diff options
author | Justin M. Forbes <jforbes@fedoraproject.org> | 2018-01-05 09:30:15 -0600 |
---|---|---|
committer | Justin M. Forbes <jforbes@fedoraproject.org> | 2018-01-05 09:30:15 -0600 |
commit | 05dab9c5372f7a71bfc95ba118e6ea0923d19eca (patch) | |
tree | 015ddca4ee0227716d2962a8a9d64ba71c58d391 | |
parent | b4569abca33d473095788b76cb49096c5a046d4e (diff) | |
download | kernel-05dab9c5372f7a71bfc95ba118e6ea0923d19eca.tar.gz kernel-05dab9c5372f7a71bfc95ba118e6ea0923d19eca.tar.xz kernel-05dab9c5372f7a71bfc95ba118e6ea0923d19eca.zip |
Linux v4.14.12
-rw-r--r-- | kernel.spec | 6 | ||||
-rw-r--r-- | sources | 1 | ||||
-rw-r--r-- | x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch | 46 |
3 files changed, 5 insertions, 48 deletions
diff --git a/kernel.spec b/kernel.spec index c6db63868..58226ae03 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 11 +%define stable_update 12 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -667,7 +667,6 @@ Patch628: HID-rmi-Check-that-a-device-is-a-RMI-device-before-c.patch Patch630: v4-KVM-Fix-stack-out-of-bounds-read-in-write_mmio.patch Patch631: cgroup-for-4.15-fixes-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch -Patch632: x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch # rhbz1514969 Patch633: 0001-platform-x86-dell-laptop-Filter-out-spurious-keyboar.patch @@ -2227,6 +2226,9 @@ fi # # %changelog +* Fri Jan 05 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.12-300 +- Linux v4.14.12 + * Thu Jan 04 2018 Hans de Goede <hdegoede@redhat.com> - Add a patch to filter false positive kbd backlight change events (#1514969) @@ -1,3 +1,4 @@ SHA512 (linux-4.14.tar.xz) = 77e43a02d766c3d73b7e25c4aafb2e931d6b16e870510c22cef0cdb05c3acb7952b8908ebad12b10ef982c6efbe286364b1544586e715cf38390e483927904d8 SHA512 (perf-man-4.14.tar.gz) = 76a9d8adc284cdffd4b3fbb060e7f9a14109267707ce1d03f4c3239cd70d8d164f697da3a0f90a363fbcac42a61d3c378afbcc2a86f112c501b9cb5ce74ef9f8 SHA512 (patch-4.14.11.xz) = 3fbaf02eb236d7490eb65e64b841fc43bd3abbbf97deef79b7457faf8005ef7f2cbaf5c4a8c3b2d22998f5197a5a98b6fef717ed60a34ff666fa7eaf8376118d +SHA512 (patch-4.14.12.xz) = b11b91503c9eb879b79cb16683204f5dbb467aac62dcfc1b025f889dc38016d990c0fd1879210226430e9f9ac6e168439b13603781188d67d213b12a334b4e5b diff --git a/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch b/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch deleted file mode 100644 index a7e0accb6..000000000 --- a/x86-cpu-x86-pti-Do-not-enable-PTI-on-AMD-processors.patch +++ /dev/null @@ -1,46 +0,0 @@ -From patchwork Wed Dec 27 05:43:54 2017 -Content-Type: text/plain; charset="utf-8" -MIME-Version: 1.0 -Content-Transfer-Encoding: 7bit -Subject: x86/cpu, x86/pti: Do not enable PTI on AMD processors -From: Tom Lendacky <thomas.lendacky@amd.com> -X-Patchwork-Id: 10133447 -Message-Id: <20171227054354.20369.94587.stgit@tlendack-t1.amdoffice.net> -To: x86@kernel.org -Cc: Dave Hansen <dave.hansen@linux.intel.com>, - linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>, - Andy Lutomirski <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, - Thomas Gleixner <tglx@linutronix.de>, Borislav Petkov <bp@suse.de> -Date: Tue, 26 Dec 2017 23:43:54 -0600 - -AMD processors are not subject to the types of attacks that the kernel -page table isolation feature protects against. The AMD microarchitecture -does not allow memory references, including speculative references, that -access higher privileged data when running in a lesser privileged mode -when that access would result in a page fault. - -Disable page table isolation by default on AMD processors by not setting -the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI -is set. - -Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> -Reviewed-by: Borislav Petkov <bp@suse.de> ---- - arch/x86/kernel/cpu/common.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c -index c47de4e..7d9e3b0 100644 ---- a/arch/x86/kernel/cpu/common.c -+++ b/arch/x86/kernel/cpu/common.c -@@ -923,8 +923,8 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c) - - setup_force_cpu_cap(X86_FEATURE_ALWAYS); - -- /* Assume for now that ALL x86 CPUs are insecure */ -- setup_force_cpu_bug(X86_BUG_CPU_INSECURE); -+ if (c->x86_vendor != X86_VENDOR_AMD) -+ setup_force_cpu_bug(X86_BUG_CPU_INSECURE); - - fpu__init_system(c); - |