[linux] 01/01: Merge tag 'debian/4.9.65-3+deb9u2' into jessie-backports

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Fri Jan 5 15:58:37 UTC 2018 

This is an automated email from the git hooks/post-receive script.

jmm pushed a commit to branch jessie-backports
in repository linux.

commit a3827204ff34828516528874aeb03500fec02482
Merge: da84bdb ffa8fbd
Author: Moritz Mühlenhoff <mmuhlenhoff at wikimedia.org>
Date:   Fri Jan 5 16:57:57 2018 +0100

    Merge tag 'debian/4.9.65-3+deb9u2' into jessie-backports
    
    Release linux (4.9.65-3+deb9u2).

 debian/changelog                                   |   57 +-
 debian/config/amd64/config                         |    1 +
 debian/config/defines                              |    2 +-
 ...s_equal-comparison-of-pointer-and-unknown.patch |    8 +-
 ...dd-nokaiser-boot-option-using-alternative.patch |  652 ++++++++++
 .../kaiser-align-addition-to-x86-mm-makefile.patch |   26 +
 ...sm-tlbflush.h-handle-nopge-at-lower-level.patch |   86 ++
 ...aiser-cleanups-while-trying-for-gold-link.patch |  134 ++
 .../kaiser-delete-kaiser_real_switch-option.patch  |   79 ++
 .../all/kpti/kaiser-disabled-on-xen-pv.patch       |   42 +
 .../kaiser-do-not-set-_page_nx-on-pgd_none.patch   |  204 +++
 ...op-is_atomic-arg-to-kaiser_pagetable_walk.patch |   53 +
 .../kaiser-enhanced-by-kernel-and-user-pcids.patch |  402 ++++++
 ...iser-enomem-if-kaiser_pagetable_walk-null.patch |   52 +
 ...r-fix-build-and-fixme-in-alloc_ldt_struct.patch |   53 +
 .../all/kpti/kaiser-fix-perf-crashes.patch         |  150 +++
 ...r-fix-regs-to-do_nmi-ifndef-config_kaiser.patch |   72 ++
 ...er-fix-unlikely-error-in-alloc_ldt_struct.patch |   33 +
 .../all/kpti/kaiser-kaiser-depends-on-smp.patch    |   54 +
 ...er_flush_tlb_on_return_to_user-check-pcid.patch |   86 ++
 ...-kaiser_remove_mapping-move-along-the-pgd.patch |   50 +
 .../all/kpti/kaiser-kernel-address-isolation.patch |  979 +++++++++++++++
 ...new_mm_cr3-let-switch_user_cr3-flush-user.patch |  392 ++++++
 .../features/all/kpti/kaiser-merged-update.patch   | 1297 ++++++++++++++++++++
 ...name-that-0x1000-kaiser_shadow_pgd_offset.patch |   66 +
 ...noid_entry-pass-cr3-need-to-paranoid_exit.patch |  166 +++
 ...kaiser-pcid-0-for-kernel-and-128-for-user.patch |  129 ++
 ...ck-map-page_size-at-thread_size-page_size.patch |  139 +++
 .../kaiser-tidied-up-asm-kaiser.h-somewhat.patch   |  105 ++
 ...ied-up-kaiser_add-remove_mapping-slightly.patch |   50 +
 ...ternative-instead-of-x86_cr3_pcid_noflush.patch |  130 ++
 ...vmstat-show-nr_kaisertable-as-nr_overhead.patch |  116 ++
 ...86_cr3_pcid_noflush-and-x86_cr3_pcid_user.patch |  141 +++
 .../kpti/kpti-rename-to-page_table_isolation.patch |  329 +++++
 .../all/kpti/kpti-report-when-enabled.patch        |   48 +
 ...mdline-parsing-for-options-with-arguments.patch |  178 +++
 .../x86-kaiser-check-boottime-cmdline-params.patch |  123 ++
 .../x86-kaiser-move-feature-detection-up.patch     |   79 ++
 .../all/kpti/x86-kaiser-reenable-paravirt.patch    |   28 +
 ...-and-simplify-x86_feature_kaiser-handling.patch |   97 ++
 ...-64-Fix-reboot-interaction-with-CR4.PCIDE.patch |   45 +
 ...d-the-nopcid-boot-option-to-turn-off-PCID.patch |   77 ++
 .../x86-mm-Disable-PCID-on-32-bit-kernels.patch    |   82 ++
 ...-mm-Enable-CR4.PCIDE-on-supported-systems.patch |  114 ++
 .../x86-paravirt-dont-patch-flush_tlb_single.patch |   69 ++
 debian/patches/series                              |   45 +
 46 files changed, 7312 insertions(+), 8 deletions(-)

diff --cc debian/changelog
index ace98b8,5835b31..85be5c1
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,16 -1,53 +1,67 @@@
- linux (4.9.65-3+deb9u1~bpo8+1) jessie-backports; urgency=medium
++linux (4.9.65-3+deb9u2~bpo8+1) jessie-backports; urgency=medium
 +
 +  * Rebuild for jessie-backports:
 +    - Revert "[x86] psmouse: Enable MOUSE_PS2_VMMOUSE", which breaks
 +      xserver-xorg-input-vmmouse and several metapackages in jessie
 +    - Revert changes to use gcc-6 compiler, not found in jessie
-     - Change ABI number to 0.bpo.4
++    - Change ABI number to 0.bpo.5
 +    - Revert changes to flex and asciidoc build-dependencies
 +    - linux-image-dbg: Revert changes to packaging of debug symbols
 +    - Revert "enable `perf data' support" as libbabeltrace is not available
 +    - [mips*] Disable RELOCATABLE and RANDOMIZE_BASE.
 +
-  -- Ben Hutchings <ben at decadent.org.uk>  Sat, 23 Dec 2017 04:47:27 +0000
++ -- Moritz Muehlenhoff <jmm at debian.org>  Fri, 05 Jan 2017 10:58:41 +0000
++
+ linux (4.9.65-3+deb9u2) stretch-security; urgency=high
+ 
+   * x86: setup PCID, preparation work for KPTI.
+     - x86/mm/64: Fix reboot interaction with CR4.PCIDE
+     - x86/mm: Add the 'nopcid' boot option to turn off PCID
+     - x86/mm: Disable PCID on 32-bit kernels
+     - x86/mm: Enable CR4.PCIDE on supported systems
+   * [amd64] Implement Kernel Page Table Isolation (KPTI, aka KAISER)
+     (CVE-2017-5754)
+     - kaiser: add "nokaiser" boot option, using ALTERNATIVE
+     - kaiser: align addition to x86/mm/Makefile
+     - kaiser: asm/tlbflush.h handle noPGE at lower level
+     - kaiser: cleanups while trying for gold link
+     - kaiser: delete KAISER_REAL_SWITCH option
+     - kaiser: disabled on Xen PV
+     - kaiser: do not set _PAGE_NX on pgd_none
+     - kaiser: drop is_atomic arg to kaiser_pagetable_walk()
+     - kaiser: enhanced by kernel and user PCIDs
+     - kaiser: ENOMEM if kaiser_pagetable_walk() NULL
+     - kaiser: fix build and FIXME in alloc_ldt_struct()
+     - kaiser: fix perf crashes
+     - kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER
+     - kaiser: fix unlikely error in alloc_ldt_struct()
+     - kaiser: KAISER depends on SMP
+     - kaiser: kaiser_flush_tlb_on_return_to_user() check PCID
+     - kaiser: kaiser_remove_mapping() move along the pgd
+     - KAISER: Kernel Address Isolation
+     - x86_64: KAISER - do not map kernel in user mode
+     - kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user
+     - kaiser: merged update
+     - kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET
+     - kaiser: paranoid_entry pass cr3 need to paranoid_exit
+     - kaiser: PCID 0 for kernel and 128 for user
+     - kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE
+     - kaiser: tidied up asm/kaiser.h somewhat
+     - kaiser: tidied up kaiser_add/remove_mapping slightly
+     - kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush
+     - kaiser: vmstat show NR_KAISERTABLE as nr_overhead
+     - kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user
+     - KPTI: Rename to PAGE_TABLE_ISOLATION
+     - KPTI: Report when enabled
+     - x86/boot: Add early cmdline parsing for options with arguments
+     - x86/kaiser: Check boottime cmdline params
+     - x86/kaiser: Move feature detection up
+     - x86/kaiser: Reenable PARAVIRT
+     - x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling
+     - x86/paravirt: Dont patch flush_tlb_single
+   * Bump ABI to 5.
+ 
+  -- Yves-Alexis Perez <corsac at debian.org>  Thu, 04 Jan 2018 12:12:40 +0100
  
  linux (4.9.65-3+deb9u1) stretch-security; urgency=high
  
diff --cc debian/config/defines
index cff9448,da2b557..8655c86
--- a/debian/config/defines
+++ b/debian/config/defines
@@@ -1,5 -1,5 +1,5 @@@
  [abi]
- abiname: 0.bpo.4
 -abiname: 5
++abiname: 0.bpo.5
  ignore-changes:
   __cpuhp_*
   bpf_analyzer

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list