forked from rpms/kernel
		
	* Fri Aug 05 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-143.el9]
- sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed (Waiman Long) [2104946]
- intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- tools headers cpufeatures: Sync with the kernel sources (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- um: Add missing apply_returns() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Remove apostrophe typo (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Mark retbleed_strings static (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/static_call: Serialize __static_call_fixup() properly (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Disable RRSBA behavior (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kexec: Disable RET on kexec (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/common: Stamp out the stepping madness (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Convert launched argument to flags (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Do IBPB fallback check only once (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add retbleed=ibpb (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/xen: Add UNTRAIN_RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/xen: Rename SYS* entry points (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Update Retpoline validation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- intel_idle: Disable IBRS during long idle (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Add kernel IBRS implementation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: skip non-text sections when adding return-thunk sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Add magic AMD return-thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Treat .text.__x86.* as noinstr (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Avoid very early RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Use return-thunk in asm code (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bpf: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/ftrace: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86,static_call: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86,objtool: Create .return_sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Undo return-thunk damage (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Use -mfunction-return (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm/vmx: Make noinstr clean (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Fix register corruption in compat syscall (Waiman Long) [2090231]
- x86/entry: Remove skip_r11rcx (Waiman Long) [2090231]
- x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Waiman Long) [2090231]
- x86/entry: Simplify entry_INT80_compat() (Waiman Long) [2090231]
- x86/entry: Don't call error_entry() for XENPV (Waiman Long) [2090231]
- x86/entry: Move CLD to the start of the idtentry macro (Waiman Long) [2090231]
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (Waiman Long) [2090231]
- x86/entry: Switch the stack after error_entry() returns (Waiman Long) [2090231]
- x86/traps: Use pt_regs directly in fixup_bad_iret() (Waiman Long) [2090231]
- x86/retpoline: Add ANNOTATE_NOENDBR for retpolines (Waiman Long) [2090231]
- x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline (Waiman Long) [2090231]
- objtool: Fix SLS validation for kcov tail-call replacement (Waiman Long) [2090231]
- x86,static_call: Fix __static_call_return0 for i386 (Waiman Long) [2090231]
- crypto: x86/poly1305 - Fixup SLS (Waiman Long) [2090231]
- kvm/emulate: Fix SETcc emulation for ENDBR (Waiman Long) [2090231]
- x86/ibt: Annotate text references (Waiman Long) [2090231]
- x86/alternative: Simplify int3_selftest_ip (Waiman Long) [2090231]
- x86/ibt,kvm: Add ENDBR to fastops (Waiman Long) [2090231]
- x86/ibt,entry: Sprinkle ENDBR dust (Waiman Long) [2090231]
- x86/ibt,xen: Sprinkle the ENDBR (Waiman Long) [2090231]
- x86/entry: Cleanup PARAVIRT (Waiman Long) [2090231]
- x86/ibt: Add ANNOTATE_NOENDBR (Waiman Long) [2090231]
- redhat/configs: Disable CONFIG_X86_KERNEL_IBT (Waiman Long) [2090231]
- x86/ibt: Base IBT bits (Waiman Long) [2090231]
- objtool,efi: Update __efi64_thunk annotation (Waiman Long) [2090231]
- objtool: Fix truncated string warning (Waiman Long) [2090231]
- redhat/configs: Disable CONFIG_SLS (Waiman Long) [2090231]
- x86: Add straight-line-speculation mitigation (Waiman Long) [2090231]
- x86/alternative: Relax text_poke_bp() constraint (Waiman Long) [2090231]
- objtool: Add straight-line-speculation validation (Waiman Long) [2090231]
- x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2090231]
- x86: Prepare asm files for straight-line-speculation (Waiman Long) [2090231]
- x86/mce: Reduce number of machine checks taken during recovery (Waiman Long) [2090231]
- x86/lib/atomic64_386_32: Rename things (Waiman Long) [2090231]
- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2090231]
- x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2090231]
- x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (Waiman Long) [2090231]
- x86/entry: Use the correct fence macro after swapgs in kernel CR3 (Waiman Long) [2090231]
- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2090231]
- objtool: Fix pv_ops noinstr validation (Waiman Long) [2090231]
- static_call,x86: Robustify trampoline patching (Waiman Long) [2090231]
- x86/xen: switch initial pvops IRQ functions to dummy ones (Waiman Long) [2090231]
- bpf,x86: Respect X86_FEATURE_RETPOLINE* (Waiman Long) [2090231]
- x86/alternative: Add debug prints to apply_retpolines() (Waiman Long) [2090231]
- x86/alternative: Try inline spectre_v2=retpoline,amd (Waiman Long) [2090231]
- x86/alternative: Handle Jcc __x86_indirect_thunk_\reg (Waiman Long) [2090231]
- x86/alternative: Implement .retpoline_sites support (Waiman Long) [2090231]
- x86/retpoline: Create a retpoline thunk array (Waiman Long) [2090231]
- x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h (Waiman Long) [2090231]
- x86/asm: Fixup odd GEN-for-each-reg.h usage (Waiman Long) [2090231]
- x86/asm: Fix register order (Waiman Long) [2090231]
- x86/retpoline: Remove unused replacement symbols (Waiman Long) [2090231]
- objtool,x86: Replace alternatives with .retpoline_sites (Waiman Long) [2090231]
- objtool: Shrink struct instruction (Waiman Long) [2090231]
- objtool: Explicitly avoid self modifying code in .altinstr_replacement (Waiman Long) [2090231]
- objtool: Classify symbols (Waiman Long) [2090231]
- objtool: Remove reloc symbol type checks in get_alt_entry() (Waiman Long) [2090231]
- objtool: print out the symbol type when complaining about it (Waiman Long) [2090231]
- objtool: Teach get_alt_entry() about more relocation types (Waiman Long) [2090231]
- kbuild: reuse $(cmd_objtool) for cmd_cc_lto_link_modules (Waiman Long) [2090231]
- kbuild: detect objtool update without using .SECONDEXPANSION (Waiman Long) [2090231]
- kbuild: factor out OBJECT_FILES_NON_STANDARD check into a macro (Waiman Long) [2090231]
- kbuild: store the objtool command in *.cmd files (Waiman Long) [2090231]
- kbuild: rename __objtool_obj and reuse it for cmd_cc_lto_link_modules (Waiman Long) [2090231]
- kbuild: move objtool_args back to scripts/Makefile.build (Waiman Long) [2090231]
- x86/mce: Drop copyin special case for #MC (Waiman Long) [2090231]
- objtool: Support pv_opsindirect calls for noinstr (Waiman Long) [2090231]
- x86/xen: Rework the xen_{cpu,irq,mmu}_opsarrays (Waiman Long) [2090231]
- objtool: Handle __sanitize_cov*() tail calls (Waiman Long) [2090231]
- objtool: Introduce CFI hash (Waiman Long) [2090231]
- kbuild: clean up objtool_args slightly (Waiman Long) [2090231]
- kbuild: remove stale *.symversions (Waiman Long) [2090231]
- kbuild: remove unused quiet_cmd_update_lto_symversions (Waiman Long) [2090231]
- kbuild: Fix TRIM_UNUSED_KSYMS with LTO_CLANG (Waiman Long) [2090231]
- Makefile: remove stale cc-option checks (Waiman Long) [2090231]
- x86/build: Remove stale cc-option checks (Waiman Long) [2090231]
- xen: assume XENFEAT_mmu_pt_update_preserve_ad being set for pv guests (Waiman Long) [2090231]
- dmaengine: idxd: Fixup upstream merge conflict resolution (Jerry Snitselaar) [2100482]
- dmaengine: idxd: skip clearing device context when device is read-only (Jerry Snitselaar) [2100482]
- dmaengine: idxd: add RO check for wq max_transfer_size write (Jerry Snitselaar) [2100482]
- dmaengine: idxd: add RO check for wq max_batch_size write (Jerry Snitselaar) [2100482]
- dmaengine: idxd: fix device cleanup on disable (Jerry Snitselaar) [2100482]
- Revert "dmaengine: idxd: Separate user and kernel pasid enabling" (Jerry Snitselaar) [2100482]
Resolves: rhbz#2104946, rhbz#2090231, rhbz#2100482
Signed-off-by: Patrick Talbert <ptalbert@redhat.com>
		
	
			
		
			
				
	
	
		
			4 lines
		
	
	
		
			532 B
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			4 lines
		
	
	
		
			532 B
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| SHA512 (linux-5.14.0-143.el9.tar.xz) = f2ec32412c80e509e8192ccc866e4b9ece43a948609f854700ae3b4d57fcc6e4aac39e2656d28dede0da90ab21ccebd9b4f94480bde2ecfdb61caaaeb8c7c559
 | |
| SHA512 (kernel-abi-stablelists-5.14.0-143.el9.tar.bz2) = 0e7685ff0db53a448b3d85cbea8e8e6113577c4df8cdddb7dd6b4591a56fb6c1d39a22b9f2f7d56af6c500108a32195bbd088f66794a1f775113969f06ad34de
 | |
| SHA512 (kernel-kabi-dw-5.14.0-143.el9.tar.bz2) = b07e3d6617cc434bf03eb165691b8b64418260e0a97bf3da3959aa03d142ff345c94b4a0f0856246d2b2c6a6a713fd6495e9f2cb73244cf4cfc5a4b7525e7674
 |