Home Home > GIT Browse > SLE15-AZURE
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2019-05-15 11:32:55 +0200
committerTakashi Iwai <tiwai@suse.de>2019-05-15 11:32:55 +0200
commitc2d6df021acd7547a7dcf092e974210525002ebd (patch)
tree3f05e55713bcc6e9614c66fb6a4da31d546f492f
parentc1e9c04963c2cb1fee36cae28bff28389da29fe0 (diff)
Move MDS patches into sorted section, too
Also update/correct the patch tags
-rw-r--r--patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch2
-rw-r--r--patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch2
-rw-r--r--patches.arch/x86-msr-index-cleanup-bit-defines.patch2
-rw-r--r--patches.arch/x86-speculation-consolidate-cpu-whitelists.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-bug_msbds_only.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch3
-rw-r--r--patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch2
-rw-r--r--patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch3
-rw-r--r--patches.arch/x86-speculation-mds-add-smt-warning-message.patch3
-rw-r--r--patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch2
-rw-r--r--patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch2
-rw-r--r--patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch2
-rw-r--r--patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch3
-rw-r--r--patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch3
-rw-r--r--series.conf36
18 files changed, 34 insertions, 41 deletions
diff --git a/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch b/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
index ef439ddf46..551ba9ae99 100644
--- a/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
+++ b/patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
@@ -2,7 +2,7 @@ From: Andi Kleen <ak@linux.intel.com>
Date: Fri, 18 Jan 2019 16:50:23 -0800
Subject: x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
Git-commit: 6c4dbbd14730c43f4ed808a9c42ca41625925c22
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
X86_FEATURE_MD_CLEAR is a new CPUID bit which is set when microcode
diff --git a/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch b/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
index 72dc41269e..29ec748a0f 100644
--- a/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
+++ b/patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 27 Feb 2019 12:48:14 +0100
Subject: x86/kvm/vmx: Add MDS protection when L1D Flush is not active
Git-commit: 650b68a0622f933444a6d66936abb3103029413b
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
CPUs which are affected by L1TF and MDS mitigate MDS with the L1D Flush on
diff --git a/patches.arch/x86-msr-index-cleanup-bit-defines.patch b/patches.arch/x86-msr-index-cleanup-bit-defines.patch
index 4fed2b84e7..9f5a73614e 100644
--- a/patches.arch/x86-msr-index-cleanup-bit-defines.patch
+++ b/patches.arch/x86-msr-index-cleanup-bit-defines.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Thu, 21 Feb 2019 12:36:50 +0100
Subject: x86/msr-index: Cleanup bit defines
Git-commit: d8eabc37310a92df40d07c5a8afc53cebf996716
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Greg pointed out that speculation related bit defines are using (1 << N)
diff --git a/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch b/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
index a8953a02a2..f30478b90b 100644
--- a/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
+++ b/patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 27 Feb 2019 10:10:23 +0100
Subject: x86/speculation: Consolidate CPU whitelists
Git-commit: 36ad35131adacc29b328b9c8b6277a8bf0d6fd5d
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
The CPU vulnerability whitelists have some overlap and there are more
diff --git a/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch b/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
index 3b673bacec..fad4ad16e9 100644
--- a/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
@@ -2,7 +2,7 @@ From: Andi Kleen <ak@linux.intel.com>
Date: Fri, 18 Jan 2019 16:50:16 -0800
Subject: x86/speculation/mds: Add basic bug infrastructure for MDS
Git-commit: ed5194c2732c8084af9fd159c146ea92bf137128
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Microarchitectural Data Sampling (MDS), is a class of side channel attacks
diff --git a/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch b/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
index b6ebab3b9e..de1249b660 100644
--- a/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
+++ b/patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Fri, 1 Mar 2019 20:21:08 +0100
Subject: x86/speculation/mds: Add BUG_MSBDS_ONLY
Git-commit: e261f209c3666e842fd645a1e31f001c3a26def9
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
This bug bit is set on CPUs which are only affected by Microarchitectural
diff --git a/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch b/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
index d3303c9f25..dec6360c5c 100644
--- a/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
+++ b/patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
@@ -1,9 +1,8 @@
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Tue, 2 Apr 2019 09:59:33 -0500
Subject: x86/speculation/mds: Add mds=full,nosmt cmdline option
-Git-repo: tip/tip
Git-commit: d71eb0ce109a124b0fa714832823b9452f2762cf
-Patch-mainline: Queued in a subsystem tree
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Add the mds=full,nosmt cmdline option. This is like mds=full, but with
diff --git a/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch b/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
index 3d563bb801..a92f385657 100644
--- a/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
+++ b/patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Mon, 18 Feb 2019 23:13:06 +0100
Subject: x86/speculation/mds: Add mds_clear_cpu_buffers()
Git-commit: 6a9e529272517755904b7afa639f6db59ddb793e
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
The Microarchitectural Data Sampling (MDS) vulernabilities are mitigated by
diff --git a/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch b/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
index 0cc8bfbf56..4854312bca 100644
--- a/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Mon, 18 Feb 2019 22:04:08 +0100
Subject: x86/speculation/mds: Add mitigation control for MDS
Git-commit: bc1241700acd82ec69fde98c5763ce51086269f8
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Now that the mitigations are in place, add a command line parameter to
diff --git a/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch b/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
index 4f0e1f0f07..67da3599f5 100644
--- a/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 20 Feb 2019 09:40:40 +0100
Subject: x86/speculation/mds: Add mitigation mode VMWERV
Git-commit: 22dd8365088b6403630b82423cf906491859b65e
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
In virtualized environments it can happen that the host has the microcode
diff --git a/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch b/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
index 4405b7c895..3f3718f858 100644
--- a/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
@@ -1,9 +1,8 @@
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Wed, 17 Apr 2019 16:39:02 -0500
Subject: x86/speculation/mds: Add 'mitigations=' support for MDS
-Git-repo: tip/tip
Git-commit: 5c14068f87d04adc73ba3f41c2a303d3c3d1fa12
-Patch-mainline: Queued in a subsystem tree
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Add MDS to the new 'mitigations=' cmdline option.
diff --git a/patches.arch/x86-speculation-mds-add-smt-warning-message.patch b/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
index 0ba3c2f544..28772aceeb 100644
--- a/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
+++ b/patches.arch/x86-speculation-mds-add-smt-warning-message.patch
@@ -2,8 +2,7 @@ From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Tue, 2 Apr 2019 10:00:51 -0500
Subject: x86/speculation/mds: Add SMT warning message
Git-commit: 39226ef02bfb43248b7db12a4fdccb39d95318e3
-Git-repo: tip/tip
-Patch-mainline: Queued in a subsystem tree
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
MDS is vulnerable with SMT. Make that clear with a one-time printk
diff --git a/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch b/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
index 2a1c7ad669..f0fa6a4e0b 100644
--- a/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
+++ b/patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Mon, 18 Feb 2019 22:51:43 +0100
Subject: x86/speculation/mds: Add sysfs reporting for MDS
Git-commit: 8a4b06d391b0a42a373808979b5028f5c84d9c6a
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Add the sysfs reporting file for MDS. It exposes the vulnerability and
diff --git a/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch b/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
index 8501ae91ae..38c5a27958 100644
--- a/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
+++ b/patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Mon, 18 Feb 2019 23:42:51 +0100
Subject: x86/speculation/mds: Clear CPU buffers on exit to user
Git-commit: 04dcbdb8057827b043b3c71aa397c4c63e67d086
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Add a static key which controls the invocation of the CPU buffer clear
diff --git a/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch b/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
index e55065d925..e89ae29353 100644
--- a/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
+++ b/patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
@@ -2,7 +2,7 @@ From: Thomas Gleixner <tglx@linutronix.de>
Date: Mon, 18 Feb 2019 23:04:01 +0100
Subject: x86/speculation/mds: Conditionally clear CPU buffers on idle entry
Git-commit: 07f07f55a29cb705e221eda7894dd67ab81ef343
-Patch-mainline: v5.1-rc1
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
Add a static key which controls the invocation of the CPU buffer clear
diff --git a/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch b/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
index c9762dddd2..8ad7e115fb 100644
--- a/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
+++ b/patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
@@ -1,9 +1,8 @@
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 12 Apr 2019 17:50:58 -0400
Subject: x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
-Git-repo: tip/tip
Git-commit: e2c3c94788b08891dcf3dbe608f9880523ecd71b
-Patch-mainline: Queued in a subsystem tree
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
This code is only for CPUs which are affected by MSBDS, but are *not*
diff --git a/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch b/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
index cfcda3d0e4..90fe611911 100644
--- a/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
+++ b/patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
@@ -1,9 +1,8 @@
From: Josh Poimboeuf <jpoimboe@redhat.com>
Date: Tue, 2 Apr 2019 10:00:14 -0500
Subject: x86/speculation: Move arch_smt_update() call to after mitigation decisions
-Git-repo: tip/tip
Git-commit: 7c3658b20194a5b3209a143f63bc9c643c6a3ae2
-Patch-mainline: Queued in a subsystem tree
+Patch-mainline: v5.2-rc1
References: bsc#1111331, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130
arch_smt_update() now has a dependency on both Spectre v2 and MDS
diff --git a/series.conf b/series.conf
index 08dbbed8c0..9da79a9640 100644
--- a/series.conf
+++ b/series.conf
@@ -21902,6 +21902,23 @@
patches.drivers/iommu-vt-d-make-kernel-parameter-igfx_off-work-with-viommu
patches.drivers/net-ibmvnic-Update-MAC-address-settings-after-adapte.patch
patches.drivers/net-ibmvnic-Update-carrier-state-after-link-state-ch.patch
+ patches.arch/x86-msr-index-cleanup-bit-defines.patch
+ patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
+ patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
+ patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
+ patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
+ patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
+ patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
+ patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
+ patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
+ patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
+ patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
+ patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
+ patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
+ patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
+ patches.arch/x86-speculation-mds-add-smt-warning-message.patch
+ patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
+ patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
# dhowells/linux-fs keys-uefi
patches.suse/0001-KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch
@@ -21928,25 +21945,6 @@
# end of sorted patches
########################################################
- # MDS
- patches.arch/x86-msr-index-cleanup-bit-defines.patch
- patches.arch/x86-speculation-consolidate-cpu-whitelists.patch
- patches.arch/x86-speculation-mds-add-basic-bug-infrastructure-for-mds.patch
- patches.arch/x86-speculation-mds-add-bug_msbds_only.patch
- patches.arch/x86-kvm-expose-x86_feature_md_clear-to-guests.patch
- patches.arch/x86-speculation-mds-add-mds_clear_cpu_buffers.patch
- patches.arch/x86-speculation-mds-clear-cpu-buffers-on-exit-to-user.patch
- patches.arch/x86-kvm-vmx-add-mds-protection-when-l1d-flush-is-not-active.patch
- patches.arch/x86-speculation-mds-conditionally-clear-cpu-buffers-on-idle-entry.patch
- patches.arch/x86-speculation-mds-add-mitigation-control-for-mds.patch
- patches.arch/x86-speculation-mds-add-sysfs-reporting-for-mds.patch
- patches.arch/x86-speculation-mds-add-mitigation-mode-vmwerv.patch
- patches.arch/x86-speculation-mds-add-mds-full-nosmt-cmdline-option.patch
- patches.arch/x86-speculation-move-arch_smt_update-call-to-after-mitigation-decisions.patch
- patches.arch/x86-speculation-mds-add-smt-warning-message.patch
- patches.arch/x86-speculation-mds-print-smt-vulnerable-on-msbds-with-mitigations-off.patch
- patches.arch/x86-speculation-mds-add-mitigations-support-for-mds.patch
-
########################################################
#
# packaging-specific patches (tweaks for autobuild,