lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1646992640229107@kroah.com>
Date:   Fri, 11 Mar 2022 10:57:19 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
        torvalds@...ux-foundation.org, stable@...r.kernel.org
Cc:     lwn@....net, jslaby@...e.cz,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Linux 4.9.306

I'm announcing the release of the 4.9.306 kernel.

All users of the 4.9 kernel series must upgrade.

The updated 4.9.y git tree can be found at:
	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y
and can be browsed at the normal kernel.org git web browser:
	https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary

thanks,

greg k-h

------------

 Documentation/hw-vuln/index.rst          |    1 
 Documentation/hw-vuln/spectre.rst        |  785 +++++++++++++++++++++++++++++++
 Documentation/kernel-parameters.txt      |    8 
 Makefile                                 |    2 
 arch/arm/include/asm/assembler.h         |   10 
 arch/arm/include/asm/spectre.h           |   32 +
 arch/arm/kernel/Makefile                 |    2 
 arch/arm/kernel/entry-armv.S             |   79 ++-
 arch/arm/kernel/entry-common.S           |   24 
 arch/arm/kernel/spectre.c                |   71 ++
 arch/arm/kernel/traps.c                  |   65 ++
 arch/arm/kernel/vmlinux-xip.lds.S        |   45 +
 arch/arm/kernel/vmlinux.lds.S            |   45 +
 arch/arm/mm/Kconfig                      |   11 
 arch/arm/mm/proc-v7-bugs.c               |  199 ++++++-
 arch/x86/Kconfig                         |    4 
 arch/x86/Makefile                        |   11 
 arch/x86/include/asm/cpufeatures.h       |    2 
 arch/x86/include/asm/nospec-branch.h     |   41 +
 arch/x86/kernel/cpu/bugs.c               |  225 ++++++--
 drivers/block/xen-blkfront.c             |   67 +-
 drivers/firmware/psci.c                  |   15 
 drivers/net/xen-netfront.c               |   54 +-
 drivers/scsi/xen-scsifront.c             |    3 
 drivers/xen/gntalloc.c                   |   25 
 drivers/xen/grant-table.c                |   59 +-
 drivers/xen/xenbus/xenbus_client.c       |   24 
 include/linux/arm-smccc.h                |   74 ++
 include/linux/bpf.h                      |   11 
 include/linux/compiler-gcc.h             |    2 
 include/linux/module.h                   |    2 
 include/xen/grant_table.h                |   19 
 kernel/sysctl.c                          |    8 
 scripts/mod/modpost.c                    |    2 
 tools/arch/x86/include/asm/cpufeatures.h |    2 
 35 files changed, 1762 insertions(+), 267 deletions(-)

Borislav Petkov (1):
      x86/speculation: Merge one test in spectre_v2_user_select_mitigation()

Emmanuel Gil Peyrot (1):
      ARM: fix build error when BPF_SYSCALL is disabled

Greg Kroah-Hartman (1):
      Linux 4.9.306

Josh Poimboeuf (4):
      Documentation: Add swapgs description to the Spectre v1 documentation
      x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting
      x86/speculation: Warn about Spectre v2 LFENCE mitigation
      x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT

Juergen Gross (9):
      xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
      xen/grant-table: add gnttab_try_end_foreign_access()
      xen/blkfront: don't use gnttab_query_foreign_access() for mapped status
      xen/netfront: don't use gnttab_query_foreign_access() for mapped status
      xen/scsifront: don't use gnttab_query_foreign_access() for mapped status
      xen/gntalloc: don't use gnttab_query_foreign_access()
      xen: remove gnttab_query_foreign_access()
      xen/gnttab: fix gnttab_end_foreign_access() without page specified
      xen/netfront: react properly to failing gnttab_end_foreign_access_ref()

Kim Phillips (2):
      x86/speculation: Use generic retpoline by default on AMD
      x86/speculation: Update link to AMD speculation whitepaper

Lukas Bulwahn (1):
      Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization

Mark Rutland (1):
      arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit()

Masahiro Yamada (1):
      x86/build: Fix compiler support check for CONFIG_RETPOLINE

Nathan Chancellor (1):
      ARM: Do not use NOCROSSREFS directive with ld.lld

Peter Zijlstra (3):
      x86,bugs: Unconditionally allow spectre_v2=retpoline,amd
      x86/speculation: Add eIBRS + Retpoline options
      Documentation/hw-vuln: Update spectre doc

Peter Zijlstra (Intel) (1):
      x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE

Russell King (Oracle) (7):
      ARM: report Spectre v2 status through sysfs
      ARM: early traps initialisation
      ARM: use LOADADDR() to get load address of sections
      ARM: Spectre-BHB workaround
      ARM: include unprivileged BPF status in Spectre V2 reporting
      ARM: fix co-processor register typo
      ARM: fix build warning in proc-v7-bugs.c

Steven Price (1):
      arm/arm64: Provide a wrapper for SMCCC 1.1 calls

Tim Chen (1):
      Documentation: Add section about CPU vulnerabilities for Spectre

WANG Chao (1):
      x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE

Zhenzhong Duan (3):
      x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant
      x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
      x86/retpoline: Remove minimal retpoline support

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ