/0023-x86-Move-IBRS-IBPB-feature-detection-to-scattered.c.patch patches.suse/0024-x86-microcode-Recheck-IBRS-and-IBPB-feature-on-micro.patch patches.suse/0025-x86-cpu-AMD-Add-speculative-control-support-for-AMD.patch - patches.suse/0026-Revert-x86-kvm-Pad-RSB-on-VM-transition.patch - patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch patches.suse/0028-x86-svm-Set-IBPB-when-running-a-different-VCPU.patch patches.suse/0029-kvm-svm-add-MSR_IA32_SPEC_CTRL-and-MSR_IA32_PRED_CMD.patch patches.suse/0030-Use-the-ibrs_inuse-variable.patch @@ -1384,9 +1493,9 @@ patches.suse/0033-KVM-x86-add-SPEC_CTRL-to-MSR-and-CPUID-lists.patch patches.suse/0034-Remove-the-code-that-uses-MSR-save-restore-list.patch patches.suse/0035-Use-the-ibpb_inuse-variable.patch - patches.suse/0036-Clear-the-host-registers-after-setbe.patch patches.suse/0037-Set-IBPB-when-running-a-different-VCPU.patch + patches.suse/orc-fix-retpolines-segfaults.patch ######################################################## # Architecture-specific patches. These used to be all diff --git a/source-timestamp b/source-timestamp index b16b143a..46b591b7 100644 --- a/source-timestamp +++ b/source-timestamp @@ -1,3 +1,3 @@ -2018-01-12 17:35:09 +0100 -GIT Revision: 3283516d37a349ceeb90630650c41e99f9c7593c +2018-01-16 14:38:07 +0100 +GIT Revision: 470cac2bcd91a0d5ca84b6d136be0977ae48d473 GIT Branch: stable