| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180319211047.GJ8564@decadent.org.uk>
Date: Mon, 19 Mar 2018 21:10:47 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
torvalds@...ux-foundation.org, Jiri Slaby <jslaby@...e.cz>,
stable@...r.kernel.org
Cc: lwn@....net
Subject: Linux 3.16.56
I'm announcing the release of the 3.16.56 kernel.
All users of the 3.16 kernel series should upgrade.
The updated 3.16.y git tree can be found at:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.16.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git
The diff from 3.16.55 is attached to this message.
Ben.
------------
Documentation/ABI/testing/sysfs-devices-system-cpu | 16 ++
Documentation/kernel-parameters.txt | 51 +++-
Documentation/speculation.txt | 90 +++++++
Documentation/x86/pti.txt | 186 +++++++++++++
Makefile | 2 +-
arch/x86/Kconfig | 14 +
arch/x86/Makefile | 8 +
arch/x86/crypto/aesni-intel_asm.S | 5 +-
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 3 +-
arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 3 +-
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 3 +-
arch/x86/ia32/ia32entry.S | 54 ++--
arch/x86/include/asm/alternative-asm.h | 14 +-
arch/x86/include/asm/alternative.h | 20 +-
arch/x86/include/asm/asm.h | 11 +
arch/x86/include/asm/barrier.h | 31 ++-
arch/x86/include/asm/cpufeature.h | 8 +
arch/x86/include/asm/intel-family.h | 68 +++++
arch/x86/include/asm/nospec-branch.h | 198 ++++++++++++++
arch/x86/include/asm/processor.h | 6 +-
arch/x86/include/asm/switch_to.h | 38 +++
arch/x86/include/asm/uaccess.h | 64 +++--
arch/x86/include/asm/uaccess_32.h | 24 ++
arch/x86/include/asm/uaccess_64.h | 94 +++++--
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/include/uapi/asm/msr-index.h | 3 +
arch/x86/kernel/alternative.c | 29 +-
arch/x86/kernel/cpu/Makefile | 4 +-
arch/x86/kernel/cpu/amd.c | 28 +-
arch/x86/kernel/cpu/bugs.c | 299 ++++++++++++++++++++-
arch/x86/kernel/cpu/bugs_64.c | 33 ---
arch/x86/kernel/cpu/common.c | 32 ++-
arch/x86/kernel/cpu/microcode/intel.c | 2 +-
arch/x86/kernel/cpu/proc.c | 4 +-
arch/x86/kernel/entry_32.S | 25 +-
arch/x86/kernel/entry_64.S | 29 +-
arch/x86/kernel/irq_32.c | 16 +-
arch/x86/kernel/kprobes/opt.c | 23 +-
arch/x86/kernel/mcount_64.S | 8 +-
arch/x86/kernel/vmlinux.lds.S | 6 +
arch/x86/kvm/emulate.c | 9 +-
arch/x86/kvm/svm.c | 23 ++
arch/x86/kvm/vmx.c | 46 ++--
arch/x86/lib/Makefile | 2 +
arch/x86/lib/checksum_32.S | 7 +-
arch/x86/lib/getuser.S | 10 +
arch/x86/lib/retpoline-export.c | 24 ++
arch/x86/lib/retpoline.S | 47 ++++
arch/x86/lib/usercopy_32.c | 20 +-
drivers/base/Kconfig | 3 +
drivers/base/cpu.c | 48 ++++
drivers/hv/hv.c | 25 +-
include/linux/cpu.h | 7 +
include/linux/fdtable.h | 5 +-
include/linux/init.h | 9 +-
include/linux/kaiser.h | 2 +-
include/linux/kconfig.h | 9 +-
include/linux/module.h | 9 +
include/linux/nospec.h | 59 ++++
kernel/module.c | 11 +
net/wireless/nl80211.c | 9 +-
scripts/mod/modpost.c | 9 +
62 files changed, 1710 insertions(+), 240 deletions(-)
Andi Kleen (3):
x86/retpoline/irq32: Convert assembler indirect jumps
x86/retpoline: Optimize inline assembler for vmexit_fill_RSB
module/retpoline: Warn about missing retpoline in module
Andrey Ryabinin (1):
x86/asm: Use register variable to get stack pointer value
Andy Lutomirski (3):
x86/cpu: Factor out application of forced CPU caps
x86/asm: Make asm/alternative.h safe from assembly
x86: Clean up current_stack_pointer
Arnd Bergmann (1):
x86: fix build warnign with 32-bit PAE
Ben Hutchings (2):
x86/syscall: Sanitize syscall table de-references under speculation
Linux 3.16.56
Borislav Petkov (6):
x86/cpu: Merge bugs.c and bugs_64.c
x86/alternatives: Guard NOPs optimization
x86/alternatives: Fix ALTERNATIVE_2 padding generation properly
x86/alternatives: Fix optimize_nops() checking
x86/nospec: Fix header guards names
x86/bugs: Drop one "mitigation" from dmesg
Colin Ian King (1):
x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
Dan Carpenter (1):
x86/spectre: Fix an error message
Dan Williams (13):
array_index_nospec: Sanitize speculative array de-references
x86: Implement array_index_mask_nospec
x86: Introduce barrier_nospec
x86/get_user: Use pointer masking to limit speculation
vfs, fdtable: Prevent bounds-check bypass via speculative execution
nl80211: Sanitize array index in parse_txq_params
x86/spectre: Report get_user mitigation for spectre_v1
x86/kvm: Update spectre-v1 mitigation
nospec: Kill array_index_nospec_mask_check()
nospec: Include <asm/barrier.h> dependency
x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec
x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end}
x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec
Darren Kenny (1):
x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL
Dave Hansen (2):
x86/Documentation: Add PTI description
x86/cpu/intel: Introduce macros for Intel family numbers
David Woodhouse (14):
x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
sysfs/cpu: Fix typos in vulnerability documentation
x86/retpoline: Add initial retpoline support
x86/spectre: Add boot time option to select Spectre v2 mitigation
x86/retpoline/crypto: Convert crypto assembler indirect jumps
x86/retpoline/entry: Convert entry assembler indirect jumps
x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
x86/retpoline/hyperv: Convert assembler indirect jumps
x86/retpoline/xen: Convert Xen hypercall indirect jumps
x86/retpoline/checksum32: Convert assembler indirect jumps
x86/retpoline: Fill return stack buffer on vmexit
x86/retpoline: Fill RSB on context switch for affected CPUs
x86/retpoline: Avoid retpolines for built-in __init functions
x86/cpufeatures: Clean up Spectre v2 related CPUID flags
Dou Liyang (1):
x86/spectre: Check CONFIG_RETPOLINE in command line parser
Gustavo A. R. Silva (1):
x86/cpu: Change type of x86_cache_size variable to unsigned int
Jim Mattson (1):
kvm: vmx: Scrub hardware GPRs at VM-exit
Josh Poimboeuf (1):
x86/paravirt: Remove 'noreplace-paravirt' cmdline option
KarimAllah Ahmed (1):
x86/spectre: Simplify spectre_v2 command line parsing
Linus Torvalds (2):
x86: reorganize SMAP handling in user space accesses
x86: fix SMAP in 32-bit environments
Mark Rutland (1):
Documentation: Document array_index_nospec
Masahiro Yamada (1):
kconfig.h: use __is_defined() to check if MODULE is defined
Masami Hiramatsu (3):
retpoline: Introduce start/end markers of indirect thunk
kprobes/x86: Blacklist indirect thunk functions for kprobes
kprobes/x86: Disable optimizing on the function jumps to indirect thunk
Peter Zijlstra (2):
KVM: x86: Make indirect calls in emulator speculation safe
KVM: VMX: Make indirect call speculation safe
Thomas Gleixner (8):
x86/cpufeatures: Make CPU bugs sticky
x86/cpufeatures: Add X86_BUG_CPU_INSECURE
x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
sysfs/cpu: Add vulnerability folder
x86/cpu: Implement CPU vulnerabilites sysfs functions
x86/alternatives: Make optimize_nops() interrupt safe and synced
x86/retpoline: Remove compile time warning
x86/cpu/bugs: Make retpoline module warning conditional
Tom Lendacky (4):
x86/cpu, x86/pti: Do not enable PTI on AMD processors
x86/cpu/AMD: Make LFENCE a serializing instruction
x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros
Waiman Long (1):
x86/retpoline: Remove the esp/rsp thunk
Will Deacon (1):
nospec: Move array_index_nospec() parameter checking into separate macro
zhenwei.pi (1):
x86/pti: Document fix wrong index
View attachment "linux-3.16.56.patch" of type "text/x-diff" (113329 bytes)
Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)
Powered by blists - more mailing lists