I'm announcing the release of the 4.14.43 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-devices-system-cpu | 1 Documentation/admin-guide/kernel-parameters.txt | 45 ++ Documentation/userspace-api/index.rst | 1 Documentation/userspace-api/spec_ctrl.rst | 94 ++++ Makefile | 2 arch/arm/include/asm/assembler.h | 10 arch/arm/include/asm/kvm_mmu.h | 16 arch/arm/kernel/traps.c | 5 arch/arm/lib/getuser.S | 10 arch/arm/probes/kprobes/opt-arm.c | 4 arch/arm64/include/asm/kvm_mmu.h | 16 arch/powerpc/kernel/setup-common.c | 11 arch/powerpc/platforms/powernv/opal-nvram.c | 14 arch/s390/kernel/irq.c | 5 arch/s390/kernel/perf_cpum_sf.c | 4 arch/x86/boot/compressed/eboot.c | 6 arch/x86/include/asm/cpufeatures.h | 18 arch/x86/include/asm/kvm_host.h | 2 arch/x86/include/asm/mmu_context.h | 2 arch/x86/include/asm/msr-index.h | 9 arch/x86/include/asm/nospec-branch.h | 43 +- arch/x86/include/asm/pkeys.h | 18 arch/x86/include/asm/spec-ctrl.h | 80 ++++ arch/x86/include/asm/thread_info.h | 4 arch/x86/kernel/cpu/amd.c | 22 + arch/x86/kernel/cpu/bugs.c | 397 ++++++++++++++++++++- arch/x86/kernel/cpu/common.c | 77 +++- arch/x86/kernel/cpu/cpu.h | 2 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/process.c | 146 +++++++ arch/x86/kernel/process_64.c | 1 arch/x86/kernel/smpboot.c | 5 arch/x86/kvm/cpuid.c | 21 - arch/x86/kvm/svm.c | 66 ++- arch/x86/kvm/vmx.c | 32 + arch/x86/kvm/x86.c | 13 arch/x86/mm/pkeys.c | 21 - arch/x86/xen/mmu.c | 4 arch/x86/xen/mmu_pv.c | 4 drivers/base/cpu.c | 8 drivers/gpu/drm/drm_drv.c | 2 drivers/gpu/drm/i915/i915_reg.h | 3 drivers/gpu/drm/i915/intel_engine_cs.c | 4 drivers/i2c/busses/i2c-designware-master.c | 5 drivers/s390/cio/qdio_setup.c | 12 drivers/s390/cio/vfio_ccw_cp.c | 13 drivers/spi/spi-bcm-qspi.c | 28 - drivers/spi/spi-pxa2xx.h | 2 drivers/tee/tee_shm.c | 5 drivers/usb/usbip/stub.h | 2 drivers/usb/usbip/stub_dev.c | 43 +- drivers/usb/usbip/stub_main.c | 105 ++++- fs/btrfs/ctree.c | 22 - fs/btrfs/ctree.h | 2 fs/btrfs/disk-io.c | 26 - fs/btrfs/inode.c | 13 fs/btrfs/props.c | 12 fs/btrfs/tree-log.c | 7 fs/btrfs/volumes.c | 9 fs/proc/array.c | 25 + include/linux/cpu.h | 2 include/linux/efi.h | 8 include/linux/nospec.h | 10 include/linux/sched.h | 10 include/linux/seccomp.h | 5 include/trace/events/xen.h | 16 include/uapi/linux/prctl.h | 12 include/uapi/linux/seccomp.h | 5 kernel/seccomp.c | 21 - kernel/sys.c | 23 + kernel/time/tick-broadcast.c | 8 lib/radix-tree.c | 6 lib/test_bitmap.c | 21 - mm/Kconfig | 1 net/ipv4/netfilter/nf_socket_ipv4.c | 6 net/ipv6/netfilter/nf_socket_ipv6.c | 6 net/netfilter/nf_tables_api.c | 67 +-- sound/core/control_compat.c | 3 sound/pci/hda/hda_intel.c | 2 sound/usb/mixer.c | 8 tools/testing/selftests/seccomp/seccomp_bpf.c | 22 + virt/kvm/arm/vgic/vgic-its.c | 19 - virt/kvm/arm/vgic/vgic-v3.c | 4 83 files changed, 1556 insertions(+), 311 deletions(-) Alexander Monakov (1): i2c: designware: fix poll-after-enable regression Anand Jain (1): btrfs: fix crash when trying to resume balance without the resume flag Andre Przywara (2): KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock Andy Shevchenko (1): spi: pxa2xx: Allow 64-bit DMA Ard Biesheuvel (1): efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Benjamin Herrenschmidt (1): powerpc: Don't preempt_disable() in show_cpuinfo() Borislav Petkov (3): Documentation/spec_ctrl: Do some minor cleanups x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Dave Hansen (2): x86/pkeys: Override pkey when moving away from PROT_EXEC x86/pkeys: Do not special case protection key 0 Dexuan Cui (1): tick/broadcast: Use for_each_cpu() specially on UP kernels Dmitry Safonov (1): x86/mm: Drop TS_COMPAT on 64-bit exec() syscall Federico Cuello (1): ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Filipe Manana (1): Btrfs: fix xattr loss after power failure Florian Westphal (2): netfilter: nf_tables: free set name in error path netfilter: nf_tables: can't fail after linking rule into active rule list Greg Kroah-Hartman (1): Linux 4.14.43 Halil Pasic (1): vfio: ccw: fix cleanup if cp_prefetch fails Haneen Mohammed (1): drm: Match sysfs name in link removal to link creation Hans de Goede (1): ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist Hendrik Brueckner (1): s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Jann Horn (1): tee: shm: fix use-after-free via temporarily dropped reference Jim Mattson (1): x86/cpu: Make alternative_msr_write work for 32-bit code Jiri Kosina (2): x86/bugs: Fix __ssb_select_mitigation() return type x86/bugs: Make cpu_show_common() static Julian Wiedmann (2): s390/qdio: fix access to uninitialized qdio_q fields s390/qdio: don't release memory in qdio_setup_irq() Kamal Dasu (2): spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL Kees Cook (6): nospec: Allow getting/setting on non-current task proc: Provide details on speculation flaw mitigations seccomp: Enable speculation flaw mitigations x86/bugs: Make boot modes __ro_after_init seccomp: Add filter flag to opt-out of SSB mitigation x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Konrad Rzeszutek Wilk (15): x86/bugs: Concentrate bug detection into a separate function x86/bugs: Concentrate bug reporting into a separate function x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits x86/bugs, KVM: Support the combination of guest and host IBRS x86/bugs: Expose /sys/../spec_store_bypass x86/cpufeatures: Add X86_FEATURE_RDS x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation x86/bugs/intel: Set proper CPU features and setup RDS x86/bugs: Whitelist allowed SPEC_CTRL MSR values x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest x86/bugs: Rename _RDS to _SSBD proc: Use underscores for SSBD in 'status' x86/bugs: Fix the parameters alignment and missing void x86/bugs: Rename SSBD_NO to SSB_NO Linus Torvalds (1): x86/nospec: Simplify alternative_msr_write() Liu Bo (1): btrfs: fix reading stale metadata blocks after degraded raid1 mounts Martin Schwidefsky (1): s390: remove indirect branch from do_softirq_own_stack Masami Hiramatsu (4): ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed ARM: 8770/1: kprobes: Prohibit probing on optimized_callback ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Matthew Wilcox (1): lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly Michel Thierry (1): drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk Misono Tomohiro (1): btrfs: property: Set incompat flag if lzo/zstd compression is set Nicholas Piggin (1): powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Nikolay Borisov (2): btrfs: Split btrfs_del_delalloc_inode into 2 functions btrfs: Fix delalloc inodes invalidation during transaction abort Pavel Tatashin (1): mm: don't allow deferred pages with NEED_PER_CPU_KM Robbie Ko (1): Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting Ross Zwisler (1): radix tree: fix multi-order iteration race Shuah Khan (1): usbip: usbip_host: refine probe and disconnect debug msgs to be useful Shuah Khan (Samsung OSG) (4): usbip: usbip_host: delete device from busid_table after rebind usbip: usbip_host: run rebind from exit when module is removed usbip: usbip_host: fix NULL-ptr deref and use-after-free errors usbip: usbip_host: fix bad unlock balance during stub_probe() Steven Rostedt (VMware) (1): tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Subash Abhinov Kasiviswanathan (1): netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} Thomas Gleixner (18): x86/speculation: Create spec-ctrl.h to avoid include hell prctl: Add speculation control prctls x86/process: Allow runtime control of Speculative Store Bypass x86/speculation: Add prctl for Speculative Store Bypass mitigation prctl: Add force disable speculation seccomp: Use PR_SPEC_FORCE_DISABLE seccomp: Move speculation migitation control to arch code KVM: SVM: Move spec control call after restore of GS x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS x86/cpufeatures: Disentangle SSBD enumeration x86/cpufeatures: Add FEATURE_ZEN x86/speculation: Handle HT correctly on AMD x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL x86/speculation: Rework speculative_store_bypass_update() x86/bugs: Expose x86_spec_ctrl_base directly x86/bugs: Remove x86_spec_ctrl_set() x86/bugs: Rework spec_ctrl base and mask logic x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Tom Lendacky (2): x86/speculation: Add virtualized speculative store bypass disable support KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Wenwen Wang (1): ALSA: control: fix a redundant-copy issue
Attachment:
signature.asc
Description: PGP signature
