lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20180723122413.003644357@linuxfoundation.org>
Date:   Mon, 23 Jul 2018 14:40:54 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
        linux@...ck-us.net, shuah@...nel.org, patches@...nelci.org,
        ben.hutchings@...ethink.co.uk, lkft-triage@...ts.linaro.org,
        stable@...r.kernel.org
Subject: [PATCH 4.4 000/107] 4.4.144-stable review

This is the start of the stable review cycle for the 4.4.144 release.
There are 107 patches in this series, all will be posted as a response
to this one.  If anyone has any issues with these being applied, please
let me know.

Responses should be made by Wed Jul 25 12:23:53 UTC 2018.
Anything received after that time might be too late.

The whole patch series can be found in one patch at:
	https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.144-rc1.gz
or in the git tree and branch at:
	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y
and the diffstat can be found below.

thanks,

greg k-h

-------------
Pseudo-Shortlog of commits:

Greg Kroah-Hartman <gregkh@...uxfoundation.org>
    Linux 4.4.144-rc1

Sascha Hauer <s.hauer@...gutronix.de>
    ubi: fastmap: Erase outdated anchor PEBs during attach

Richard Weinberger <richard@....at>
    ubi: Fix Fastmap's update_vol()

Richard Weinberger <richard@....at>
    ubi: Fix races around ubi_refill_pools()

Richard Weinberger <richard@....at>
    ubi: Be more paranoid while seaching for the most recent Fastmap

Richard Weinberger <richard@....at>
    ubi: Rework Fastmap attach base code

Richard Weinberger <richard@....at>
    ubi: Introduce vol_ignored()

Lucas Stach <dev@...xeye.de>
    clk: tegra: Fix PLL_U post divider and initial rate on Tegra30

Alan Jenkins <alan.christopher.jenkins@...il.com>
    block: do not use interruptible wait anywhere

Andy Lutomirski <luto@...nel.org>
    x86/cpu: Re-apply forced caps every time CPU caps are re-read

Juergen Gross <jgross@...e.com>
    x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Rename SSBD_NO to SSB_NO

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Rework spec_ctrl base and mask logic

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Remove x86_spec_ctrl_set()

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs: Expose x86_spec_ctrl_base directly

Borislav Petkov <bp@...e.de>
    x86/bugs: Unify x86_spec_ctrl_{set_guest, restore_host}

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Rework speculative_store_bypass_update()

Tom Lendacky <thomas.lendacky@....com>
    x86/speculation: Add virtualized speculative store bypass disable support

Thomas Gleixner <tglx@...utronix.de>
    x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Handle HT correctly on AMD

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Add FEATURE_ZEN

Borislav Petkov <bp@...e.de>
    x86/cpu/AMD: Fix erratum 1076 (CPB bit)

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Disentangle SSBD enumeration

Thomas Gleixner <tglx@...utronix.de>
    x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS

Borislav Petkov <bp@...e.de>
    x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP

Jim Mattson <jmattson@...gle.com>
    x86/cpu: Make alternative_msr_write work for 32-bit code

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Fix the parameters alignment and missing void

Jiri Kosina <jkosina@...e.cz>
    x86/bugs: Make cpu_show_common() static

Jiri Kosina <jkosina@...e.cz>
    x86/bugs: Fix __ssb_select_mitigation() return type

Borislav Petkov <bp@...e.de>
    Documentation/spec_ctrl: Do some minor cleanups

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    proc: Use underscores for SSBD in 'status'

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Rename _RDS to _SSBD

Kees Cook <keescook@...omium.org>
    x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass

Thomas Gleixner <tglx@...utronix.de>
    seccomp: Move speculation migitation control to arch code

Kees Cook <keescook@...omium.org>
    seccomp: Add filter flag to opt-out of SSB mitigation

Thomas Gleixner <tglx@...utronix.de>
    seccomp: Use PR_SPEC_FORCE_DISABLE

Thomas Gleixner <tglx@...utronix.de>
    prctl: Add force disable speculation

Kees Cook <keescook@...omium.org>
    seccomp: Enable speculation flaw mitigations

Kees Cook <keescook@...omium.org>
    proc: Provide details on speculation flaw mitigations

Kees Cook <keescook@...omium.org>
    nospec: Allow getting/setting on non-current task

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Add prctl for Speculative Store Bypass mitigation

Thomas Gleixner <tglx@...utronix.de>
    x86/process: Allow runtime control of Speculative Store Bypass

Thomas Gleixner <tglx@...utronix.de>
    x86/process: Optimize TIF_NOTSC switch

Kyle Huey <me@...ehuey.com>
    x86/process: Correct and optimize TIF_BLOCKSTEP switch

Kyle Huey <me@...ehuey.com>
    x86/process: Optimize TIF checks in __switch_to_xtra()

Thomas Gleixner <tglx@...utronix.de>
    prctl: Add speculation control prctls

Thomas Gleixner <tglx@...utronix.de>
    x86/speculation: Create spec-ctrl.h to avoid include hell

David Woodhouse <dwmw@...zon.co.uk>
    x86/bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if requested

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Whitelist allowed SPEC_CTRL MSR values

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs/intel: Set proper CPU features and setup RDS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/cpufeatures: Add X86_FEATURE_RDS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Expose /sys/../spec_store_bypass

Piotr Luc <piotr.luc@...el.com>
    x86/cpu/intel: Add Knights Mill to Intel family

Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
    x86/cpu: Rename Merrifield2 to Moorefield

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs, KVM: Support the combination of guest and host IBRS

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Concentrate bug reporting into a separate function

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/bugs: Concentrate bug detection into a separate function

Linus Torvalds <torvalds@...ux-foundation.org>
    x86/nospec: Simplify alternative_msr_write()

David Woodhouse <dwmw@...zon.co.uk>
    x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen

Juergen Gross <jgross@...e.com>
    xen: set cpu capabilities from xen_start_kernel()

Mickaël Salaün <mic@...ikod.net>
    selftest/seccomp: Fix the seccomp(2) signature

Mickaël Salaün <mic@...ikod.net>
    selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC

Alexander Sergeyev <sergeev917@...il.com>
    x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist

Ingo Molnar <mingo@...nel.org>
    x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP

David Woodhouse <dwmw@...zon.co.uk>
    x86/speculation: Use IBRS if available before calling into firmware

Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
    x86/spectre_v2: Don't check microcode versions when running under hypervisors

Tim Chen <tim.c.chen@...ux.intel.com>
    x86/speculation: Use Indirect Branch Prediction Barrier in context switch

Andy Lutomirski <luto@...nel.org>
    x86/mm: Give each mm TLB flush generation a unique ID

Dave Hansen <dave.hansen@...ux.intel.com>
    x86/mm: Factor out LDT init from context init

Juergen Gross <jgross@...e.com>
    x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend

Peter Zijlstra <peterz@...radead.org>
    x86/speculation: Add <asm/msr-index.h> dependency

Dan Williams <dan.j.williams@...el.com>
    x86/speculation: Fix up array_index_nospec_mask() asm constraint

Ingo Molnar <mingo@...nel.org>
    x86/speculation: Clean up various Spectre related details

David Woodhouse <dwmw@...zon.co.uk>
    x86/speculation: Correct Speculation Control microcode blacklist again

David Woodhouse <dwmw@...zon.co.uk>
    x86/speculation: Update Speculation Control microcode blacklist

Dan Williams <dan.j.williams@...el.com>
    x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface

Denys Vlasenko <dvlasenk@...hat.com>
    x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs

Arnd Bergmann <arnd@...db.de>
    x86/pti: Mark constant arrays as __initconst

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpufeatures: Clean up Spectre v2 related CPUID flags

David Woodhouse <dwmw@...zon.co.uk>
    x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes

David Woodhouse <dwmw@...zon.co.uk>
    x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown

David Woodhouse <dwmw@...zon.co.uk>
    x86/msr: Add definitions for new speculation control MSRs

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpufeatures: Add AMD feature bits for Speculation Control

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpufeatures: Add Intel feature bits for Speculation Control

David Woodhouse <dwmw@...zon.co.uk>
    x86/cpufeatures: Add CPUID_7_EDX CPUID leaf

Nick Desaulniers <ndesaulniers@...gle.com>
    x86/paravirt: Make native_save_fl() extern inline

Mathias Nyman <mathias.nyman@...ux.intel.com>
    xhci: Fix perceived dead host due to runtime suspend race with event handler

Stefano Brivio <sbrivio@...hat.com>
    skbuff: Unconditionally copy pfmemalloc in __skb_clone()

Stefano Brivio <sbrivio@...hat.com>
    net: Don't copy pfmemalloc flag in __copy_skb_header()

Sanjeev Bansal <sanjeevb.bansal@...adcom.com>
    tg3: Add higher cpu clock for 5762.

Gustavo A. R. Silva <gustavo@...eddedor.com>
    ptp: fix missing break in switch

Heiner Kallweit <hkallweit1@...il.com>
    net: phy: fix flag masking in __set_phy_supported

David Ahern <dsahern@...il.com>
    net/ipv4: Set oif in fib_compute_spec_dst

Davidlohr Bueso <dave@...olabs.net>
    lib/rhashtable: consider param->min_size when setting initial table size

Colin Ian King <colin.king@...onical.com>
    ipv6: fix useless rol32 call on hash

Tyler Hicks <tyhicks@...onical.com>
    ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns

Jing Xia <jing.xia.mail@...il.com>
    mm: memcg: fix use after free in mem_cgroup_iter()

Vineet Gupta <vgupta@...opsys.com>
    ARC: mm: allow mprotect to make stack mappings executable

Alexey Brodkin <abrodkin@...opsys.com>
    ARC: Fix CONFIG_SWAP

Takashi Iwai <tiwai@...e.de>
    ALSA: rawmidi: Change resized buffers atomically

OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
    fat: fix memory allocation failure handling of match_strdup()

Dewet Thibaut <thibaut.dewet@...ia.com>
    x86/MCE: Remove min interval polling limitation

Lan Tianyu <tianyu.lan@...el.com>
    KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.


-------------

Diffstat:

 Documentation/ABI/testing/sysfs-devices-system-cpu |   1 +
 Documentation/kernel-parameters.txt                |  45 +++
 Documentation/spec_ctrl.txt                        |  94 +++++
 Makefile                                           |   4 +-
 arch/arc/include/asm/page.h                        |   2 +-
 arch/arc/include/asm/pgtable.h                     |   2 +-
 arch/x86/entry/entry_64_compat.S                   |  75 ++--
 arch/x86/include/asm/apm.h                         |   6 +
 arch/x86/include/asm/barrier.h                     |   2 +-
 arch/x86/include/asm/cpufeature.h                  |   7 +-
 arch/x86/include/asm/cpufeatures.h                 |  37 +-
 arch/x86/include/asm/disabled-features.h           |   3 +-
 arch/x86/include/asm/efi.h                         |   7 +
 arch/x86/include/asm/intel-family.h                |  10 +-
 arch/x86/include/asm/irqflags.h                    |   2 +-
 arch/x86/include/asm/mmu.h                         |  15 +-
 arch/x86/include/asm/mmu_context.h                 |  25 +-
 arch/x86/include/asm/msr-index.h                   |  22 ++
 arch/x86/include/asm/nospec-branch.h               |  54 +++
 arch/x86/include/asm/required-features.h           |   3 +-
 arch/x86/include/asm/spec-ctrl.h                   |  80 ++++
 arch/x86/include/asm/thread_info.h                 |   6 +-
 arch/x86/include/asm/tlbflush.h                    |  12 +
 arch/x86/kernel/Makefile                           |   1 +
 arch/x86/kernel/cpu/amd.c                          |  38 +-
 arch/x86/kernel/cpu/bugs.c                         | 427 +++++++++++++++++++--
 arch/x86/kernel/cpu/common.c                       | 121 +++++-
 arch/x86/kernel/cpu/cpu.h                          |   3 +
 arch/x86/kernel/cpu/intel.c                        |  73 ++++
 arch/x86/kernel/cpu/mcheck/mce.c                   |   3 -
 arch/x86/kernel/irqflags.S                         |  26 ++
 arch/x86/kernel/ldt.c                              |   4 +-
 arch/x86/kernel/process.c                          | 224 +++++++++--
 arch/x86/kernel/smpboot.c                          |   5 +
 arch/x86/kvm/svm.c                                 |   2 +-
 arch/x86/kvm/vmx.c                                 |   2 +-
 arch/x86/mm/tlb.c                                  |  33 ++
 arch/x86/platform/efi/efi_64.c                     |   3 +
 arch/x86/xen/enlighten.c                           |  16 +-
 arch/x86/xen/smp.c                                 |   5 +
 arch/x86/xen/suspend.c                             |  16 +
 block/blk-core.c                                   |  10 +-
 drivers/base/cpu.c                                 |   8 +
 drivers/clk/tegra/clk-tegra30.c                    |  11 +-
 drivers/mtd/ubi/attach.c                           | 139 +++++--
 drivers/mtd/ubi/eba.c                              |   4 +-
 drivers/mtd/ubi/fastmap-wl.c                       |   6 +-
 drivers/mtd/ubi/fastmap.c                          |  51 ++-
 drivers/mtd/ubi/ubi.h                              |  46 ++-
 drivers/mtd/ubi/wl.c                               | 114 ++++--
 drivers/net/ethernet/broadcom/tg3.c                |   9 +
 drivers/net/phy/phy_device.c                       |   7 +-
 drivers/ptp/ptp_chardev.c                          |   1 +
 drivers/usb/host/xhci.c                            |  40 +-
 drivers/usb/host/xhci.h                            |   4 +
 fs/fat/inode.c                                     |  20 +-
 fs/proc/array.c                                    |  26 ++
 include/linux/cpu.h                                |   2 +
 include/linux/nospec.h                             |  10 +
 include/linux/sched.h                              |   9 +
 include/linux/seccomp.h                            |   3 +-
 include/linux/skbuff.h                             |  12 +-
 include/net/ipv6.h                                 |   2 +-
 include/uapi/linux/prctl.h                         |  12 +
 include/uapi/linux/seccomp.h                       |   4 +-
 kernel/seccomp.c                                   |  21 +-
 kernel/sys.c                                       |  21 +
 lib/rhashtable.c                                   |  17 +-
 mm/memcontrol.c                                    |   2 +-
 net/core/skbuff.c                                  |   1 +
 net/ipv4/fib_frontend.c                            |   1 +
 net/ipv4/sysctl_net_ipv4.c                         |   5 +-
 sound/core/rawmidi.c                               |  20 +-
 tools/testing/selftests/seccomp/seccomp_bpf.c      |  98 ++++-
 virt/kvm/eventfd.c                                 |   6 +-
 75 files changed, 1982 insertions(+), 276 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ