[kernel] r6629 - in
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian:
patches patches/series
Dann Frazier
dannf at costa.debian.org
Sat May 20 05:49:57 UTC 2006
Author: dannf
Date: Sat May 20 05:49:54 2006
New Revision: 6629
Added:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep1.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep2.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep3.dpatch
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak.dpatch
Modified:
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
Log:
* amd64-fp-reg-leak-dep[1-3].dpatch, amd64-fp-reg-leak.dpatch
[SECURITY][amd64] Fix an information leak that allows a process to see
a portion of the floating point state of other processes, possibly exposing
sensitive information.
See CVE-2006-1056
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog Sat May 20 05:49:54 2006
@@ -67,8 +67,13 @@
[SECURITY] Fix remote DoS vulnerability that allows IP fragmented
COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic
See CVE-2006-2272
+ * amd64-fp-reg-leak-dep[1-3].dpatch, amd64-fp-reg-leak.dpatch
+ [SECURITY][amd64] Fix an information leak that allows a process to see
+ a portion of the floating point state of other processes, possibly exposing
+ sensitive information.
+ See CVE-2006-1056
- -- dann frazier <dannf at debian.org> Sat, 20 May 2006 00:32:13 -0500
+ -- dann frazier <dannf at debian.org> Sat, 20 May 2006 00:48:15 -0500
kernel-source-2.6.8 (2.6.8-16sarge2) stable-security; urgency=high
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep1.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep1.dpatch Sat May 20 05:49:54 2006
@@ -0,0 +1,128 @@
+This patch is a dependency for the CVE-2006-1055 patch. Small modification to
+ensure that it applies cleanly to the 2.6.8 kernel.
+
+Signed-off-by: Troy Heber <troyh at debian.org>
+
+
+diff-tree 7180d4fb83085fef9d24b353f5bd79cf6fd98447 (from e99286744599a66195de4cd975d7ef4d643c2789)
+Author: Jan Beulich <jbeulich at novell.com>
+Date: Wed Jan 11 22:43:36 2006 +0100
+
+ [PATCH] x86_64: Fix 64bit FXSAVE encoding
+
+ The separation of the rex64 prefix (on fxsave/fxrstor) by way of using
+ a semicolon resulted in the prefix not always taking effect (because
+ when extended registers are needed for addressing, another rex prefix
+ would have been generated by the compiler), thus (depending on the
+ build) resulting in eventually getting 32-bit saves and/or restores.
+
+ Signed-Off-By: Jan Beulich <jbeulich at novell.com>
+ Signed-off-by: Andi Kleen <ak at suse.de>
+ Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+
+
+diff -urN start/include/asm-x86_64/i387.h x/include/asm-x86_64/i387.h
+--- start/include/asm-x86_64/i387.h 2004-08-13 23:36:58.000000000 -0600
++++ x/include/asm-x86_64/i387.h 2006-05-17 14:17:00.000000000 -0600
+@@ -76,7 +76,8 @@
+ static inline int restore_fpu_checking(struct i387_fxsave_struct *fx)
+ {
+ int err;
+- asm volatile("1: rex64 ; fxrstor (%[fx])\n\t"
++
++ asm volatile("1: rex64/fxrstor (%[fx])\n\t"
+ "2:\n"
+ ".section .fixup,\"ax\"\n"
+ "3: movl $-1,%[err]\n"
+@@ -87,7 +88,11 @@
+ " .quad 1b,3b\n"
+ ".previous"
+ : [err] "=r" (err)
+- : [fx] "r" (fx), "0" (0));
++#if 0 /* See comment in __fxsave_clear() below. */
++ : [fx] "r" (fx), "m" (*fx), "0" (0));
++#else
++ : [fx] "cdaSDb" (fx), "m" (*fx), "0" (0));
++#endif
+ if (unlikely(err))
+ init_fpu(current);
+ return err;
+@@ -96,7 +101,8 @@
+ static inline int save_i387_checking(struct i387_fxsave_struct __user *fx)
+ {
+ int err;
+- asm volatile("1: rex64 ; fxsave (%[fx])\n\t"
++
++ asm volatile("1: rex64/fxsave (%[fx])\n\t"
+ "2:\n"
+ ".section .fixup,\"ax\"\n"
+ "3: movl $-1,%[err]\n"
+@@ -106,19 +112,53 @@
+ " .align 8\n"
+ " .quad 1b,3b\n"
+ ".previous"
+- : [err] "=r" (err)
+- : [fx] "r" (fx), "0" (0));
++ : [err] "=r" (err), "=m" (*fx)
++#if 0 /* See comment in __fxsave_clear() below. */
++ : [fx] "r" (fx), "0" (0));
++#else
++ : [fx] "cdaSDb" (fx), "0" (0));
++#endif
+ if (unlikely(err))
+ __clear_user(fx, sizeof(struct i387_fxsave_struct));
+ return err;
+ }
+
++static inline void __fxsave_clear(struct task_struct *tsk)
++{
++ /* Using "rex64; fxsave %0" is broken because, if the memory operand
++ uses any extended registers for addressing, a second REX prefix
++ will be generated (to the assembler, rex64 followed by semicolon
++ is a separate instruction), and hence the 64-bitness is lost. */
++#if 0
++ /* Using "fxsaveq %0" would be the ideal choice, but is only supported
++ starting with gas 2.16. */
++ __asm__ __volatile__("fxsaveq %0"
++ : "=m" (tsk->thread.i387.fxsave));
++#elif 0
++ /* Using, as a workaround, the properly prefixed form below isn't
++ accepted by any binutils version so far released, complaining that
++ the same type of prefix is used twice if an extended register is
++ needed for addressing (fix submitted to mainline 2005-11-21). */
++ __asm__ __volatile__("rex64/fxsave %0"
++ : "=m" (tsk->thread.i387.fxsave));
++#else
++ /* This, however, we can work around by forcing the compiler to select
++ an addressing mode that doesn't require extended registers. */
++ __asm__ __volatile__("rex64/fxsave %P2(%1)"
++ : "=m" (tsk->thread.i387.fxsave)
++ : "cdaSDb" (tsk),
++ "i" (offsetof(__typeof__(*tsk),
++ thread.i387.fxsave)));
++#endif
++ __asm__ __volatile__("fnclex");
++}
++
+ static inline void kernel_fpu_begin(void)
+ {
+ struct thread_info *me = current_thread_info();
+- if (me->status & TS_USEDFPU) {
+- asm volatile("rex64 ; fxsave %0 ; fnclex"
+- : "=m" (me->task->thread.i387.fxsave));
++ if (me->status & TS_USEDFPU) {
++ __fxsave_clear(me->task);
++
+ me->status &= ~TS_USEDFPU;
+ return;
+ }
+@@ -127,8 +167,7 @@
+
+ static inline void save_init_fpu( struct task_struct *tsk )
+ {
+- asm volatile( "fxsave %0 ; fnclex"
+- : "=m" (tsk->thread.i387.fxsave));
++ __fxsave_clear(tsk);
+ tsk->thread_info->status &= ~TS_USEDFPU;
+ stts();
+ }
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep2.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep2.dpatch Sat May 20 05:49:54 2006
@@ -0,0 +1,41 @@
+This patch is a dependency for the CVE-2006-1055 patch, however there was a
+hunk of it that changed another inbetween patch. I removed "Hunk #1" of the
+origional commit because it is not a direct dependency.
+
+Signed-off-by: Troy Heber <troyh at debian.org>
+
+Author: Linus Torvalds <torvalds at evo.osdl.org>
+Date: Fri Jul 22 18:19:20 2005 -0400
+
+ x86: use alternative instructions for fnsave/fxsave too
+
+ This one ends up using an inline asm format that claims to read memory
+ and then clobber it (rather than just write it directly), which made it
+ easier to use the existing "alternative_input()" infrastructure support.
+
+ Now the fxsave code matches the fxrstor.
+
+diff --git a/include/asm-i386/i387.h b/include/asm-i386/i387.h
+index e678609..6747006 100644
+--- a/include/asm-i386/i387.h
++++ b/include/asm-i386/i387.h
+@@ -43,13 +43,12 @@ extern void kernel_fpu_begin(void);
+ */
+ static inline void __save_init_fpu( struct task_struct *tsk )
+ {
+- if ( cpu_has_fxsr ) {
+- asm volatile( "fxsave %0 ; fnclex"
+- : "=m" (tsk->thread.i387.fxsave) );
+- } else {
+- asm volatile( "fnsave %0 ; fwait"
+- : "=m" (tsk->thread.i387.fsave) );
+- }
++ alternative_input(
++ "fnsave %1 ; fwait ;" GENERIC_NOP2,
++ "fxsave %1 ; fnclex",
++ X86_FEATURE_FXSR,
++ "m" (tsk->thread.i387.fxsave)
++ :"memory");
+ tsk->thread_info->status &= ~TS_USEDFPU;
+ }
+
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep3.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak-dep3.dpatch Sat May 20 05:49:54 2006
@@ -0,0 +1,21 @@
+diff -urN orig/include/asm-x86_64/system.h work/include/asm-x86_64/system.h
+--- orig/include/asm-x86_64/system.h 2004-08-13 23:37:38.000000000 -0600
++++ work/include/asm-x86_64/system.h 2006-05-17 20:27:51.000000000 -0600
+@@ -123,7 +123,7 @@
+ * If you use variable sized constraints like "m" or "g" in the
+ * replacement maake sure to pad to the worst case length.
+ */
+-#define alternative_input(oldinstr, newinstr, feature, input) \
++#define alternative_input(oldinstr, newinstr, feature, input...) \
+ asm volatile ("661:\n\t" oldinstr "\n662:\n" \
+ ".section .altinstructions,\"a\"\n" \
+ " .align 8\n" \
+@@ -135,7 +135,7 @@
+ ".previous\n" \
+ ".section .altinstr_replacement,\"ax\"\n" \
+ "663:\n\t" newinstr "\n664:\n" /* replacement */ \
+- ".previous" :: "i" (feature), input)
++ ".previous" :: "i" (feature), ##input)
+
+ /*
+ * Clear and set 'TS' bit respectively
Added: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak.dpatch
==============================================================================
--- (empty file)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/amd64-fp-reg-leak.dpatch Sat May 20 05:49:54 2006
@@ -0,0 +1,233 @@
+This is the patch for CVE-2006-1055 Sarge 2.6.8, there are two dependencies for
+this patch. This patch is slightly different fromt he origional upstream because
+it also resolves the bug that introduced by the origional upstream patch.
+
+commit 6584014ec33ed34c5bf6c5af20a0951069bea7a9
+Author: Chuck Ebbert <76306.1226 at compuserve.com>
+Date: Sat Apr 29 14:07:49 2006 -0400
+
+ [PATCH] i386: fix broken FP exception handling
+
+ The FXSAVE information leak patch introduced a bug in FP exception
+ handling: it clears FP exceptions only when there are already
+ none outstanding. Mikael Pettersson reported that causes problems
+ with the Erlang runtime and has tested this fix.
+
+ Signed-off-by: Chuck Ebbert <76306.1226 at compuserve.com>
+ Acked-by: Mikael Pettersson <mikpe at it.uu.se>
+ Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+
+
+Signed-off-by: Troy Heber <troyh at hp.com>
+
+diff-tree 7466f9e72dac13452d871a3fb72fc7bd9c93c864 (from aa48603d1ba772d0a2b28ab73098be2119878eba)
+Author: Andi Kleen <ak at suse.de>
+Date: Wed Apr 19 07:17:31 2006 +0200
+
+ [PATCH] i386/x86-64: Fix x87 information leak between processes (CVE-2006-1056)
+
+ AMD K7/K8 CPUs only save/restore the FOP/FIP/FDP x87 registers in FXSAVE
+ when an exception is pending. This means the value leak through context
+ switches and allow processes to observe some x87 instruction state of
+ other processes.
+
+ This was actually documented by AMD, but nobody recognized it as being
+ different from Intel before.
+
+ The fix first adds an optimization: instead of unconditionally calling
+ FNCLEX after each FXSAVE test if ES is pending and skip it when not
+ needed. Then do a x87 load from a kernel variable to clear FOP/FIP/FDP.
+
+ This means other processes always will only see a constant value defined
+ by the kernel in their FP state.
+
+ I took some pain to make sure to chose a variable that's already in L1
+ during context switch to make the overhead of this low.
+
+ Also alternative() is used to patch away the new code on CPUs who don't
+ need it.
+
+ Patch for both i386/x86-64.
+
+ The problem was discovered originally by Jan Beulich. Richard Brunner
+ provided the basic code for the workarounds, with contribution from Jan.
+
+ This is CVE-2006-1056
+
+ Cc: richard.brunner at amd.com
+ Cc: jbeulich at novell.com
+ Signed-off-by: Andi Kleen <ak at suse.de>
+ Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+
+
+diff -urN start/arch/i386/kernel/cpu/amd.c work/arch/i386/kernel/cpu/amd.c
+--- start/arch/i386/kernel/cpu/amd.c 2004-08-13 23:38:04.000000000 -0600
++++ work/arch/i386/kernel/cpu/amd.c 2006-05-17 16:08:02.000000000 -0600
+@@ -186,6 +186,8 @@
+ set_bit(X86_FEATURE_K7, c->x86_capability);
+ break;
+ }
++ if (c->x86 >= 6)
++ set_bit(X86_FEATURE_FXSAVE_LEAK, c->x86_capability);
+
+ display_cacheinfo(c);
+ }
+diff -urN start/arch/x86_64/kernel/process.c work/arch/x86_64/kernel/process.c
+--- start/arch/x86_64/kernel/process.c 2006-02-08 22:55:59.000000000 -0700
++++ work/arch/x86_64/kernel/process.c 2006-05-17 16:09:50.000000000 -0600
+@@ -411,8 +411,6 @@
+ int cpu = smp_processor_id();
+ struct tss_struct *tss = &per_cpu(init_tss, cpu);
+
+- unlazy_fpu(prev_p);
+-
+ /*
+ * Reload esp0, LDT and the page table pointer:
+ */
+@@ -475,6 +473,12 @@
+ prev->userrsp = read_pda(oldrsp);
+ write_pda(oldrsp, next->userrsp);
+ write_pda(pcurrent, next_p);
++
++ /* This must be here to ensure both math_state_restore() and
++ kernel_fpu_begin() work consistently.
++ And the AMD workaround requires it to be after DS reload. */
++ unlazy_fpu(prev_p);
++
+ write_pda(kernelstack, (unsigned long)next_p->thread_info + THREAD_SIZE - PDA_STACKOFFSET);
+
+ /*
+diff -urN start/arch/x86_64/kernel/setup.c work/arch/x86_64/kernel/setup.c
+--- start/arch/x86_64/kernel/setup.c 2006-02-08 22:55:58.000000000 -0700
++++ work/arch/x86_64/kernel/setup.c 2006-05-17 16:08:02.000000000 -0600
+@@ -668,6 +668,10 @@
+ if ((level >= 0x0f48 && level < 0x0f50) || level >= 0x0f58)
+ set_bit(X86_FEATURE_K8_C, &c->x86_capability);
+
++ /* Enable workaround for FXSAVE leak */
++ if (c->x86 >= 6)
++ set_bit(X86_FEATURE_FXSAVE_LEAK, &c->x86_capability);
++
+ r = get_model_name(c);
+ if (!r) {
+ switch (c->x86) {
+diff -urN start/include/asm-i386/cpufeature.h work/include/asm-i386/cpufeature.h
+--- start/include/asm-i386/cpufeature.h 2004-08-13 23:37:30.000000000 -0600
++++ work/include/asm-i386/cpufeature.h 2006-05-17 16:12:10.000000000 -0600
+@@ -69,6 +69,7 @@
+ #define X86_FEATURE_K7 (3*32+ 5) /* Athlon */
+ #define X86_FEATURE_P3 (3*32+ 6) /* P3 */
+ #define X86_FEATURE_P4 (3*32+ 7) /* P4 */
++#define X86_FEATURE_FXSAVE_LEAK (3*32+10) /* FXSAVE leaks FOP/FIP/FOP */
+
+ /* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */
+ #define X86_FEATURE_EST (4*32+ 7) /* Enhanced SpeedStep */
+diff -urN start/include/asm-i386/i387.h work/include/asm-i386/i387.h
+--- start/include/asm-i386/i387.h 2006-05-17 15:59:34.000000000 -0600
++++ work/include/asm-i386/i387.h 2006-05-17 16:16:23.000000000 -0600
+@@ -13,6 +13,7 @@
+
+ #include <linux/sched.h>
+ #include <linux/init.h>
++#include <linux/kernel_stat.h>
+ #include <asm/processor.h>
+ #include <asm/sigcontext.h>
+ #include <asm/user.h>
+@@ -28,17 +29,38 @@
+ extern void kernel_fpu_begin(void);
+ #define kernel_fpu_end() do { stts(); preempt_enable(); } while(0)
+
++/* We need a safe address that is cheap to find and that is already
++ in L1 during context switch. The best choices are unfortunately
++ different for UP and SMP */
++#ifdef CONFIG_SMP
++#define safe_address (__per_cpu_offset[0])
++#else
++#define safe_address (kstat_cpu(0).cpustat.user)
++#endif
++
+ /*
+ * These must be called with preempt disabled
+ */
+ static inline void __save_init_fpu( struct task_struct *tsk )
+ {
++ /* Use more nops than strictly needed in case the compiler
++ varies code */
+ alternative_input(
+- "fnsave %1 ; fwait ;" GENERIC_NOP2,
+- "fxsave %1 ; fnclex",
++ "fnsave %[fx] ;fwait;" GENERIC_NOP8 GENERIC_NOP4,
++ "fxsave %[fx]\n"
++ "bt $7,%[fsw] ; jnc 1f ; fnclex\n1:",
+ X86_FEATURE_FXSR,
+- "m" (tsk->thread.i387.fxsave)
+- :"memory");
++ [fx] "m" (tsk->thread.i387.fxsave),
++ [fsw] "m" (tsk->thread.i387.fxsave.swd) : "memory");
++ /* AMD K7/K8 CPUs don't save/restore FDP/FIP/FOP unless an exception
++ is pending. Clear the x87 state here by setting it to fixed
++ values. safe_address is a random variable that should be in L1 */
++ alternative_input(
++ GENERIC_NOP8 GENERIC_NOP2,
++ "emms\n\t" /* clear stack tags */
++ "fildl %[addr]", /* set F?P to defined value */
++ X86_FEATURE_FXSAVE_LEAK,
++ [addr] "m" (safe_address));
+ tsk->thread_info->status &= ~TS_USEDFPU;
+ }
+
+diff -urN start/include/asm-x86_64/cpufeature.h work/include/asm-x86_64/cpufeature.h
+--- start/include/asm-x86_64/cpufeature.h 2004-08-13 23:36:59.000000000 -0600
++++ work/include/asm-x86_64/cpufeature.h 2006-05-17 16:17:11.000000000 -0600
+@@ -61,6 +61,7 @@
+ #define X86_FEATURE_CYRIX_ARR (3*32+ 2) /* Cyrix ARRs (= MTRRs) */
+ #define X86_FEATURE_CENTAUR_MCR (3*32+ 3) /* Centaur MCRs (= MTRRs) */
+ #define X86_FEATURE_K8_C (3*32+ 4) /* C stepping K8 */
++#define X86_FEATURE_FXSAVE_LEAK (3*32+7) /* FIP/FOP/FDP leaks through FXSAVE */
+
+ /* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */
+ #define X86_FEATURE_EST (4*32+ 7) /* Enhanced SpeedStep */
+diff -urN start/include/asm-x86_64/i387.h work/include/asm-x86_64/i387.h
+--- start/include/asm-x86_64/i387.h 2006-05-17 15:59:31.000000000 -0600
++++ work/include/asm-x86_64/i387.h 2006-05-17 16:08:02.000000000 -0600
+@@ -73,6 +73,23 @@
+ #define set_fpu_swd(t,val) ((t)->thread.i387.fxsave.swd = (val))
+ #define set_fpu_fxsr_twd(t,val) ((t)->thread.i387.fxsave.twd = (val))
+
++#define X87_FSW_ES (1 << 7) /* Exception Summary */
++
++/* AMD CPUs don't save/restore FDP/FIP/FOP unless an exception
++ is pending. Clear the x87 state here by setting it to fixed
++ values. The kernel data segment can be sometimes 0 and sometimes
++ new user value. Both should be ok.
++ Use the PDA as safe address because it should be already in L1. */
++static inline void clear_fpu_state(struct i387_fxsave_struct *fx)
++{
++ if (unlikely(fx->swd & X87_FSW_ES))
++ asm volatile("fnclex");
++ alternative_input(ASM_NOP8 ASM_NOP2,
++ " emms\n" /* clear stack tags */
++ " fildl %%gs:0", /* load to clear state */
++ X86_FEATURE_FXSAVE_LEAK);
++}
++
+ static inline int restore_fpu_checking(struct i387_fxsave_struct *fx)
+ {
+ int err;
+@@ -120,6 +137,7 @@
+ #endif
+ if (unlikely(err))
+ __clear_user(fx, sizeof(struct i387_fxsave_struct));
++ /* No need to clear here because the caller clears USED_MATH */
+ return err;
+ }
+
+@@ -150,7 +168,7 @@
+ "i" (offsetof(__typeof__(*tsk),
+ thread.i387.fxsave)));
+ #endif
+- __asm__ __volatile__("fnclex");
++ clear_fpu_state(&tsk->thread.i387.fxsave);
+ }
+
+ static inline void kernel_fpu_begin(void)
Modified: dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3
==============================================================================
--- dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3 (original)
+++ dists/sarge-security/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16sarge3 Sat May 20 05:49:54 2006
@@ -16,3 +16,7 @@
+ mcast-ip-route-null-deref.dpatch
+ sctp-fragment-recurse.dpatch
+ sctp-fragmented-receive-fix.dpatch
++ amd64-fp-reg-leak-dep1.dpatch
++ amd64-fp-reg-leak-dep2.dpatch
++ amd64-fp-reg-leak-dep3.dpatch
++ amd64-fp-reg-leak.dpatch
\ No newline at end of file
More information about the Kernel-svn-changes
mailing list