ELSA-2018-0395

Описание

• [3.10.0-693.21.1.OL7]
• Oracle Linux certificates (Alexey Petrenko)
• Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
• Update x509.genkey [bug 24817676]

[3.10.0-693.21.1]

• [x86] platform/uv: Mark tsc_check_sync as an init function (Frank Ramsay) [1547870 1526066]
• [x86] platform/uv: Add check of TSC state set by UV BIOS (Frank Ramsay) [1547870 1526066]
• [x86] tsc: Provide a means to disable TSC ART (Frank Ramsay) [1547870 1526066]
• [x86] tsc: Drastically reduce the number of firmware bug warnings (Frank Ramsay) [1547870 1526066]
• [x86] tsc: Skip TSC test and error messages if already unstable (Frank Ramsay) [1547870 1526066]
• [x86] tsc: Add option that TSC on Socket 0 being non-zero is valid (Frank Ramsay) [1547870 1526066]
• [x86] tsc: Remove the TSC_ADJUST clamp (Frank Ramsay) [1547870 1526066]

[3.10.0-693.20.1]

• [x86] locking/qspinlock: Fix kabi problem in a non-KVM/XEN VM (Waiman Long) [1539797 1533529]

[3.10.0-693.19.1]

• [watchdog] hpwdt: remove indirect call in drivers/watchdog/hpwdt.c (Josh Poimboeuf) [1539649 1535644]
• [kernel] x86/spec_ctrl: cleanup __ptrace_may_access (Josh Poimboeuf) [1539649 1535644]
• [x86] bugs: Drop one 'mitigation' from dmesg (Josh Poimboeuf) [1539649 1535644]
• [x86] kvm: vmx: Make indirect call speculation safe (Josh Poimboeuf) [1539649 1535644]
• [x86] kvm: x86: Make indirect calls in emulator speculation safe (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline: Optimize inline assembler for vmexit_fill_RSB (Josh Poimboeuf) [1539649 1535644]
• [x86] mce: Make machine check speculation protected (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: fix ptrace IBPB optimization (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: Avoid returns in IBRS-disabled regions (Josh Poimboeuf) [1539649 1535644]
• [x86] spectre/meltdown: avoid the vulnerability directory to weaken kernel security (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: Document retpolines and ibrs_enabled=3 (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: upgrade GCC retpoline warning to an error (Josh Poimboeuf) [1539649 1535644]
• [x86] Use IBRS for firmware update path (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: stuff RSB on context switch with SMEP enabled (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: enforce sane combinations of IBRS and retpoline (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: use upstream RSB stuffing function (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: add ibrs_enabled=3 (ibrs_user) (Josh Poimboeuf) [1539649 1535644]
• [kernel] x86/jump_label: warn on failed jump label patch (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: detect unretpolined modules (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline: Add LFENCE to the retpoline/RSB filling RSB macros (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline: Fill return stack buffer on vmexit (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline/xen: Convert Xen hypercall indirect jumps (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline/hyperv: Convert assembler indirect jumps (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline/ftrace: Convert ftrace assembler indirect jumps (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline/entry: Convert entry assembler indirect jumps (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline/crypto: Convert crypto assembler indirect jumps (Josh Poimboeuf) [1539649 1535644]
• [x86] retpoline: Add initial retpoline support (Josh Poimboeuf) [1539649 1535644]
• [x86] jump_label: add asm support for static keys (Josh Poimboeuf) [1539649 1535644]
• [x86] asm: Make asm/alternative.h safe from assembly (Josh Poimboeuf) [1539649 1535644]
• [tools] objtool: Support new GCC 6 switch jump table pattern (Josh Poimboeuf) [1539649 1535644]
• [tools] objtool: Detect jumps to retpoline thunks (Josh Poimboeuf) [1539649 1535644]
• [x86] spectre: Add boot time option to select Spectre v2 mitigation (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: print features changed by microcode loading (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: refactor the init and microcode loading paths (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: move initialization of X86_FEATURE_IBPB_SUPPORT (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: remove SPEC_CTRL_PCP_IBPB bit (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: remove ibrs_enabled variable (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: add ibp_disabled variable (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: add X86_FEATURE_IBP_DISABLE (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: remove IBP disable for AMD model 0x16 (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: remove performance measurements from documentation (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: make ipbp_enabled read-only (Josh Poimboeuf) [1539649 1535644]
• [x86] spec_ctrl: remove ibpb_enabled=2 mode (Josh Poimboeuf) [1539649 1535644]
• [x86] cpu: Implement CPU vulnerabilites sysfs functions (Josh Poimboeuf) [1539649 1535644]
• [base] sysfs/cpu: Add vulnerability folder (Josh Poimboeuf) [1539649 1535644]
• [x86] cpu: Merge bugs.c and bugs_64.c (Josh Poimboeuf) [1539649 1535644]
• [x86] syscall: int80 must not clobber r12-15 (Josh Poimboeuf) [1539649 1535644]
• [x86] syscall: change ia32_syscall() to create the full register frame in ia32_do_call() (Josh Poimboeuf) [1539649 1535644]
• [x86] boot: Add early cmdline parsing for options with arguments (Josh Poimboeuf) [1539649 1535644]
• [x86] boot: Pass in size to early cmdline parsing (Josh Poimboeuf) [1539649 1535644]
• [x86] boot: Simplify early command line parsing (Josh Poimboeuf) [1539649 1535644]
• [x86] boot: Fix early command-line parsing when partial word matches (Josh Poimboeuf) [1539649 1535644]
• [x86] boot: Fix early command-line parsing when matching at end (Josh Poimboeuf) [1539649 1535644]
• [scsi] storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (Cathy Avery) [1536978 1502601]
• [fs] nfs: RPC_MAX_AUTH_SIZE is in bytes ('J. Bruce Fields') [1533378 1495321]
• [fs] nfsd: give out fewer session slots as limit approaches (Dave Wysochanski) [1533377 1492234]
• [fs] nfsd: increase DRC cache limit (Dave Wysochanski) [1533377 1492234]
• [x86] kvm: x86: fix RSM when PCID is non-zero (Paolo Bonzini) [1531662 1530711]
• [x86] iommu/amd: Reduce delay waiting for command buffer space (Suravee Suthikulpanit) [1531456 1508644]
• [x86] iommu/amd: Reduce amount of MMIO when submitting commands (Suravee Suthikulpanit) [1531456 1508644]
• [x86] amd: Remove cmd_buf_size and evt_buf_size from struct amd_iommu (Suravee Suthikulpanit) [1531456 1508644]
• [x86] amd: Fix the left value check of cmd buffer (Suravee Suthikulpanit) [1531456 1508644]
• [x86] amd: Don't put completion-wait semaphore on stack (Suravee Suthikulpanit) [1531456 1508644]
• [x86] kvm: svm: obey guest PAT (Suravee Suthikulpanit) [1530976 1478185]
• [tty] serial: 8250_pci: Add Amazon PCI serial device ID (Vitaly Kuznetsov) [1530137 1527545]
• [ata] libata: sata_down_spd_limit should return if driver has not recorded sstatus speed (David Milburn) [1530136 1457140]
• [fs] nfs: fix a deadlock in nfs client initialization (Scott Mayhew) [1530135 1506382]
• [fs] nfsv4.0: Fix a lock leak in nfs40_walk_client_list (Scott Mayhew) [1530135 1506382]
• [fs] nfs: Create a common nfs4_match_client() function (Scott Mayhew) [1530135 1506382]
• [fs] autofs - revert: take more care to not update last_used on path walk (Ian Kent) [1525994 1489542]
• [vhost] vhost_net: correctly check tx avail during rx busy polling (Jason Wang) [1523784 1487551]
• [crypto] shash - Fix has_key setting (Herbert Xu) [1522932 1505817]
• [block] Fix a race between blk_cleanup_queue() and timeout handling (Ming Lei) [1522698 1513725]
• [x86] tsc: Force TSC_ADJUST register to value >= zero (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Validate cpumask pointer before accessing it (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Try to adjust TSC if sync test fails (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Prepare warp test for TSC adjustment (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Move sync cleanup to a safe place (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Sync test only for the first cpu in a package (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Verify TSC_ADJUST from idle (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Store and check TSC ADJUST MSR (Prarit Bhargava) [1519850 1497055]
• [x86] tsc: Detect random warps (Prarit Bhargava) [1519850 1497055]
• [x86] kvm: mmu: always terminate page walks at level 1 (Paolo Bonzini) [1500382 1500381] {CVE-2017-12188}
• [x86] kvm: nVMX: update last_nonleaf_level when initializing nested EPT (Denys Vlasenko) [1500382 1500381] {CVE-2017-12188}
• [x86] kvm: fix singlestepping over syscall (Paolo Bonzini) [1464480 1464481] {CVE-2017-7518}

[3.10.0-693.18.1]

• [md] raid5: fix a race condition in stripe batch (Nigel Croxon) [1535883 1496836]
• [security] selinux: fix double free in selinux_parse_opts_str() (Paul Moore) [1532288 1456843]
• [fs] nfs: revert 'nfs: Move the flock open mode check into nfs_flock()' (Benjamin Coddington) [1531095 1497225]