[Xenial SRU] Xenial update to 4.4.144 stable release

Stefan Bader stefan.bader at canonical.com
Mon Sep 10 14:59:32 UTC 2018 

https://bugs.launchpad.net/ubuntu/xenial/+source/linux/+bug/1791080

This contained Spectre v4/SSB upstream updates which I tried to
merge into what we currently have. One part which I kept un-
changed is the way we handle IBRS/IBPB which I believe is still
different from upstream (boot options and maybe sysfs interface,
too.

There was some initial tree review on this and I did test boot
and ran the security-qrt suite on it. But I cannot say whether
this also contains tests to make sure Spectre variants are still
covered.

-Stefan

---

The following changes since commit 8a9a72bc36b86dbeb46d7a69e2782e617f4637f9:

  Linux 4.4.143 (2018-09-06 14:26:34 +0200)

are available in the git repository at:

  git://git.launchpad.net/~smb/+git/linux-xenial stable-4.4

for you to fetch changes up to 9dfe231c7a6d01554726f1d72dafa7da6b09779f:

  Linux 4.4.144 (2018-09-10 15:35:07 +0200)

----------------------------------------------------------------
Alan Jenkins (1):
      block: do not use interruptible wait anywhere

Alexey Brodkin (1):
      ARC: Fix CONFIG_SWAP

Andy Lutomirski (2):
      x86/mm: Give each mm TLB flush generation a unique ID
      x86/cpu: Re-apply forced caps every time CPU caps are re-read

Arnd Bergmann (1):
      x86/pti: Mark constant arrays as __initconst

Borislav Petkov (1):
      x86/cpu/AMD: Fix erratum 1076 (CPB bit)

Colin Ian King (1):
      ipv6: fix useless rol32 call on hash

Dan Williams (2):
      x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface
      x86/speculation: Fix up array_index_nospec_mask() asm constraint

Dave Hansen (1):
      x86/mm: Factor out LDT init from context init

David Ahern (1):
      net/ipv4: Set oif in fib_compute_spec_dst

David Woodhouse (3):
      UBUNTU: SAUCE: x86/speculation: Expose indirect_branch_prediction_barrier()
      x86/speculation: Use IBRS if available before calling into firmware
      x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen

Davidlohr Bueso (1):
      lib/rhashtable: consider param->min_size when setting initial table size

Denys Vlasenko (1):
      x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs

Dewet Thibaut (1):
      x86/MCE: Remove min interval polling limitation

Greg Kroah-Hartman (1):
      Linux 4.4.144

Gustavo A. R. Silva (1):
      ptp: fix missing break in switch

Heiner Kallweit (1):
      net: phy: fix flag masking in __set_phy_supported

Ingo Molnar (2):
      x86/speculation: Clean up various Spectre related details
      x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP

Jing Xia (1):
      mm: memcg: fix use after free in mem_cgroup_iter()

Juergen Gross (3):
      x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
      xen: set cpu capabilities from xen_start_kernel()
      x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths

Kyle Huey (1):
      x86/process: Correct and optimize TIF_BLOCKSTEP switch

Lan Tianyu (1):
      KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.

Lucas Stach (1):
      clk: tegra: Fix PLL_U post divider and initial rate on Tegra30

Mathias Nyman (1):
      xhci: Fix perceived dead host due to runtime suspend race with event handler

Mickaël Salaün (1):
      selftest/seccomp: Fix the seccomp(2) signature

Nick Desaulniers (1):
      x86/paravirt: Make native_save_fl() extern inline

OGAWA Hirofumi (1):
      fat: fix memory allocation failure handling of match_strdup()

Richard Weinberger (5):
      ubi: Introduce vol_ignored()
      ubi: Rework Fastmap attach base code
      ubi: Be more paranoid while seaching for the most recent Fastmap
      ubi: Fix races around ubi_refill_pools()
      ubi: Fix Fastmap's update_vol()

Sanjeev Bansal (1):
      tg3: Add higher cpu clock for 5762.

Sascha Hauer (1):
      ubi: fastmap: Erase outdated anchor PEBs during attach

Stefan Bader (5):
      UBUNTU: SAUCE: Add missing CPUID_7_EDX defines
      UBUNTU: SAUCE: Preserve SPEC_CTRL MSR in new inlines
      UBUNTU: SAUCE: Add Knights Mill to NO SSB list
      Revert "x86/cpufeatures: Add FEATURE_ZEN"
      Revert "x86/cpu/AMD: Fix erratum 1076 (CPB bit)"

Stefano Brivio (2):
      net: Don't copy pfmemalloc flag in __copy_skb_header()
      skbuff: Unconditionally copy pfmemalloc in __skb_clone()

Takashi Iwai (1):
      ALSA: rawmidi: Change resized buffers atomically

Thomas Gleixner (2):
      x86/process: Optimize TIF_NOTSC switch
      x86/cpufeatures: Add FEATURE_ZEN

Tim Chen (1):
      UBUNTU: SAUCE: x86/speculation: Use Indirect Branch Prediction Barrier in context switch

Tyler Hicks (1):
      ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns

Vineet Gupta (1):
      ARC: mm: allow mprotect to make stack mappings executable

 Makefile                                      |   2 +-
 arch/arc/include/asm/page.h                   |   2 +-
 arch/arc/include/asm/pgtable.h                |   2 +-
 arch/x86/entry/entry_64_compat.S              |  75 +++++++++-----
 arch/x86/include/asm/apm.h                    |   6 ++
 arch/x86/include/asm/barrier.h                |   2 +-
 arch/x86/include/asm/cpufeatures.h            |   5 +-
 arch/x86/include/asm/efi.h                    |   7 ++
 arch/x86/include/asm/irqflags.h               |   2 +-
 arch/x86/include/asm/mmu.h                    |  15 ++-
 arch/x86/include/asm/mmu_context.h            |  25 ++++-
 arch/x86/include/asm/msr-index.h              |   1 +
 arch/x86/include/asm/nospec-branch.h          |  30 ++++++
 arch/x86/include/asm/tlbflush.h               |  12 +++
 arch/x86/kernel/Makefile                      |   1 +
 arch/x86/kernel/cpu/amd.c                     |  27 ++---
 arch/x86/kernel/cpu/bugs.c                    |  31 +++---
 arch/x86/kernel/cpu/common.c                  |  12 ++-
 arch/x86/kernel/cpu/mcheck/mce.c              |   3 -
 arch/x86/kernel/irqflags.S                    |  26 +++++
 arch/x86/kernel/ldt.c                         |   4 +-
 arch/x86/kernel/process.c                     |  34 ++-----
 arch/x86/mm/tlb.c                             |  52 ++++++----
 arch/x86/platform/efi/efi_64.c                |   3 +
 arch/x86/xen/enlighten.c                      |  16 ++-
 arch/x86/xen/smp.c                            |   5 +
 arch/x86/xen/suspend.c                        |  16 +++
 block/blk-core.c                              |  10 +-
 drivers/clk/tegra/clk-tegra30.c               |  11 +-
 drivers/mtd/ubi/attach.c                      | 139 +++++++++++++++++++-------
 drivers/mtd/ubi/eba.c                         |   4 +-
 drivers/mtd/ubi/fastmap-wl.c                  |   6 +-
 drivers/mtd/ubi/fastmap.c                     |  51 ++++++++--
 drivers/mtd/ubi/ubi.h                         |  46 ++++++++-
 drivers/mtd/ubi/wl.c                          | 114 +++++++++++++++++----
 drivers/net/ethernet/broadcom/tg3.c           |   9 ++
 drivers/net/phy/phy_device.c                  |   7 +-
 drivers/ptp/ptp_chardev.c                     |   1 +
 drivers/usb/host/xhci.c                       |  40 +++++++-
 drivers/usb/host/xhci.h                       |   4 +
 fs/fat/inode.c                                |  20 ++--
 include/linux/skbuff.h                        |  12 +--
 include/net/ipv6.h                            |   2 +-
 lib/rhashtable.c                              |  17 ++--
 mm/memcontrol.c                               |   2 +-
 net/core/skbuff.c                             |   1 +
 net/ipv4/fib_frontend.c                       |   1 +
 net/ipv4/sysctl_net_ipv4.c                    |   5 +-
 sound/core/rawmidi.c                          |  20 ++--
 tools/testing/selftests/seccomp/seccomp_bpf.c |   4 +-
 virt/kvm/eventfd.c                            |   6 +-
 51 files changed, 709 insertions(+), 239 deletions(-)
 create mode 100644 arch/x86/kernel/irqflags.S

More information about the kernel-team mailing list