lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180521210447.219380974@linuxfoundation.org>
Date:   Mon, 21 May 2018 23:10:50 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
        linux@...ck-us.net, shuah@...nel.org, patches@...nelci.org,
        ben.hutchings@...ethink.co.uk, lkft-triage@...ts.linaro.org,
        stable@...r.kernel.org
Subject: [PATCH 4.14 00/95] 4.14.43-stable review

This is the start of the stable review cycle for the 4.14.43 release.
There are 95 patches in this series, all will be posted as a response
to this one.  If anyone has any issues with these being applied, please
let me know.

Responses should be made by Tue May 22 21:04:09 UTC 2018.
Anything received after that time might be too late.

The whole patch series can be found in one patch at:
	https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.43-rc1.gz
or in the git tree and branch at:
	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
and the diffstat can be found below.

thanks,

greg k-h

-------------
Pseudo-Shortlog of commits:

Greg Kroah-Hartman <gregkh@...uxfoundation.org>
    Linux 4.14.43-rc1

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Rename SSBD_NO to SSB_NO

Tom Lendacky <thomas.lendacky@....com>
    KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Rework spec_ctrl base and mask logic

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Remove x86_spec_ctrl_set()

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Expose x86_spec_ctrl_base directly

Borislav Petkov <bp@...e.de>
    x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Rework speculative_store_bypass_update()

Tom Lendacky <thomas.lendacky@....com>
    x86/speculation: Add virtualized speculative store bypass disable support

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Handle HT correctly on AMD

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Add FEATURE_ZEN

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Disentangle SSBD enumeration

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS

Borislav Petkov <bp@...e.de>
    x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP

Thomas Gleixner <tglx@...utronix.de>
    KVM: SVM: Move spec control call after restore of GS

Jim Mattson <jmattson@...gle.com>
    x86/cpu: Make alternative_msr_write work for 32-bit code

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Fix the parameters alignment and missing void

Jiri Kosina <jkosina@...e.cz>
    x86/bugs: Make cpu_show_common() static

Jiri Kosina <jkosina@...e.cz>
    x86/bugs: Fix __ssb_select_mitigation() return type

Borislav Petkov <bp@...e.de>
    Documentation/spec_ctrl: Do some minor cleanups

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    proc: Use underscores for SSBD in 'status'

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Rename _RDS to _SSBD

Kees Cook <keescook@...omium.org>
    x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass

Thomas Gleixner <tglx@...utronix.de>
    seccomp: Move speculation migitation control to arch code

Kees Cook <keescook@...omium.org>
    seccomp: Add filter flag to opt-out of SSB mitigation

Thomas Gleixner <tglx@...utronix.de>
    seccomp: Use PR_SPEC_FORCE_DISABLE

Thomas Gleixner <tglx@...utronix.de>
    prctl: Add force disable speculation

Kees Cook <keescook@...omium.org>
    x86/bugs: Make boot modes __ro_after_init

Kees Cook <keescook@...omium.org>
    seccomp: Enable speculation flaw mitigations

Kees Cook <keescook@...omium.org>
    proc: Provide details on speculation flaw mitigations

Kees Cook <keescook@...omium.org>
    nospec: Allow getting/setting on non-current task

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Add prctl for Speculative Store Bypass mitigation

Thomas Gleixner <tglx@...utronix.de>
    x86/process: Allow runtime control of Speculative Store Bypass

Thomas Gleixner <tglx@...utronix.de>
    prctl: Add speculation control prctls

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Create spec-ctrl.h to avoid include hell

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Whitelist allowed SPEC_CTRL MSR values

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs/intel: Set proper CPU features and setup RDS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/cpufeatures: Add X86_FEATURE_RDS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Expose /sys/../spec_store_bypass

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs, KVM: Support the combination of guest and host IBRS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Concentrate bug reporting into a separate function

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Concentrate bug detection into a separate function

Linus Torvalds <torvalds@...ux-foundation.org>
    x86/nospec: Simplify alternative_msr_write()

Liu Bo <bo.liu@...ux.alibaba.com>
    btrfs: fix reading stale metadata blocks after degraded raid1 mounts

Nikolay Borisov <nborisov@...e.com>
    btrfs: Fix delalloc inodes invalidation during transaction abort

Nikolay Borisov <nborisov@...e.com>
    btrfs: Split btrfs_del_delalloc_inode into 2 functions

Anand Jain <anand.jain@...cle.com>
    btrfs: fix crash when trying to resume balance without the resume flag

Misono Tomohiro <misono.tomohiro@...fujitsu.com>
    btrfs: property: Set incompat flag if lzo/zstd compression is set

Robbie Ko <robbieko@...ology.com>
    Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting

Filipe Manana <fdmanana@...e.com>
    Btrfs: fix xattr loss after power failure

Masami Hiramatsu <mhiramat@...nel.org>
    ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions

Masami Hiramatsu <mhiramat@...nel.org>
    ARM: 8770/1: kprobes: Prohibit probing on optimized_callback

Masami Hiramatsu <mhiramat@...nel.org>
    ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed

Dexuan Cui <decui@...rosoft.com>
    tick/broadcast: Use for_each_cpu() specially on UP kernels

Dmitry Safonov <dima@...sta.com>
    x86/mm: Drop TS_COMPAT on 64-bit exec() syscall

Masami Hiramatsu <mhiramat@...nel.org>
    ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr

Ard Biesheuvel <ard.biesheuvel@...aro.org>
    efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode

Dave Hansen <dave.hansen@...ux.intel.com>
    x86/pkeys: Do not special case protection key 0

Dave Hansen <dave.hansen@...ux.intel.com>
    x86/pkeys: Override pkey when moving away from PROT_EXEC

Martin Schwidefsky <schwidefsky@...ibm.com>
    s390: remove indirect branch from do_softirq_own_stack

Julian Wiedmann <jwi@...ux.ibm.com>
    s390/qdio: don't release memory in qdio_setup_irq()

Hendrik Brueckner <brueckner@...ux.ibm.com>
    s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero

Julian Wiedmann <jwi@...ux.ibm.com>
    s390/qdio: fix access to uninitialized qdio_q fields

Michel Thierry <michel.thierry@...el.com>
    drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk

Pavel Tatashin <pasha.tatashin@...cle.com>
    mm: don't allow deferred pages with NEED_PER_CPU_KM

Ross Zwisler <ross.zwisler@...ux.intel.com>
    radix tree: fix multi-order iteration race

Matthew Wilcox <mawilcox@...rosoft.com>
    lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly

Haneen Mohammed <hamohammed.sa@...il.com>
    drm: Match sysfs name in link removal to link creation

Nicholas Piggin <npiggin@...il.com>
    powerpc/powernv: Fix NVRAM sleep in invalid context when crashing

Alexander Monakov <amonakov@...ras.ru>
    i2c: designware: fix poll-after-enable regression

Subash Abhinov Kasiviswanathan <subashab@...eaurora.org>
    netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}

Florian Westphal <fw@...len.de>
    netfilter: nf_tables: can't fail after linking rule into active rule list

Florian Westphal <fw@...len.de>
    netfilter: nf_tables: free set name in error path

Jann Horn <jannh@...gle.com>
    tee: shm: fix use-after-free via temporarily dropped reference

Steven Rostedt (VMware) <rostedt@...dmis.org>
    tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all}

Halil Pasic <pasic@...ux.vnet.ibm.com>
    vfio: ccw: fix cleanup if cp_prefetch fails

Benjamin Herrenschmidt <benh@...nel.crashing.org>
    powerpc: Don't preempt_disable() in show_cpuinfo()

Andre Przywara <andre.przywara@....com>
    KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock

Andre Przywara <andre.przywara@....com>
    KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls

Kamal Dasu <kdasu.kdev@...il.com>
    spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL

Kamal Dasu <kdasu.kdev@...il.com>
    spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master

Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
    spi: pxa2xx: Allow 64-bit DMA

Wenwen Wang <wang6495@....edu>
    ALSA: control: fix a redundant-copy issue

Hans de Goede <hdegoede@...hat.com>
    ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist

Federico Cuello <fedux@...ux.com.ar>
    ALSA: usb: mixer: volume quirk for CM102-A+/102S+

Shuah Khan (Samsung OSG) <shuah@...nel.org>
    usbip: usbip_host: fix bad unlock balance during stub_probe()

Shuah Khan (Samsung OSG) <shuah@...nel.org>
    usbip: usbip_host: fix NULL-ptr deref and use-after-free errors

Shuah Khan (Samsung OSG) <shuah@...nel.org>
    usbip: usbip_host: run rebind from exit when module is removed

Shuah Khan (Samsung OSG) <shuah@...nel.org>
    usbip: usbip_host: delete device from busid_table after rebind

Shuah Khan <shuah@...nel.org>
    usbip: usbip_host: refine probe and disconnect debug msgs to be useful


-------------

Diffstat:

 Documentation/ABI/testing/sysfs-devices-system-cpu |   1 +
 Documentation/admin-guide/kernel-parameters.txt    |  45 +++
 Documentation/userspace-api/index.rst              |   1 +
 Documentation/userspace-api/spec_ctrl.rst          |  94 +++++
 Makefile                                           |   4 +-
 arch/arm/include/asm/assembler.h                   |  10 +
 arch/arm/include/asm/kvm_mmu.h                     |  16 +
 arch/arm/kernel/traps.c                            |   5 +-
 arch/arm/lib/getuser.S                             |  10 +
 arch/arm/probes/kprobes/opt-arm.c                  |   4 +-
 arch/arm64/include/asm/kvm_mmu.h                   |  16 +
 arch/powerpc/kernel/setup-common.c                 |  11 -
 arch/powerpc/platforms/powernv/opal-nvram.c        |  14 +-
 arch/s390/kernel/irq.c                             |   5 +-
 arch/s390/kernel/perf_cpum_sf.c                    |   4 +
 arch/x86/boot/compressed/eboot.c                   |   6 +-
 arch/x86/include/asm/cpufeatures.h                 |  18 +-
 arch/x86/include/asm/kvm_host.h                    |   2 +-
 arch/x86/include/asm/mmu_context.h                 |   2 +-
 arch/x86/include/asm/msr-index.h                   |   9 +
 arch/x86/include/asm/nospec-branch.h               |  43 ++-
 arch/x86/include/asm/pkeys.h                       |  18 +-
 arch/x86/include/asm/spec-ctrl.h                   |  80 +++++
 arch/x86/include/asm/thread_info.h                 |   4 +-
 arch/x86/kernel/cpu/amd.c                          |  22 ++
 arch/x86/kernel/cpu/bugs.c                         | 397 ++++++++++++++++++++-
 arch/x86/kernel/cpu/common.c                       |  77 +++-
 arch/x86/kernel/cpu/cpu.h                          |   2 +
 arch/x86/kernel/cpu/intel.c                        |   3 +
 arch/x86/kernel/process.c                          | 146 ++++++++
 arch/x86/kernel/process_64.c                       |   1 +
 arch/x86/kernel/smpboot.c                          |   5 +
 arch/x86/kvm/cpuid.c                               |  21 +-
 arch/x86/kvm/svm.c                                 |  66 ++--
 arch/x86/kvm/vmx.c                                 |  32 +-
 arch/x86/kvm/x86.c                                 |  13 +-
 arch/x86/mm/pkeys.c                                |  21 +-
 arch/x86/xen/mmu.c                                 |   4 +-
 arch/x86/xen/mmu_pv.c                              |   4 +-
 drivers/base/cpu.c                                 |   8 +
 drivers/gpu/drm/drm_drv.c                          |   2 +-
 drivers/gpu/drm/i915/i915_reg.h                    |   3 +
 drivers/gpu/drm/i915/intel_engine_cs.c             |   4 +
 drivers/i2c/busses/i2c-designware-master.c         |   5 +-
 drivers/s390/cio/qdio_setup.c                      |  12 +-
 drivers/s390/cio/vfio_ccw_cp.c                     |  13 +-
 drivers/spi/spi-bcm-qspi.c                         |  28 +-
 drivers/spi/spi-pxa2xx.h                           |   2 +-
 drivers/tee/tee_shm.c                              |   5 +-
 drivers/usb/usbip/stub.h                           |   2 +
 drivers/usb/usbip/stub_dev.c                       |  43 ++-
 drivers/usb/usbip/stub_main.c                      | 105 +++++-
 fs/btrfs/ctree.c                                   |  22 +-
 fs/btrfs/ctree.h                                   |   2 +
 fs/btrfs/disk-io.c                                 |  26 +-
 fs/btrfs/inode.c                                   |  13 +-
 fs/btrfs/props.c                                   |  12 +-
 fs/btrfs/tree-log.c                                |   7 +
 fs/btrfs/volumes.c                                 |   9 +
 fs/proc/array.c                                    |  25 ++
 include/linux/cpu.h                                |   2 +
 include/linux/efi.h                                |   8 +-
 include/linux/nospec.h                             |  10 +
 include/linux/sched.h                              |  10 +-
 include/linux/seccomp.h                            |   5 +-
 include/trace/events/xen.h                         |  16 -
 include/uapi/linux/prctl.h                         |  12 +
 include/uapi/linux/seccomp.h                       |   5 +-
 kernel/seccomp.c                                   |  21 +-
 kernel/sys.c                                       |  23 ++
 kernel/time/tick-broadcast.c                       |   8 +
 lib/radix-tree.c                                   |   6 +-
 lib/test_bitmap.c                                  |  21 +-
 mm/Kconfig                                         |   1 +
 net/ipv4/netfilter/nf_socket_ipv4.c                |   6 +-
 net/ipv6/netfilter/nf_socket_ipv6.c                |   6 +-
 net/netfilter/nf_tables_api.c                      |  67 ++--
 sound/core/control_compat.c                        |   3 +-
 sound/pci/hda/hda_intel.c                          |   2 +
 sound/usb/mixer.c                                  |   8 +
 tools/testing/selftests/seccomp/seccomp_bpf.c      |  22 +-
 virt/kvm/arm/vgic/vgic-its.c                       |  19 +-
 virt/kvm/arm/vgic/vgic-v3.c                        |   4 +-
 83 files changed, 1557 insertions(+), 312 deletions(-)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ