-
Wed May 08 2019 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-124.26.12.el7uek]
- x86/mds: Add empty commit for CVE-2019-11091 (Konrad Rzeszutek Wilk) [Orabug: 29721935] {CVE-2019-11091}
- x86/microcode: Add loader version file in debugfs (Boris Ostrovsky) [Orabug: 29754165]
- x86/microcode: Fix CPU synchronization routine (Borislav Petkov) [Orabug: 29754165]
- x86/microcode: Synchronize late microcode loading (Borislav Petkov) [Orabug: 29754165]
-
Tue Apr 23 2019 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-124.26.11.el7uek]
- x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Konrad Rzeszutek Wilk) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Fix comment (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: update mds_mitigation to reflect debugfs configuration (Mihai Carabas) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: fix microcode late loading (Mihai Carabas) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add boot option to enable MDS protection only while in idle (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Improve coverage for MDS vulnerability (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds=full,nosmt cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Add MDS vulnerability documentation (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Move L1TF to separate directory (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation mode VMWERV (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add debugfs for controlling MDS (Kanth Ghatraju) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add sysfs reporting for MDS (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation control for MDS (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Clear CPU buffers on exit to user (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds_clear_cpu_buffers() (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Andi Kleen) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add BUG_MSBDS_ONLY (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add basic bug infrastructure for MDS (Andi Kleen) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Consolidate CPU whitelists (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/msr-index: Cleanup bit defines (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation/l1tf: Fix small spelling typo (Salvatore Bonaccorso) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Simplify the CPU bug detection logic (Dominik Brodowski) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
-
Fri Apr 19 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.10.el7uek]
- x86/apic: Make arch_setup_hwirq NUMA node aware (Henry Willard) [Orabug: 29534769]
-
Tue Apr 16 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.9.el7uek]
- KEYS: encrypted: fix buffer overread in valid_master_desc() (Eric Biggers) [Orabug: 29591025] {CVE-2017-13305}
-
Wed Apr 10 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.8.el7uek]
- scsi: target: remove hardcoded T10 Vendor ID in INQUIRY response (Alan Adamson) [Orabug: 29344862]
- scsi: target: add device vendor id, product id and revision configfs attributes (Alan Adamson) [Orabug: 29344862]
- scsi: target: consistently null-terminate t10_wwn strings (David Disseldorp) [Orabug: 29344862]
- scsi: target: use consistent left-aligned ASCII INQUIRY data (David Disseldorp) [Orabug: 29344862]
- ext4: fix data corruption caused by unaligned direct AIO (Lukas Czerner) [Orabug: 29553371]
- swiotlb: checking whether swiotlb buffer is full with io_tlb_used (Dongli Zhang) [Orabug: 29582587]
- swiotlb: add debugfs to track swiotlb buffer usage (Dongli Zhang) [Orabug: 29582587]
- swiotlb: fix comment on swiotlb_bounce() (Dongli Zhang) [Orabug: 29582587]
- NFSv4.1: nfs4_fl_prepare_ds must be careful about reporting success. (NeilBrown) [Orabug: 29617508]
-
Fri Mar 29 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.7.el7uek]
- ib_core: initialize shpd field when allocating 'struct ib_pd' (Mukesh Kacker) [Orabug: 29384815]
- Revert "x86/apic: Make arch_setup_hwirq NUMA node aware" (Brian Maly) [Orabug: 29542185]
- qlcnic: fix Tx descriptor corruption on 82xx devices (Shahed Shaikh) [Orabug: 27708787]
- block: Fix a race between blk_cleanup_queue() and timeout handling (Bart Van Assche) [Orabug: 29158186]
- can: gw: ensure DLC boundaries after CAN frame modification (Oliver Hartkopp) [Orabug: 29215299] {CVE-2019-3701} {CVE-2019-3701}
- CIFS: Enable encryption during session setup phase (Pavel Shilovsky) [Orabug: 29338239] {CVE-2018-1066}
- ext4: clear i_data in ext4_inode_info when removing inline data (Theodore Ts'o) [Orabug: 29540709] {CVE-2018-10881} {CVE-2018-10881}
- ext4: add more inode number paranoia checks (Theodore Ts'o) [Orabug: 29545566] {CVE-2018-10882} {CVE-2018-10882}
- Revert "KVM: nVMX: Eliminate vmcs02 pool" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM: VMX: introduce alloc_loaded_vmcs" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM: VMX: make MSR bitmaps per-VCPU" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM: x86: pass host_initiated to functions that read MSRs" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM/x86: Add IBPB support" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL - reloaded" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "KVM: SVM: Add MSR-based feature support for serializing LFENCE" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "x86/cpufeatures: rename X86_FEATURE_AMD_SSBD to X86_FEATURE_LS_CFG_SSBD" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "x86/bugs: Add AMD's SPEC_CTRL MSR usage" (Boris Ostrovsky) [Orabug: 29542029]
- Revert "x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR" (Boris Ostrovsky) [Orabug: 29542029]
- arch: x86: remove unsued SET_IBPB from spec_ctrl.h (Mihai Carabas) [Orabug: 29336760]
- x86: cpu: microcode: fix late loading SpectreV2 bugs eval (Mihai Carabas) [Orabug: 29336760]
- x86: cpu: microcode: fix late loading SSBD and L1TF bugs eval (Mihai Carabas) [Orabug: 29336760]
- x86: cpu: microcode: Re-evaluate bugs in a CPU after microcode loading (Mihai Carabas) [Orabug: 29336760]
- x86: cpu: microcode: update flags for all cpus (Mihai Carabas) [Orabug: 29336760]
-
Fri Mar 22 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.6.el7uek]
- x86/apic: Make arch_setup_hwirq NUMA node aware (Henry Willard) [Orabug: 29292411]
-
Thu Mar 21 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.5.el7uek]
- scsi: scsi_transport_iscsi: modify detected conn err to KERN_ERR (Fred Herard) [Orabug: 29487790]
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (Vasilis Liaskovitis) [Orabug: 29469740]
-
Tue Mar 19 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.26.4U.el7uek]
- bnxt_en: Fix race conditions in .ndo_get_stats64(). (Michael Chan) [Orabug: 29129625]
- ext4: always verify the magic number in xattr blocks (Theodore Ts'o) [Orabug: 29437127] {CVE-2018-10879} {CVE-2018-10879}
- ext4: add corruption check in ext4_xattr_set_entry() (Theodore Ts'o) [Orabug: 29437127] {CVE-2018-10879} {CVE-2018-10879}
- net: add netif_is_lag_port helper (Jiri Pirko) [Orabug: 29495360]
- net: add netif_is_lag_master helper (Jiri Pirko) [Orabug: 29495360]
- net: add netif_is_team_port helper (Jiri Pirko) [Orabug: 29495360]
- net: add netif_is_team_master helper (Jiri Pirko) [Orabug: 29495360]
-
Wed Mar 13 2019 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.1.12-124.26.3.el7uek]
- scsi: scsi_transport_iscsi: redirect conn error to console (Fred Herard) [Orabug: 29469714]
- Revert x86/apic/x2apic: set affinity of a single interrupt to one cpu (Mridula Shastry) [Orabug: 29449976]