diff --git a/dtb-aarch64.changes b/dtb-aarch64.changes index 90f50666..4f2e03ab 100644 --- a/dtb-aarch64.changes +++ b/dtb-aarch64.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/dtb-aarch64.spec b/dtb-aarch64.spec index 0ff30a7b..5a9aa92d 100644 --- a/dtb-aarch64.spec +++ b/dtb-aarch64.spec @@ -17,7 +17,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb}) Name: dtb-aarch64 -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/dtb-armv6l.changes b/dtb-armv6l.changes index 90f50666..4f2e03ab 100644 --- a/dtb-armv6l.changes +++ b/dtb-armv6l.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/dtb-armv6l.spec b/dtb-armv6l.spec index 180e7daf..61e684e3 100644 --- a/dtb-armv6l.spec +++ b/dtb-armv6l.spec @@ -17,7 +17,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb}) Name: dtb-armv6l -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/dtb-armv7l.changes b/dtb-armv7l.changes index 90f50666..4f2e03ab 100644 --- a/dtb-armv7l.changes +++ b/dtb-armv7l.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/dtb-armv7l.spec b/dtb-armv7l.spec index c68035dd..0ae83ec1 100644 --- a/dtb-armv7l.spec +++ b/dtb-armv7l.spec @@ -17,7 +17,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -29,9 +29,9 @@ %(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb}) Name: dtb-armv7l -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-64kb.changes b/kernel-64kb.changes index 90f50666..4f2e03ab 100644 --- a/kernel-64kb.changes +++ b/kernel-64kb.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-64kb.spec b/kernel-64kb.spec index b6d7cbbd..b9226307 100644 --- a/kernel-64kb.spec +++ b/kernel-64kb.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-64kb Summary: Kernel with 64kb PAGE_SIZE License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-debug.changes b/kernel-debug.changes index 90f50666..4f2e03ab 100644 --- a/kernel-debug.changes +++ b/kernel-debug.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-debug.spec b/kernel-debug.spec index 9c1a43db..e1fe3a95 100644 --- a/kernel-debug.spec +++ b/kernel-debug.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-debug Summary: A Debug Version of the Kernel License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-default.changes b/kernel-default.changes index 90f50666..4f2e03ab 100644 --- a/kernel-default.changes +++ b/kernel-default.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-default.spec b/kernel-default.spec index 70780533..42a07e72 100644 --- a/kernel-default.spec +++ b/kernel-default.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-default Summary: The Standard Kernel License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-docs.changes b/kernel-docs.changes index 90f50666..4f2e03ab 100644 --- a/kernel-docs.changes +++ b/kernel-docs.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-docs.spec b/kernel-docs.spec index 8d881a10..01823d31 100644 --- a/kernel-docs.spec +++ b/kernel-docs.spec @@ -17,7 +17,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -31,9 +31,9 @@ Name: kernel-docs Summary: Kernel Documentation License: GPL-2.0 Group: Documentation/Man -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-lpae.changes b/kernel-lpae.changes index 90f50666..4f2e03ab 100644 --- a/kernel-lpae.changes +++ b/kernel-lpae.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-lpae.spec b/kernel-lpae.spec index 1ea75825..8948cd36 100644 --- a/kernel-lpae.spec +++ b/kernel-lpae.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-lpae Summary: Kernel for LPAE enabled systems License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-obs-build.changes b/kernel-obs-build.changes index 90f50666..4f2e03ab 100644 --- a/kernel-obs-build.changes +++ b/kernel-obs-build.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-obs-build.spec b/kernel-obs-build.spec index f55d0e68..388f98c6 100644 --- a/kernel-obs-build.spec +++ b/kernel-obs-build.spec @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -64,9 +64,9 @@ BuildRequires: dracut Summary: package kernel and initrd for OBS VM builds License: GPL-2.0 Group: SLES -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-obs-qa.changes b/kernel-obs-qa.changes index 90f50666..4f2e03ab 100644 --- a/kernel-obs-qa.changes +++ b/kernel-obs-qa.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-obs-qa.spec b/kernel-obs-qa.spec index 0fd5c5da..69b41c7c 100644 --- a/kernel-obs-qa.spec +++ b/kernel-obs-qa.spec @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Basic QA tests for the kernel License: GPL-2.0 Group: SLES -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-pae.changes b/kernel-pae.changes index 90f50666..4f2e03ab 100644 --- a/kernel-pae.changes +++ b/kernel-pae.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-pae.spec b/kernel-pae.spec index 02e5a141..eaa97f7b 100644 --- a/kernel-pae.spec +++ b/kernel-pae.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-pae Summary: Kernel with PAE Support License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-source.changes b/kernel-source.changes index 90f50666..4f2e03ab 100644 --- a/kernel-source.changes +++ b/kernel-source.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-source.spec b/kernel-source.spec index e1283fbc..e715e1dc 100644 --- a/kernel-source.spec +++ b/kernel-source.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Name: kernel-source Summary: The Linux Kernel Sources License: GPL-2.0 Group: Development/Sources -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-syms.changes b/kernel-syms.changes index 90f50666..4f2e03ab 100644 --- a/kernel-syms.changes +++ b/kernel-syms.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-syms.spec b/kernel-syms.spec index d09c0e7e..c486f334 100644 --- a/kernel-syms.spec +++ b/kernel-syms.spec @@ -24,10 +24,10 @@ Name: kernel-syms Summary: Kernel Symbol Versions (modversions) License: GPL-2.0 Group: Development/Sources -Version: 4.15.1 +Version: 4.15.2 %if %using_buildservice %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-syzkaller.changes b/kernel-syzkaller.changes index 90f50666..4f2e03ab 100644 --- a/kernel-syzkaller.changes +++ b/kernel-syzkaller.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-syzkaller.spec b/kernel-syzkaller.spec index b79f41fb..5457ee54 100644 --- a/kernel-syzkaller.spec +++ b/kernel-syzkaller.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-syzkaller Summary: Kernel used for fuzzing by syzkaller License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-vanilla.changes b/kernel-vanilla.changes index 90f50666..4f2e03ab 100644 --- a/kernel-vanilla.changes +++ b/kernel-vanilla.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-vanilla.spec b/kernel-vanilla.spec index ce5e795b..1d38fc34 100644 --- a/kernel-vanilla.spec +++ b/kernel-vanilla.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-vanilla Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/kernel-zfcpdump.changes b/kernel-zfcpdump.changes index 90f50666..4f2e03ab 100644 --- a/kernel-zfcpdump.changes +++ b/kernel-zfcpdump.changes @@ -1,3 +1,63 @@ +------------------------------------------------------------------- +Thu Feb 8 07:52:04 CET 2018 - jslaby@suse.cz + +- Linux 4.15.2 (bnc#1012628). +- KVM: x86: Make indirect calls in emulator speculation safe + (bnc#1012628). +- KVM: VMX: Make indirect call speculation safe (bnc#1012628). +- x86/alternative: Print unadorned pointers (bnc#1012628). +- auxdisplay: img-ascii-lcd: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- iio: adc/accel: Fix up module licenses (bnc#1012628). +- pinctrl: pxa: pxa2xx: add missing + MODULE_DESCRIPTION/AUTHOR/LICENSE (bnc#1012628). +- ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + (bnc#1012628). +- KVM: nVMX: Eliminate vmcs02 pool (bnc#1012628). +- KVM: VMX: introduce alloc_loaded_vmcs (bnc#1012628). +- objtool: Improve retpoline alternative handling (bnc#1012628). +- objtool: Add support for alternatives at the end of a section + (bnc#1012628). +- objtool: Warn on stripped section symbol (bnc#1012628). +- x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + (bnc#1012628). +- x86/entry/64: Remove the SYSCALL64 fast path (bnc#1012628). +- x86/entry/64: Push extra regs right away (bnc#1012628). +- x86/asm: Move 'status' from thread_struct to thread_info + (bnc#1012628). +- x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + (bnc#1012628). +- x86/paravirt: Remove 'noreplace-paravirt' cmdline option + (bnc#1012628). +- KVM: VMX: make MSR bitmaps per-VCPU (bnc#1012628). +- x86/kvm: Update spectre-v1 mitigation (bnc#1012628). +- x86/retpoline: Avoid retpolines for built-in __init functions + (bnc#1012628). +- x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + (bnc#1012628). +- KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + (bnc#1012628). +- KVM/x86: Add IBPB support (bnc#1012628). +- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012628). +- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + (bnc#1012628). +- serial: core: mark port as initialized after successful IRQ + change (bnc#1012628). +- fpga: region: release of_parse_phandle nodes after use + (bnc#1012628). +- commit 54903ae + +------------------------------------------------------------------- +Mon Feb 5 15:52:19 CET 2018 - jslaby@suse.cz + +- x86/pti: Mark constant arrays as __initconst (bsc#1068032 + CVE-2017-5753). +- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on + Intel (bsc#1068032 CVE-2017-5753). +- commit 7d4f257 + ------------------------------------------------------------------- Mon Feb 5 14:15:56 CET 2018 - jslaby@suse.cz diff --git a/kernel-zfcpdump.spec b/kernel-zfcpdump.spec index 21462cad..1964aecf 100644 --- a/kernel-zfcpdump.spec +++ b/kernel-zfcpdump.spec @@ -18,7 +18,7 @@ %define srcversion 4.15 -%define patchversion 4.15.1 +%define patchversion 4.15.2 %define variant %{nil} %define vanilla_only 0 @@ -58,9 +58,9 @@ Name: kernel-zfcpdump Summary: The IBM System Z zfcpdump Kernel License: GPL-2.0 Group: System/Kernel -Version: 4.15.1 +Version: 4.15.2 %if 0%{?is_kotd} -Release: .g5b8446b +Release: .gb34965a %else Release: 0 %endif diff --git a/patches.kernel.org.tar.bz2 b/patches.kernel.org.tar.bz2 index 058d7ad7..7ac76afa 100644 --- a/patches.kernel.org.tar.bz2 +++ b/patches.kernel.org.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1267c99d4149483a76a10c3673b5f10881d02306ecdd202e626687a12c0dc9ac -size 39968 +oid sha256:633d61d55508bdabfc601c573890ed31a4cfe58af446b5ae50271a749e5c4bef +size 91118 diff --git a/patches.suse.tar.bz2 b/patches.suse.tar.bz2 index 9692b3b9..9703f3a0 100644 --- a/patches.suse.tar.bz2 +++ b/patches.suse.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:64bfb8fc6caf53e2b70247559483b98a9cbe73285ab455a455df70c135b982e6 -size 111773 +oid sha256:cddb042f6bcfdcc9a0ee45d4d3aea904e17eee0a99f474c50762d015be319205 +size 91808 diff --git a/series.conf b/series.conf index 1adf6597..aa7f2c4f 100644 --- a/series.conf +++ b/series.conf @@ -83,6 +83,67 @@ patches.kernel.org/4.15.1-054-Input-synaptics-rmi4-do-not-delete-interrupt-m.patch patches.kernel.org/4.15.1-055-x86-efi-Clarify-that-reset-attack-mitigation-n.patch patches.kernel.org/4.15.1-056-Linux-4.15.1.patch + patches.kernel.org/4.15.2-001-KVM-x86-Make-indirect-calls-in-emulator-specul.patch + patches.kernel.org/4.15.2-002-KVM-VMX-Make-indirect-call-speculation-safe.patch + patches.kernel.org/4.15.2-003-module-retpoline-Warn-about-missing-retpoline-.patch + patches.kernel.org/4.15.2-004-x86-cpufeatures-Add-CPUID_7_EDX-CPUID-leaf.patch + patches.kernel.org/4.15.2-005-x86-cpufeatures-Add-Intel-feature-bits-for-Spe.patch + patches.kernel.org/4.15.2-006-x86-cpufeatures-Add-AMD-feature-bits-for-Specu.patch + patches.kernel.org/4.15.2-007-x86-msr-Add-definitions-for-new-speculation-co.patch + patches.kernel.org/4.15.2-008-x86-pti-Do-not-enable-PTI-on-CPUs-which-are-no.patch + patches.kernel.org/4.15.2-009-x86-cpufeature-Blacklist-SPEC_CTRL-PRED_CMD-on.patch + patches.kernel.org/4.15.2-010-x86-speculation-Add-basic-IBPB-Indirect-Branch.patch + patches.kernel.org/4.15.2-011-x86-alternative-Print-unadorned-pointers.patch + patches.kernel.org/4.15.2-012-x86-nospec-Fix-header-guards-names.patch + patches.kernel.org/4.15.2-013-x86-bugs-Drop-one-mitigation-from-dmesg.patch + patches.kernel.org/4.15.2-014-x86-cpu-bugs-Make-retpoline-module-warning-con.patch + patches.kernel.org/4.15.2-015-x86-cpufeatures-Clean-up-Spectre-v2-related-CP.patch + patches.kernel.org/4.15.2-016-x86-retpoline-Simplify-vmexit_fill_RSB.patch + patches.kernel.org/4.15.2-017-x86-speculation-Simplify-indirect_branch_predi.patch + patches.kernel.org/4.15.2-018-auxdisplay-img-ascii-lcd-add-missing-MODULE_DE.patch + patches.kernel.org/4.15.2-019-iio-adc-accel-Fix-up-module-licenses.patch + patches.kernel.org/4.15.2-020-pinctrl-pxa-pxa2xx-add-missing-MODULE_DESCRIPT.patch + patches.kernel.org/4.15.2-021-ASoC-pcm512x-add-missing-MODULE_DESCRIPTION-AU.patch + patches.kernel.org/4.15.2-022-KVM-nVMX-Eliminate-vmcs02-pool.patch + patches.kernel.org/4.15.2-023-KVM-VMX-introduce-alloc_loaded_vmcs.patch + patches.kernel.org/4.15.2-024-objtool-Improve-retpoline-alternative-handling.patch + patches.kernel.org/4.15.2-025-objtool-Add-support-for-alternatives-at-the-en.patch + patches.kernel.org/4.15.2-026-objtool-Warn-on-stripped-section-symbol.patch + patches.kernel.org/4.15.2-027-x86-mm-Fix-overlap-of-i386-CPU_ENTRY_AREA-with.patch + patches.kernel.org/4.15.2-028-x86-spectre-Check-CONFIG_RETPOLINE-in-command-.patch + patches.kernel.org/4.15.2-029-x86-entry-64-Remove-the-SYSCALL64-fast-path.patch + patches.kernel.org/4.15.2-030-x86-entry-64-Push-extra-regs-right-away.patch + patches.kernel.org/4.15.2-031-x86-asm-Move-status-from-thread_struct-to-thre.patch + patches.kernel.org/4.15.2-032-Documentation-Document-array_index_nospec.patch + patches.kernel.org/4.15.2-033-array_index_nospec-Sanitize-speculative-array-.patch + patches.kernel.org/4.15.2-034-x86-Implement-array_index_mask_nospec.patch + patches.kernel.org/4.15.2-035-x86-Introduce-barrier_nospec.patch + patches.kernel.org/4.15.2-036-x86-Introduce-__uaccess_begin_nospec-and-uacce.patch + patches.kernel.org/4.15.2-037-x86-usercopy-Replace-open-coded-stac-clac-with.patch + patches.kernel.org/4.15.2-038-x86-uaccess-Use-__uaccess_begin_nospec-and-uac.patch + patches.kernel.org/4.15.2-039-x86-get_user-Use-pointer-masking-to-limit-spec.patch + patches.kernel.org/4.15.2-040-x86-syscall-Sanitize-syscall-table-de-referenc.patch + patches.kernel.org/4.15.2-041-vfs-fdtable-Prevent-bounds-check-bypass-via-sp.patch + patches.kernel.org/4.15.2-042-nl80211-Sanitize-array-index-in-parse_txq_para.patch + patches.kernel.org/4.15.2-043-x86-spectre-Report-get_user-mitigation-for-spe.patch + patches.kernel.org/4.15.2-044-x86-spectre-Fix-spelling-mistake-vunerable-vul.patch + patches.kernel.org/4.15.2-045-x86-cpuid-Fix-up-virtual-IBRS-IBPB-STIBP-featu.patch + patches.kernel.org/4.15.2-046-x86-speculation-Use-Indirect-Branch-Prediction.patch + patches.kernel.org/4.15.2-047-x86-paravirt-Remove-noreplace-paravirt-cmdline.patch + patches.kernel.org/4.15.2-048-KVM-VMX-make-MSR-bitmaps-per-VCPU.patch + patches.kernel.org/4.15.2-049-x86-kvm-Update-spectre-v1-mitigation.patch + patches.kernel.org/4.15.2-050-x86-retpoline-Avoid-retpolines-for-built-in-__.patch + patches.kernel.org/4.15.2-051-x86-spectre-Simplify-spectre_v2-command-line-p.patch + patches.kernel.org/4.15.2-052-x86-pti-Mark-constant-arrays-as-__initconst.patch + patches.kernel.org/4.15.2-053-x86-speculation-Fix-typo-IBRS_ATT-which-should.patch + patches.kernel.org/4.15.2-054-KVM-x86-Update-the-reverse_cpuid-list-to-inclu.patch + patches.kernel.org/4.15.2-055-KVM-x86-Add-IBPB-support.patch + patches.kernel.org/4.15.2-056-KVM-VMX-Emulate-MSR_IA32_ARCH_CAPABILITIES.patch + patches.kernel.org/4.15.2-057-KVM-VMX-Allow-direct-access-to-MSR_IA32_SPEC_C.patch + patches.kernel.org/4.15.2-058-KVM-SVM-Allow-direct-access-to-MSR_IA32_SPEC_C.patch + patches.kernel.org/4.15.2-059-serial-core-mark-port-as-initialized-after-suc.patch + patches.kernel.org/4.15.2-060-fpga-region-release-of_parse_phandle-nodes-aft.patch + patches.kernel.org/4.15.2-061-Linux-4.15.2.patch ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -109,9 +170,6 @@ # kbuild/module infrastructure fixes ######################################################## - # putting it here, as patches.suse/supported-flag is on the top of that - patches.suse/module-retpoline-Warn-about-missing-retpoline-in-mod.patch - patches.suse/rpm-kernel-config patches.suse/supported-flag patches.suse/supported-flag-underscores @@ -133,37 +191,6 @@ ######################################################## patches.suse/setuid-dumpable-wrongdir - patches.suse/0001-Documentation-Document-array_index_nospec.patch - patches.suse/0002-array_index_nospec-Sanitize-speculative-array-de-ref.patch - patches.suse/0003-x86-Implement-array_index_mask_nospec.patch - patches.suse/0004-x86-Introduce-barrier_nospec.patch - patches.suse/0005-x86-Introduce-__uaccess_begin_nospec-and-uaccess_try.patch - patches.suse/0006-x86-usercopy-Replace-open-coded-stac-clac-with-__uac.patch - patches.suse/0007-x86-uaccess-Use-__uaccess_begin_nospec-and-uaccess_t.patch - patches.suse/0008-x86-get_user-Use-pointer-masking-to-limit-speculatio.patch - patches.suse/0009-x86-syscall-Sanitize-syscall-table-de-references-und.patch - patches.suse/0010-vfs-fdtable-Prevent-bounds-check-bypass-via-speculat.patch - patches.suse/0011-nl80211-Sanitize-array-index-in-parse_txq_params.patch - patches.suse/0012-x86-spectre-Report-get_user-mitigation-for-spectre_v.patch - - patches.suse/0001-x86-cpufeatures-Add-CPUID_7_EDX-CPUID-leaf.patch - patches.suse/0002-x86-cpufeatures-Add-Intel-feature-bits-for-Speculati.patch - patches.suse/0003-x86-cpufeatures-Add-AMD-feature-bits-for-Speculation.patch - patches.suse/0004-x86-msr-Add-definitions-for-new-speculation-control-.patch - patches.suse/0005-x86-pti-Do-not-enable-PTI-on-CPUs-which-are-not-vuln.patch - patches.suse/0006-x86-cpufeature-Blacklist-SPEC_CTRL-PRED_CMD-on-early.patch - patches.suse/0007-x86-speculation-Add-basic-IBPB-Indirect-Branch-Predi.patch - patches.suse/0009-x86-nospec-Fix-header-guards-names.patch - patches.suse/0010-x86-bugs-Drop-one-mitigation-from-dmesg.patch - patches.suse/0011-x86-cpu-bugs-Make-retpoline-module-warning-condition.patch - patches.suse/0012-x86-cpufeatures-Clean-up-Spectre-v2-related-CPUID-fl.patch - patches.suse/0013-x86-retpoline-Simplify-vmexit_fill_RSB.patch - patches.suse/0014-x86-speculation-Simplify-indirect_branch_prediction_.patch - - patches.suse/x86-speculation-Use-Indirect-Branch-Prediction-Barri.patch - patches.suse/x86-spectre-Check-CONFIG_RETPOLINE-in-command-line-p.patch - patches.suse/x86-spectre-Simplify-spectre_v2-command-line-parsing.patch - patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch diff --git a/source-timestamp b/source-timestamp index f5ac51e3..5998c5f4 100644 --- a/source-timestamp +++ b/source-timestamp @@ -1,3 +1,3 @@ -2018-02-07 10:20:22 +0100 -GIT Revision: 5b8446bde525083ad6773d6a523380f7780e1a72 +2018-02-08 07:53:26 +0100 +GIT Revision: b34965ab958833296ac68575af31dd314a58cd7b GIT Branch: stable