| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190514221939.GA18303@Gentoo>
Date: Wed, 15 May 2019 03:49:39 +0530
From: Bhaskar Chowdhury <unixbhaskar@...il.com>
To: Greg KH <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
torvalds@...ux-foundation.org, stable@...r.kernel.org, lwn@....net,
Jiri Slaby <jslaby@...e.cz>
Subject: Re: Linux 5.1.2
Thanks, a bunch Greg!
On 20:04 Tue 14 May , Greg KH wrote:
>I'm announcing the release of the 5.1.2 kernel.
>
>All users of the 5.1 kernel series must upgrade. Well, kind of, let me rephrase that...
>
>All users of Intel processors made since 2011 must upgrade.
>
>Note, this release, and the other stable releases that are all being
>released right now at the same time, just went out all contain patches
>that have only seen the "public eye" for about 5 minutes. So be
>forwarned, they might break things, they might not build, but hopefully
>they fix things. Odds are we will be fixing a number of small things in
>this area for the next few weeks as things shake out on real hardware
>and workloads. So don't think you are done updating your kernel, you
>never are done with that :)
>
>As for what specifically these changes fix, I'll let the tech news sites
>fill you in on the details. Or go read the excellently written Xen
>Security Advisory 297:
> https://xenbits.xen.org/xsa/advisory-297.html
>That should give you a good idea of what a number of people have been
>dealing with for many many many months now.
>
>Many thanks goes out to Thomas Gleixner for going above and beyond to do
>the backports to the 5.1, 5.0, 4.19, and 4.14 kernel trees, and to Ben
>Hutchings for doing the 4.9 work. And of course to all of the
>developers who have been working on this in secret and doing reviews of
>the many different proposals and versions of the patches.
>
>As I said before just over a year ago, Intel once again owes a bunch of
>people a lot of drinks for fixing their hardware bugs, in our
>software...
>
>Anyway, as usual, the updated 5.1.y git tree can be found at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.1.y
>and can be browsed at the normal kernel.org git web browser:
> https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
>
>thanks,
>
>greg k-h
>
>------------
>
> Documentation/ABI/testing/sysfs-devices-system-cpu | 4
> Documentation/admin-guide/hw-vuln/index.rst | 13
> Documentation/admin-guide/hw-vuln/l1tf.rst | 615 +++++++++++++++++++++
> Documentation/admin-guide/hw-vuln/mds.rst | 308 ++++++++++
> Documentation/admin-guide/index.rst | 6
> Documentation/admin-guide/kernel-parameters.txt | 62 ++
> Documentation/admin-guide/l1tf.rst | 614 --------------------
> Documentation/index.rst | 1
> Documentation/x86/conf.py | 10
> Documentation/x86/index.rst | 8
> Documentation/x86/mds.rst | 225 +++++++
> Makefile | 2
> arch/powerpc/kernel/security.c | 6
> arch/powerpc/kernel/setup_64.c | 2
> arch/s390/kernel/nospec-branch.c | 3
> arch/x86/entry/common.c | 3
> arch/x86/include/asm/cpufeatures.h | 3
> arch/x86/include/asm/irqflags.h | 4
> arch/x86/include/asm/msr-index.h | 39 -
> arch/x86/include/asm/mwait.h | 7
> arch/x86/include/asm/nospec-branch.h | 50 +
> arch/x86/include/asm/processor.h | 6
> arch/x86/kernel/cpu/bugs.c | 146 ++++
> arch/x86/kernel/cpu/common.c | 121 ++--
> arch/x86/kernel/nmi.c | 4
> arch/x86/kernel/traps.c | 8
> arch/x86/kvm/cpuid.c | 3
> arch/x86/kvm/vmx/vmx.c | 7
> arch/x86/mm/pti.c | 4
> drivers/base/cpu.c | 8
> include/linux/cpu.h | 26
> kernel/cpu.c | 15
> tools/power/x86/turbostat/Makefile | 2
> tools/power/x86/x86_energy_perf_policy/Makefile | 2
> 34 files changed, 1632 insertions(+), 705 deletions(-)
>
>Andi Kleen (2):
> x86/speculation/mds: Add basic bug infrastructure for MDS
> x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
>
>Boris Ostrovsky (1):
> x86/speculation/mds: Fix comment
>
>Greg Kroah-Hartman (1):
> Linux 5.1.2
>
>Josh Poimboeuf (9):
> x86/speculation/mds: Add mds=full,nosmt cmdline option
> x86/speculation: Move arch_smt_update() call to after mitigation decisions
> x86/speculation/mds: Add SMT warning message
> cpu/speculation: Add 'mitigations=' cmdline option
> x86/speculation: Support 'mitigations=' cmdline option
> powerpc/speculation: Support 'mitigations=' cmdline option
> s390/speculation: Support 'mitigations=' cmdline option
> x86/speculation/mds: Add 'mitigations=' support for MDS
> x86/speculation/mds: Fix documentation typo
>
>Konrad Rzeszutek Wilk (1):
> x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
>
>Thomas Gleixner (12):
> x86/msr-index: Cleanup bit defines
> x86/speculation: Consolidate CPU whitelists
> x86/speculation/mds: Add BUG_MSBDS_ONLY
> x86/speculation/mds: Add mds_clear_cpu_buffers()
> x86/speculation/mds: Clear CPU buffers on exit to user
> x86/kvm/vmx: Add MDS protection when L1D Flush is not active
> x86/speculation/mds: Conditionally clear CPU buffers on idle entry
> x86/speculation/mds: Add mitigation control for MDS
> x86/speculation/mds: Add sysfs reporting for MDS
> x86/speculation/mds: Add mitigation mode VMWERV
> Documentation: Move L1TF to separate directory
> Documentation: Add MDS vulnerability documentation
>
>Tyler Hicks (1):
> Documentation: Correct the possible MDS sysfs values
>
>speck for Pawan Gupta (1):
> x86/mds: Add MDSUM variant to the MDS documentation
>
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists