Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2024-03-13 22:16:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new.1770 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Wed Mar 13 22:16:13 2024 rev:724 rq:1157154 version:6.7.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2024-03-02 23:23:29.535426622 +0100
+++ /work/SRC/openSUSE:Factory/.kernel-source.new.1770/dtb-aarch64.changes
2024-03-13 22:16:21.407367653 +0100
@@ -1,0 +2,348 @@
+Thu Mar 7 06:54:25 CET 2024 - jsl...@suse.cz
+
+- Linux 6.7.9 (bsc#1012628).
+- mtd: spinand: gigadevice: Fix the get ecc status issue
+ (bsc#1012628).
+- ice: fix connection state of DPLL and out pin (bsc#1012628).
+- ice: fix dpll input pin phase_adjust value updates
+ (bsc#1012628).
+- ice: fix dpll and dpll_pin data access on PF reset
+ (bsc#1012628).
+- ice: fix dpll periodic work data updates on PF reset
+ (bsc#1012628).
+- ice: fix pin phase adjust updates on PF reset (bsc#1012628).
+- spi: cadence-qspi: fix pointer reference in runtime PM hooks
+ (bsc#1012628).
+- spi: cadence-qspi: remove system-wide suspend helper calls
+ from runtime PM hooks (bsc#1012628).
+- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
+ (bsc#1012628).
+- netlink: add nla be16/32 types to minlen array (bsc#1012628).
+- net: ip_tunnel: prevent perpetual headroom growth (bsc#1012628).
+- net: mctp: take ownership of skb in mctp_local_output
+ (bsc#1012628).
+- net: dpaa: fman_memac: accept phy-interface-type = "10gbase-r"
+ in the device tree (bsc#1012628).
+- tun: Fix xdp_rxq_info's queue_index when detaching
+ (bsc#1012628).
+- cpufreq: intel_pstate: fix pstate limits enforcement for
+ adjust_perf call back (bsc#1012628).
+- net: veth: clear GRO when clearing XDP even when down
+ (bsc#1012628).
+- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr()
+ (bsc#1012628).
+- lan78xx: enable auto speed configuration for LAN7850 if no
+ EEPROM is detected (bsc#1012628).
+- veth: try harder when allocating queue memory (bsc#1012628).
+- net: usb: dm9601: fix wrong return value in dm9601_mdio_read
+ (bsc#1012628).
+- net: lan78xx: fix "softirq work is pending" error (bsc#1012628).
+- uapi: in6: replace temporary label with rfc9486 (bsc#1012628).
+- stmmac: Clear variable when destroying workqueue (bsc#1012628).
+- Bluetooth: hci_sync: Check the correct flag before starting
+ a scan (bsc#1012628).
+- Bluetooth: Avoid potential use-after-free in hci_error_reset
+ (bsc#1012628).
+- Bluetooth: hci_sync: Fix accept_list when attempting to suspend
+ (bsc#1012628).
+- Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR
+ (bsc#1012628).
+- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST
+ (bsc#1012628).
+- Bluetooth: Enforce validation on max value of connection
+ interval (bsc#1012628).
+- Bluetooth: qca: Fix wrong event type for patch config command
+ (bsc#1012628).
+- Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT
+ (bsc#1012628).
+- Bluetooth: qca: Fix triggering coredump implementation
+ (bsc#1012628).
+- netfilter: nf_tables: allow NFPROTO_INET in
+ nft_(match/target)_validate() (bsc#1012628).
+- netfilter: bridge: confirm multicast packets before passing
+ them up the stack (bsc#1012628).
+- tools: ynl: fix handling of multiple mcast groups (bsc#1012628).
+- rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back
+ (bsc#1012628).
+- igb: extend PTP timestamp adjustments to i211 (bsc#1012628).
+- net: hsr: Use correct offset for HSR TLV values in supervisory
+ HSR frames (bsc#1012628).
+- tls: decrement decrypt_pending if no async completion will be
+ called (bsc#1012628).
+- tls: fix peeking with sync+async decryption (bsc#1012628).
+- tls: separate no-async decryption request handling from async
+ (bsc#1012628).
+- tls: fix use-after-free on failed backlog decryption
+ (bsc#1012628).
+- riscv: tlb: fix __p*d_free_tlb() (bsc#1012628).
+- efi/capsule-loader: fix incorrect allocation size (bsc#1012628).
+- power: supply: bq27xxx-i2c: Do not free non existing IRQ
+ (bsc#1012628).
+- ASoC: cs35l56: Must clear HALO_STATE before issuing SYSTEM_RESET
+ (bsc#1012628).
+- ALSA: Drop leftover snd-rtctimer stuff from Makefile
+ (bsc#1012628).
+- ASoC: qcom: Fix uninitialized pointer dmactl (bsc#1012628).
+- gpu: host1x: Skip reset assert on Tegra186 (bsc#1012628).
+- riscv: mm: fix NOCACHE_THEAD does not set bit[61] correctly
+ (bsc#1012628).
+- riscv: Fix build error if !CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION
+ (bsc#1012628).
+- ASoC: cs35l56: cs35l56_component_remove() must clear
+ cs35l56->component (bsc#1012628).
+- ASoC: cs35l56: cs35l56_component_remove() must clean up wm_adsp
+ (bsc#1012628).
+- ASoC: cs35l56: Don't add the same register patch multiple times
+ (bsc#1012628).
+- ASoC: cs35l56: Fix for initializing ASP1 mixer registers
+ (bsc#1012628).
+- ASoC: cs35l56: Fix misuse of wm_adsp 'part' string for silicon
+ revision (bsc#1012628).
+- ASoC: cs35l56: Fix deadlock in ASP1 mixer register
+ initialization (bsc#1012628).
+- ASoC: soc-card: Fix missing locking in
+ snd_soc_card_get_kcontrol() (bsc#1012628).
+- RISC-V: Ignore V from the riscv,isa DT property on older T-Head
+ CPUs (bsc#1012628).
+- drm/tegra: Remove existing framebuffer only if we support
+ display (bsc#1012628).
+- fbcon: always restore the old font data in fbcon_do_set_font()
+ (bsc#1012628).
+- afs: Fix endless loop in directory parsing (bsc#1012628).
+- drm/amd/display: Prevent potential buffer overflow in
+ map_hw_resources (bsc#1012628).
+- drivers: perf: added capabilities for legacy PMU (bsc#1012628).
+- drivers: perf: ctr_get_width function for legacy is not defined
+ (bsc#1012628).
+- Revert "riscv: mm: support Svnapot in huge vmap" (bsc#1012628).
+- riscv: Fix pte_leaf_size() for NAPOT (bsc#1012628).
+- riscv: Sparse-Memory/vmemmap out-of-bounds fix (bsc#1012628).
+- btrfs: fix race between ordered extent completion and fiemap
+ (bsc#1012628).
+- drm/nouveau: keep DMA buffers required for suspend/resume
+ (bsc#1012628).
+- of: property: fw_devlink: Fix stupid bug in remote-endpoint
+ parsing (bsc#1012628).
+- tomoyo: fix UAF write bug in tomoyo_write_control()
+ (bsc#1012628).
+- ALSA: firewire-lib: fix to check cycle continuity (bsc#1012628).
+- ALSA: ump: Fix the discard error code from snd_ump_legacy_open()
+ (bsc#1012628).
+- ALSA: hda/realtek: Fix top speaker connection on Dell Inspiron
+ 16 Plus 7630 (bsc#1012628).
+- ALSA: hda/realtek: tas2781: enable subwoofer volume control
+ (bsc#1012628).
+- ALSA: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8)
+ (bsc#1012628).
+- ALSA: hda/realtek: fix mute/micmute LED For HP mt440
+ (bsc#1012628).
+- ALSA: hda/realtek: Add special fixup for Lenovo 14IRP8
+ (bsc#1012628).
+- Bluetooth: hci_bcm4377: do not mark valid bd_addr as invalid
+ (bsc#1012628).
+- landlock: Fix asymmetric private inodes referring (bsc#1012628).
+- gtp: fix use-after-free and null-ptr-deref in gtp_newlink()
+ (bsc#1012628).
+- mm: cachestat: fix folio read-after-free in cache walk
+ (bsc#1012628).
+- mtd: rawnand: marvell: fix layouts (bsc#1012628).
+- wifi: nl80211: reject iftype change with mesh ID change
+ (bsc#1012628).
+- btrfs: fix double free of anonymous device after snapshot
+ creation failure (bsc#1012628).
+- btrfs: dev-replace: properly validate device names
+ (bsc#1012628).
+- btrfs: send: don't issue unnecessary zero writes for trailing
+ hole (bsc#1012628).
+- Revert "drm/amd/pm: resolve reboot exception for si oland"
+ (bsc#1012628).
+- drm/buddy: fix range bias (bsc#1012628).
+- drm/amdgpu/pm: Fix the power1_min_cap value (bsc#1012628).
+- drm/amd/display: Add monitor patch for specific eDP
+ (bsc#1012628).
+- soc: qcom: pmic_glink: Fix boot when QRTR=m (bsc#1012628).
+- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read
+ (bsc#1012628).
+- crypto: arm64/neonbs - fix out-of-bounds access on short input
+ (bsc#1012628).
+- dmaengine: ptdma: use consistent DMA masks (bsc#1012628).
+- dmaengine: fsl-edma: correct calculation of 'nbytes' in
+ multi-fifo scenario (bsc#1012628).
+- dmaengine: fsl-qdma: init irq after reg initialization
+ (bsc#1012628).
+- mmc: mmci: stm32: fix DMA API overlapping mappings warning
+ (bsc#1012628).
+- mmc: core: Fix eMMC initialization with 1-bit bus connection
+ (bsc#1012628).
+- mmc: sdhci-xenon: add timeout for PHY init complete
+ (bsc#1012628).
+- mmc: sdhci-xenon: fix PHY init clock stability (bsc#1012628).
+- ceph: switch to corrected encoding of max_xattr_size in mdsmap
+ (bsc#1012628).
+- RISC-V: Drop invalid test from CONFIG_AS_HAS_OPTION_ARCH
+ (bsc#1012628).
+- riscv: add CALLER_ADDRx support (bsc#1012628).
+- riscv: Fix enabling cbo.zero when running in M-mode
+ (bsc#1012628).
+- power: supply: mm8013: select REGMAP_I2C (bsc#1012628).
+- kbuild: Add -Wa,--fatal-warnings to as-instr invocation
+ (bsc#1012628).
+- iommufd: Fix iopt_access_list_id overwrite bug (bsc#1012628).
+- iommufd: Fix protection fault in iommufd_test_syz_conv_iova
+ (bsc#1012628).
+- efivarfs: Request at most 512 bytes for variable names
+ (bsc#1012628).
+- pmdomain: arm: Fix NULL dereference on scmi_perf_domain removal
+ (bsc#1012628).
+- pmdomain: qcom: rpmhpd: Fix enabled_corner aggregation
+ (bsc#1012628).
+- fprobe: Fix to allocate entry_data_size buffer with rethook
+ instances (bsc#1012628).
+- mm/debug_vm_pgtable: fix BUG_ON with pud advanced test
+ (bsc#1012628).
+- mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone
+ index (bsc#1012628).
+- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (bsc#1012628).
+- x86/cpu: Allow reducing x86_phys_bits during
+ early_identify_cpu() (bsc#1012628).
+- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask
+ registers (bsc#1012628).
+- mptcp: map v4 address to v6 when destroying subflow
+ (bsc#1012628).
+- mptcp: push at DSS boundaries (bsc#1012628).
+- selftests: mptcp: join: add ss mptcp support check
+ (bsc#1012628).
+- mptcp: fix snd_wnd initialization for passive socket
+ (bsc#1012628).
+- mptcp: fix potential wake-up event loss (bsc#1012628).
+- mptcp: fix double-free on socket dismantle (bsc#1012628).
+- mfd: twl6030-irq: Revert to use of_match_device() (bsc#1012628).
+- NFS: Fix data corruption caused by congestion (bsc#1012628).
+- af_unix: Drop oob_skb ref before purging queue in GC
+ (bsc#1012628).
+- ASoC: cs35l56: fix reversed if statement in
+ cs35l56_dspwait_asp1tx_put() (bsc#1012628).
+- dmaengine: dw-edma: Fix the ch_count hdma callback
+ (bsc#1012628).
+- dmaengine: dw-edma: Fix wrong interrupt bit set for HDMA
+ (bsc#1012628).
+- dmaengine: dw-edma: HDMA_V0_REMOTEL_STOP_INT_EN typo fix
+ (bsc#1012628).
+- dmaengine: dw-edma: Add HDMA remote interrupt configuration
+ (bsc#1012628).
+- dmaengine: dw-edma: HDMA: Add sync read before starting the
+ DMA transfer in remote setup (bsc#1012628).
+- dmaengine: dw-edma: eDMA: Add sync read before starting the
+ DMA transfer in remote setup (bsc#1012628).
+- phy: freescale: phy-fsl-imx8-mipi-dphy: Fix alias name to use
+ dashes (bsc#1012628).
+- phy: qcom: phy-qcom-m31: fix wrong pointer pass to PTR_ERR()
+ (bsc#1012628).
+- phy: qcom-qmp-usb: fix v3 offsets data (bsc#1012628).
+- dmaengine: idxd: Remove shadow Event Log head stored in idxd
+ (bsc#1012628).
+- dmaengine: idxd: Ensure safe user copy of completion record
+ (bsc#1012628).
+- powerpc/pseries/iommu: IOMMU table is not initialized for
+ kdump over SR-IOV (bsc#1012628).
+- powerpc/rtas: use correct function name for resetting TCE tables
+ (bsc#1012628).
+- gpio: 74x164: Enable output pins after registers are reset
+ (bsc#1012628).
+- gpiolib: Fix the error path order in
+ gpiochip_add_data_with_key() (bsc#1012628).
+- gpio: fix resource unwinding order in error path (bsc#1012628).
+- block: define bvec_iter as __packed __aligned(4) (bsc#1012628).
+- selftests: mptcp: add evts_get_info helper (bsc#1012628).
+- selftests: mptcp: add chk_subflows_total helper (bsc#1012628).
+- selftests: mptcp: update userspace pm test helpers
+ (bsc#1012628).
+- selftests: mptcp: add mptcp_lib_is_v6 (bsc#1012628).
+- selftests: mptcp: rm subflow with v4/v4mapped addr
+ (bsc#1012628).
+- drm/nouveau: don't fini scheduler before entity flush
+ (bsc#1012628).
+- Rename to
+
patches.kernel.org/6.7.9-121-mptcp-avoid-printing-warning-once-on-client-sid.patch.
+- Rename to
+
patches.kernel.org/6.7.9-127-mptcp-fix-possible-deadlock-in-subflow-diag.patch.
+- Rename to
+
patches.kernel.org/6.7.9-130-af_unix-Fix-task-hung-while-purging-oob_skb-in-.patch.
+- Rename to
+
patches.kernel.org/6.7.9-150-x86-entry_64-Add-VERW-just-before-userspace-tra.patch.
+- Rename to
+
patches.kernel.org/6.7.9-151-x86-entry_32-Add-VERW-just-before-userspace-tra.patch.
+- Rename to
+
patches.kernel.org/6.7.9-152-x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_cl.patch.
+- Rename to
+
patches.kernel.org/6.7.9-153-KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMR.patch.
+- Rename to
+
patches.kernel.org/6.7.9-154-KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mit.patch.
+- commit 752a7bc
+
+-------------------------------------------------------------------
+Mon Mar 4 19:13:14 CET 2024 - vkarasu...@suse.de
+
+- Update
+
patches.kernel.org/6.7.2-260-drm-sched-Fix-bounds-limiting-when-given-a-malf.patch
+ (bsc#1012628 bsc#1220322 CVE-2023-52461).
+- commit c6c85cb
+
+-------------------------------------------------------------------
+Mon Mar 4 18:11:57 CET 2024 - vkarasu...@suse.de
+
+- Update
+
patches.kernel.org/6.7.2-283-media-v4l-async-Fix-duplicated-list-deletion.patch
+ (bsc#1012628 bsc#1220318 CVE-2023-52459).
+- commit 57771fb
++++ 58 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
++++ and /work/SRC/openSUSE:Factory/.kernel-source.new.1770/dtb-aarch64.changes
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
dtb-riscv64.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.503739082 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.503739082 +0100
@@ -17,7 +17,7 @@
%define srcversion 6.7
-%define patchversion 6.7.7
+%define patchversion 6.7.9
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -25,9 +25,9 @@
%(chmod +x
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license,klp-symbols,splitflist,mergedep,moddep,modflist,kernel-subpackage-build})
Name: dtb-aarch64
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
dtb-riscv64.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.627743644 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.631743791 +0100
@@ -18,8 +18,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%define compress_modules zstd
%define compress_vmlinux xz
@@ -55,7 +55,7 @@
%global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu)
%define cpu_arch_flavor %cpu_arch/%build_flavor
-%global certs %( for f in %_sourcedir/*.crt; do
\
+%global certs %( space="" ; for f in %_sourcedir/*.crt; do
\
if ! test -e "$f"; then
\
continue
\
fi
\
@@ -69,7 +69,7 @@
cat "$f" >>%_sourcedir/.kernel_signing_key.pem
\
mkdir -p %_sourcedir/.kernel_signing_certs
\
openssl x509 -inform PEM -in "$f" -outform DER -out
%_sourcedir/.kernel_signing_certs/"$cert".crt \
- echo -n "$cert" ""
\
+ echo -n "$space$cert" ; space=" "
\
done )
%ifarch %ix86 x86_64
@@ -113,9 +113,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0-only
Group: System/Kernel
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
kernel-debug.spec: same change
kernel-default.spec: same change
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.727747323 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.731747470 +0100
@@ -17,8 +17,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%define build_html 1
%define build_pdf 0
@@ -31,9 +31,9 @@
Summary: Kernel Documentation
License: GPL-2.0-only
Group: Documentation/Man
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.759748501 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.763748648 +0100
@@ -18,8 +18,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%define compress_modules zstd
%define compress_vmlinux xz
@@ -55,7 +55,7 @@
%global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu)
%define cpu_arch_flavor %cpu_arch/%build_flavor
-%global certs %( for f in %_sourcedir/*.crt; do
\
+%global certs %( space="" ; for f in %_sourcedir/*.crt; do
\
if ! test -e "$f"; then
\
continue
\
fi
\
@@ -69,7 +69,7 @@
cat "$f" >>%_sourcedir/.kernel_signing_key.pem
\
mkdir -p %_sourcedir/.kernel_signing_certs
\
openssl x509 -inform PEM -in "$f" -outform DER -out
%_sourcedir/.kernel_signing_certs/"$cert".crt \
- echo -n "$cert" ""
\
+ echo -n "$space$cert" ; space=" "
\
done )
%ifarch %ix86 x86_64
@@ -113,9 +113,9 @@
Summary: The Small Developer Kernel for KVM
License: GPL-2.0-only
Group: System/Kernel
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.823750855 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.827751002 +0100
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 6.7.7
+%define patchversion 6.7.9
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -44,7 +44,7 @@
%endif
%endif
%endif
-BuildRequires:
kernel%kernel_flavor-srchash-1ff84c539098385746e3fa3aaf975296fb8e6791
+BuildRequires:
kernel%kernel_flavor-srchash-6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%if 0%{?rhel_version}
BuildRequires: kernel
@@ -60,9 +60,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0-only
Group: SLES
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.859752179 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.863752327 +0100
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 6.7.7
+%define patchversion 6.7.9
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0-only
Group: SLES
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.899753651 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.899753651 +0100
@@ -18,8 +18,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%define compress_modules zstd
%define compress_vmlinux xz
@@ -55,7 +55,7 @@
%global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu)
%define cpu_arch_flavor %cpu_arch/%build_flavor
-%global certs %( for f in %_sourcedir/*.crt; do
\
+%global certs %( space="" ; for f in %_sourcedir/*.crt; do
\
if ! test -e "$f"; then
\
continue
\
fi
\
@@ -69,7 +69,7 @@
cat "$f" >>%_sourcedir/.kernel_signing_key.pem
\
mkdir -p %_sourcedir/.kernel_signing_certs
\
openssl x509 -inform PEM -in "$f" -outform DER -out
%_sourcedir/.kernel_signing_certs/"$cert".crt \
- echo -n "$cert" ""
\
+ echo -n "$space$cert" ; space=" "
\
done )
%ifarch %ix86 x86_64
@@ -113,9 +113,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0-only
Group: System/Kernel
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.931754828 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.935754976 +0100
@@ -17,8 +17,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
%endif
Name: kernel-source
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.963756006 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.963756006 +0100
@@ -16,7 +16,7 @@
#
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -25,10 +25,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0-only
Group: Development/Sources
-Version: 6.7.7
+Version: 6.7.9
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:31.991757036 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:31.995757183 +0100
@@ -18,8 +18,8 @@
%define srcversion 6.7
-%define patchversion 6.7.7
-%define git_commit 1ff84c539098385746e3fa3aaf975296fb8e6791
+%define patchversion 6.7.9
+%define git_commit 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
%define variant %{nil}
%define compress_modules zstd
%define compress_vmlinux xz
@@ -55,7 +55,7 @@
%global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu)
%define cpu_arch_flavor %cpu_arch/%build_flavor
-%global certs %( for f in %_sourcedir/*.crt; do
\
+%global certs %( space="" ; for f in %_sourcedir/*.crt; do
\
if ! test -e "$f"; then
\
continue
\
fi
\
@@ -69,7 +69,7 @@
cat "$f" >>%_sourcedir/.kernel_signing_key.pem
\
mkdir -p %_sourcedir/.kernel_signing_certs
\
openssl x509 -inform PEM -in "$f" -outform DER -out
%_sourcedir/.kernel_signing_certs/"$cert".crt \
- echo -n "$cert" ""
\
+ echo -n "$space$cert" ; space=" "
\
done )
%ifarch %ix86 x86_64
@@ -113,9 +113,9 @@
Summary: The Standard Kernel - without any SUSE patches
License: GPL-2.0-only
Group: System/Kernel
-Version: 6.7.7
+Version: 6.7.9
%if 0%{?is_kotd}
-Release: <RELEASE>.g1ff84c5
+Release: <RELEASE>.g6049de6
%else
Release: 0
%endif
kernel-zfcpdump.spec: same change
++++++ README.SUSE ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:32.123761892 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:32.127762039 +0100
@@ -187,8 +187,17 @@
* third-party support: "supported: external",
* unsupported modules: no supported tag.
-At runtime, the setting of the "unsupported" kernel command line parameter and
-`/proc/sys/kernel/unsupported` determines whether unsupported modules can be
+At runtime, the support status of a module can be obtained by reading
+`/sys/module/$MODULE/supported`.
+
+Note that this information is available only if the module was not built
+directly into the kernel. Builtin modules are implicitly supported.
+
+The aggregated support status for the entire kernel can be inspected by reading
+`/sys/kernel/supported`. The value is also included in Oopses.
+
+The setting of the "unsupported" kernel command line parameter and
+`/proc/sys/kernel/unsupported` controls whether unsupported modules can be
loaded or not, and whether or not loading an unsupported module causes a
warning
in the system log:
@@ -196,9 +205,9 @@
* 1 = warn when loading unsupported modules,
* 2 = don't warn.
-Irrespective of this setting, loading an externally supported or unsupported
-module both set a kernel taint flag. The taint flags are included in Oopses.
The
-taint status of the kernel can be inspected in `/proc/sys/kernel/tainted`.
+Irrespective of this setting, loading an unsupported module sets a kernel taint
+flag. The taint status of the kernel can be inspected in
+`/proc/sys/kernel/tainted`. The taint flags are also included in Oopses.
Relevant bits have the following meaning:
| Bit | Log | Number | Reason that got the kernel tainted |
@@ -209,7 +218,9 @@
| 16 | â£/X | 65536 | module with third-party support was loaded
|
| 31 | â£/N | 2147483648 | unsupported module was loaded
|
-Bits 16 and 31 are specific to the SUSE kernels.
+Bits 16 and 31 are specific to the SUSE kernels. Since SLE15-SP6, loading an
+externally supported module does not taint the kernel, but bit 16 (X) is still
+tracked per module and can be read in `/sys/module/$MODULE/taint`.
Out-of-tree modules do not have the supported flag set by default; that
is, they are marked as unsupported. For building externally supported
++++++ kernel-binary.spec.in ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:32.319769103 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:32.319769103 +0100
@@ -55,7 +55,7 @@
%global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu)
%define cpu_arch_flavor %cpu_arch/%build_flavor
-%global certs %( for f in %_sourcedir/*.crt; do
\
+%global certs %( space="" ; for f in %_sourcedir/*.crt; do
\
if ! test -e "$f"; then
\
continue
\
fi
\
@@ -69,7 +69,7 @@
cat "$f" >>%_sourcedir/.kernel_signing_key.pem
\
mkdir -p %_sourcedir/.kernel_signing_certs
\
openssl x509 -inform PEM -in "$f" -outform DER -out
%_sourcedir/.kernel_signing_certs/"$cert".crt \
- echo -n "$cert" ""
\
+ echo -n "$space$cert" ; space=" "
\
done )
%ifarch %ix86 x86_64
++++++ patches.kernel.org.tar.bz2 ++++++
++++ 14795 lines of diff (skipped)
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/Bluetooth-btmtk-Add-MODULE_FIRMWARE-for-MT7922.patch
new/patches.suse/Bluetooth-btmtk-Add-MODULE_FIRMWARE-for-MT7922.patch
--- old/patches.suse/Bluetooth-btmtk-Add-MODULE_FIRMWARE-for-MT7922.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/Bluetooth-btmtk-Add-MODULE_FIRMWARE-for-MT7922.patch
2024-03-07 06:54:25.000000000 +0100
@@ -0,0 +1,50 @@
+From: Takashi Iwai <ti...@suse.de>
+Subject: [PATCH] Bluetooth: btmtk: Add MODULE_FIRMWARE() for MT7922
+Date: Tue, 27 Feb 2024 11:29:14 +0100
+Message-id: <20240227102914.8341-1-ti...@suse.de>
+Patch-mainline: Submitted, linux-bluetooth ML
+References: bsc#1214133
+
+Since dracut refers to the module info for defining the required
+firmware files and btmtk driver doesn't provide the firmware info for
+MT7922, the generate initrd misses the firmware, resulting in the
+broken Bluetooth.
+
+This patch simply adds the MODULE_FIRMWARE() for the missing entry
+for covering that.
+
+Link: https://bugzilla.suse.com/show_bug.cgi?id=1214133
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+
+---
+ drivers/bluetooth/btmtk.c | 1 +
+ drivers/bluetooth/btmtk.h | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/drivers/bluetooth/btmtk.c b/drivers/bluetooth/btmtk.c
+index aaabb732082c..e5138a207f37 100644
+--- a/drivers/bluetooth/btmtk.c
++++ b/drivers/bluetooth/btmtk.c
+@@ -420,5 +420,6 @@ MODULE_LICENSE("GPL");
+ MODULE_FIRMWARE(FIRMWARE_MT7622);
+ MODULE_FIRMWARE(FIRMWARE_MT7663);
+ MODULE_FIRMWARE(FIRMWARE_MT7668);
++MODULE_FIRMWARE(FIRMWARE_MT7922);
+ MODULE_FIRMWARE(FIRMWARE_MT7961);
+ MODULE_FIRMWARE(FIRMWARE_MT7925);
+diff --git a/drivers/bluetooth/btmtk.h b/drivers/bluetooth/btmtk.h
+index 56f5502baadf..cbcdb99a22e6 100644
+--- a/drivers/bluetooth/btmtk.h
++++ b/drivers/bluetooth/btmtk.h
+@@ -4,6 +4,7 @@
+ #define FIRMWARE_MT7622 "mediatek/mt7622pr2h.bin"
+ #define FIRMWARE_MT7663 "mediatek/mt7663pr2h.bin"
+ #define FIRMWARE_MT7668 "mediatek/mt7668pr2h.bin"
++#define FIRMWARE_MT7922
"mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin"
+ #define FIRMWARE_MT7961
"mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin"
+ #define FIRMWARE_MT7925
"mediatek/mt7925/BT_RAM_CODE_MT7925_1_1_hdr.bin"
+
+--
+2.35.3
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigati.patch
new/patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigati.patch
--- old/patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigati.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigati.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,81 +0,0 @@
-From: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Date: Tue, 13 Feb 2024 18:22:56 -0800
-Subject: KVM/VMX: Move VERW closer to VMentry for MDS mitigation
-Git-commit: 43fb862de8f628c5db5e96831c915b9aebf62d33
-Patch-mainline: 6.8-rc6
-References: git-fixes
-
-During VMentry VERW is executed to mitigate MDS. After VERW, any memory
-access like register push onto stack may put host data in MDS affected
-CPU buffers. A guest can then use MDS to sample host data.
-
-Although likelihood of secrets surviving in registers at current VERW
-callsite is less, but it can't be ruled out. Harden the MDS mitigation
-by moving the VERW mitigation late in VMentry path.
-
-Note that VERW for MMIO Stale Data mitigation is unchanged because of
-the complexity of per-guest conditional VERW which is not easy to handle
-that late in asm with no GPRs available. If the CPU is also affected by
-MDS, VERW is unconditionally executed late in asm regardless of guest
-having MMIO access.
-
-Signed-off-by: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.han...@linux.intel.com>
-Acked-by: Sean Christopherson <sea...@google.com>
-Link:
https://lore.kernel.org/all/20240213-delay-verw-v8-6-a6216d83edb7%40linux.intel.com
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- arch/x86/kvm/vmx/vmenter.S | 3 +++
- arch/x86/kvm/vmx/vmx.c | 20 ++++++++++++++++----
- 2 files changed, 19 insertions(+), 4 deletions(-)
-
---- a/arch/x86/kvm/vmx/vmenter.S
-+++ b/arch/x86/kvm/vmx/vmenter.S
-@@ -161,6 +161,9 @@ SYM_FUNC_START(__vmx_vcpu_run)
- /* Load guest RAX. This kills the @regs pointer! */
- mov VCPU_RAX(%_ASM_AX), %_ASM_AX
-
-+ /* Clobbers EFLAGS.ZF */
-+ CLEAR_CPU_BUFFERS
-+
- /* Check EFLAGS.CF from the VMX_RUN_VMRESUME bit test above. */
- jnc .Lvmlaunch
-
---- a/arch/x86/kvm/vmx/vmx.c
-+++ b/arch/x86/kvm/vmx/vmx.c
-@@ -387,7 +387,16 @@ static __always_inline void vmx_enable_f
-
- static void vmx_update_fb_clear_dis(struct kvm_vcpu *vcpu, struct vcpu_vmx
*vmx)
- {
-- vmx->disable_fb_clear = (host_arch_capabilities &
ARCH_CAP_FB_CLEAR_CTRL) &&
-+ /*
-+ * Disable VERW's behavior of clearing CPU buffers for the guest if the
-+ * CPU isn't affected by MDS/TAA, and the host hasn't forcefully enabled
-+ * the mitigation. Disabling the clearing behavior provides a
-+ * performance boost for guests that aren't aware that manually clearing
-+ * CPU buffers is unnecessary, at the cost of MSR accesses on VM-Entry
-+ * and VM-Exit.
-+ */
-+ vmx->disable_fb_clear = !cpu_feature_enabled(X86_FEATURE_CLEAR_CPU_BUF)
&&
-+ (host_arch_capabilities &
ARCH_CAP_FB_CLEAR_CTRL) &&
- !boot_cpu_has_bug(X86_BUG_MDS) &&
- !boot_cpu_has_bug(X86_BUG_TAA);
-
-@@ -7226,11 +7235,14 @@ static noinstr void vmx_vcpu_enter_exit(
-
- guest_state_enter_irqoff();
-
-- /* L1D Flush includes CPU buffer clear to mitigate MDS */
-+ /*
-+ * L1D Flush includes CPU buffer clear to mitigate MDS, but VERW
-+ * mitigation for MDS is done late in VMentry and is still
-+ * executed in spite of L1D Flush. This is because an extra VERW
-+ * should not matter much after the big hammer L1D Flush.
-+ */
- if (static_branch_unlikely(&vmx_l1d_should_flush))
- vmx_l1d_flush(vcpu);
-- else if (cpu_feature_enabled(X86_FEATURE_CLEAR_CPU_BUF))
-- mds_clear_cpu_buffers();
- else if (static_branch_unlikely(&mmio_stale_data_clear) &&
- kvm_arch_has_assigned_device(vcpu->kvm))
- mds_clear_cpu_buffers();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME.patch
new/patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME.patch
--- old/patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,60 +0,0 @@
-From: Sean Christopherson <sea...@google.com>
-Date: Tue, 13 Feb 2024 18:22:40 -0800
-Subject: KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH
-Git-commit: 706a189dcf74d3b3f955e9384785e726ed6c7c80
-Patch-mainline: 6.8-rc6
-References: git-fixes
-
-Use EFLAGS.CF instead of EFLAGS.ZF to track whether to use VMRESUME versus
-VMLAUNCH. Freeing up EFLAGS.ZF will allow doing VERW, which clobbers ZF,
-for MDS mitigations as late as possible without needing to duplicate VERW
-for both paths.
-
-Signed-off-by: Sean Christopherson <sea...@google.com>
-Signed-off-by: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.han...@linux.intel.com>
-Reviewed-by: Nikolay Borisov <nik.bori...@suse.com>
-Link:
https://lore.kernel.org/all/20240213-delay-verw-v8-5-a6216d83edb7%40linux.intel.com
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- arch/x86/kvm/vmx/run_flags.h | 7 +++++--
- arch/x86/kvm/vmx/vmenter.S | 6 +++---
- 2 files changed, 8 insertions(+), 5 deletions(-)
-
---- a/arch/x86/kvm/vmx/run_flags.h
-+++ b/arch/x86/kvm/vmx/run_flags.h
-@@ -2,7 +2,10 @@
- #ifndef __KVM_X86_VMX_RUN_FLAGS_H
- #define __KVM_X86_VMX_RUN_FLAGS_H
-
--#define VMX_RUN_VMRESUME (1 << 0)
--#define VMX_RUN_SAVE_SPEC_CTRL (1 << 1)
-+#define VMX_RUN_VMRESUME_SHIFT 0
-+#define VMX_RUN_SAVE_SPEC_CTRL_SHIFT 1
-+
-+#define VMX_RUN_VMRESUME BIT(VMX_RUN_VMRESUME_SHIFT)
-+#define VMX_RUN_SAVE_SPEC_CTRL
BIT(VMX_RUN_SAVE_SPEC_CTRL_SHIFT)
-
- #endif /* __KVM_X86_VMX_RUN_FLAGS_H */
---- a/arch/x86/kvm/vmx/vmenter.S
-+++ b/arch/x86/kvm/vmx/vmenter.S
-@@ -139,7 +139,7 @@ SYM_FUNC_START(__vmx_vcpu_run)
- mov (%_ASM_SP), %_ASM_AX
-
- /* Check if vmlaunch or vmresume is needed */
-- test $VMX_RUN_VMRESUME, %ebx
-+ bt $VMX_RUN_VMRESUME_SHIFT, %ebx
-
- /* Load guest registers. Don't clobber flags. */
- mov VCPU_RCX(%_ASM_AX), %_ASM_CX
-@@ -161,8 +161,8 @@ SYM_FUNC_START(__vmx_vcpu_run)
- /* Load guest RAX. This kills the @regs pointer! */
- mov VCPU_RAX(%_ASM_AX), %_ASM_AX
-
-- /* Check EFLAGS.ZF from 'test VMX_RUN_VMRESUME' above */
-- jz .Lvmlaunch
-+ /* Check EFLAGS.CF from the VMX_RUN_VMRESUME bit test above. */
-+ jnc .Lvmlaunch
-
- /*
- * After a successful VMRESUME/VMLAUNCH, control flow "magically"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/af_unix-Fix-task-hung-while-purging-oob_skb-in-GC.patch
new/patches.suse/af_unix-Fix-task-hung-while-purging-oob_skb-in-GC.patch
--- old/patches.suse/af_unix-Fix-task-hung-while-purging-oob_skb-in-GC.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/af_unix-Fix-task-hung-while-purging-oob_skb-in-GC.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,101 +0,0 @@
-From: Kuniyuki Iwashima <kun...@amazon.com>
-Date: Fri, 9 Feb 2024 14:04:53 -0800
-Subject: af_unix: Fix task hung while purging oob_skb in GC.
-Git-commit: 25236c91b5ab4a26a56ba2e79b8060cf4e047839
-Patch-mainline: v6.8-rc5
-References: git-fixes
-
-syzbot reported a task hung; at the same time, GC was looping infinitely
-in list_for_each_entry_safe() for OOB skb. [0]
-
-syzbot demonstrated that the list_for_each_entry_safe() was not actually
-safe in this case.
-
-A single skb could have references for multiple sockets. If we free such
-a skb in the list_for_each_entry_safe(), the current and next sockets could
-be unlinked in a single iteration.
-
-unix_notinflight() uses list_del_init() to unlink the socket, so the
-prefetched next socket forms a loop itself and list_for_each_entry_safe()
-never stops.
-
-Here, we must use while() and make sure we always fetch the first socket.
-
-[0]:
-Sending NMI from CPU 0 to CPUs 1:
-NMI backtrace for cpu 1
-CPU: 1 PID: 5065 Comm: syz-executor236 Not tainted
6.8.0-rc3-syzkaller-00136-g1f719a2f3fa6 #0
-Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/25/2024
-RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:26 [inline]
-RIP: 0010:check_kcov_mode kernel/kcov.c:173 [inline]
-RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60 kernel/kcov.c:207
-Code: cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90
90 90 90 90 90 f3 0f 1e fa 65 48 8b 14 25 40 c2 03 00 <65> 8b 05 b4 7c 78 7e a9
00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74
-RSP: 0018:ffffc900033efa58 EFLAGS: 00000283
-RAX: ffff88807b077800 RBX: ffff88807b077800 RCX: 1ffffffff27b1189
-RDX: ffff88802a5a3b80 RSI: ffffffff8968488d RDI: ffff88807b077f70
-RBP: ffffc900033efbb0 R08: 0000000000000001 R09: fffffbfff27a900c
-R10: ffffffff93d48067 R11: ffffffff8ae000eb R12: ffff88807b077800
-R13: dffffc0000000000 R14: ffff88807b077e40 R15: 0000000000000001
-FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
-CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
-CR2: 0000564f4fc1e3a8 CR3: 000000000d57a000 CR4: 00000000003506f0
-DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
-DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
-Call Trace:
- <NMI>
- </NMI>
- <TASK>
- unix_gc+0x563/0x13b0 net/unix/garbage.c:319
- unix_release_sock+0xa93/0xf80 net/unix/af_unix.c:683
- unix_release+0x91/0xf0 net/unix/af_unix.c:1064
- __sock_release+0xb0/0x270 net/socket.c:659
- sock_close+0x1c/0x30 net/socket.c:1421
- __fput+0x270/0xb80 fs/file_table.c:376
- task_work_run+0x14f/0x250 kernel/task_work.c:180
- exit_task_work include/linux/task_work.h:38 [inline]
- do_exit+0xa8a/0x2ad0 kernel/exit.c:871
- do_group_exit+0xd4/0x2a0 kernel/exit.c:1020
- __do_sys_exit_group kernel/exit.c:1031 [inline]
- __se_sys_exit_group kernel/exit.c:1029 [inline]
- __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1029
- do_syscall_x64 arch/x86/entry/common.c:52 [inline]
- do_syscall_64+0xd5/0x270 arch/x86/entry/common.c:83
- entry_SYSCALL_64_after_hwframe+0x6f/0x77
-RIP: 0033:0x7f9d6cbdac09
-Code: Unable to access opcode bytes at 0x7f9d6cbdabdf.
-RSP: 002b:00007fff5952feb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
-RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9d6cbdac09
-RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
-RBP: 00007f9d6cc552b0 R08: ffffffffffffffb8 R09: 0000000000000006
-R10: 0000000000000006 R11: 0000000000000246 R12: 00007f9d6cc552b0
-R13: 0000000000000000 R14: 00007f9d6cc55d00 R15: 00007f9d6cbabe70
- </TASK>
-
-Reported-by: syzbot+4fa4a2d1f5a5ee06f...@syzkaller.appspotmail.com
-Closes: https://syzkaller.appspot.com/bug?extid=4fa4a2d1f5a5ee06f006
-Fixes: 1279f9d9dec2 ("af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in
GC.")
-Signed-off-by: Kuniyuki Iwashima <kun...@amazon.com>
-Link: https://lore.kernel.org/r/20240209220453.96053-1-kun...@amazon.com
-Signed-off-by: Paolo Abeni <pab...@redhat.com>
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- net/unix/garbage.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
---- a/net/unix/garbage.c
-+++ b/net/unix/garbage.c
-@@ -315,10 +315,11 @@ void unix_gc(void)
- __skb_queue_purge(&hitlist);
-
- #if IS_ENABLED(CONFIG_AF_UNIX_OOB)
-- list_for_each_entry_safe(u, next, &gc_candidates, link) {
-- struct sk_buff *skb = u->oob_skb;
-+ while (!list_empty(&gc_candidates)) {
-+ u = list_entry(gc_candidates.next, struct unix_sock, link);
-+ if (u->oob_skb) {
-+ struct sk_buff *skb = u->oob_skb;
-
-- if (skb) {
- u->oob_skb = NULL;
- kfree_skb(skb);
- }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPRESS.patch
new/patches.suse/fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPRESS.patch
--- old/patches.suse/fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPRESS.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPRESS.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,42 +0,0 @@
-From: Mark O'Donovan <shif...@posteo.net>
-Date: Wed, 21 Feb 2024 10:43:58 +0000
-Subject: fs/ntfs3: fix build without CONFIG_NTFS3_LZX_XPRESS
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Git-commit: c8e314624a1666ed2eec28549713021a8ec801e9
-Patch-mainline: v6.8-rc7
-References: git-fixes
-
-When CONFIG_NTFS3_LZX_XPRESS is not set then we get the following build
-error:
-
- fs/ntfs3/frecord.c:2460:16: error: unused variable âi_sizeâ
-
-Signed-off-by: Mark O'Donovan <shif...@posteo.net>
-Fixes: 4fd6c08a16d7 ("fs/ntfs3: Use i_size_read and i_size_write")
-Tested-by: Chris Clayton <chris2...@googlemail.com>
-Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- fs/ntfs3/frecord.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/fs/ntfs3/frecord.c
-+++ b/fs/ntfs3/frecord.c
-@@ -2457,7 +2457,6 @@ int ni_read_frame(struct ntfs_inode *ni,
- struct ATTR_LIST_ENTRY *le = NULL;
- struct runs_tree *run = &ni->file.run;
- u64 valid_size = ni->i_valid;
-- loff_t i_size = i_size_read(&ni->vfs_inode);
- u64 vbo_disk;
- size_t unc_size;
- u32 frame_size, i, npages_disk, ondisk_size;
-@@ -2509,6 +2508,7 @@ int ni_read_frame(struct ntfs_inode *ni,
- err = -EOPNOTSUPP;
- goto out1;
- #else
-+ loff_t i_size = i_size_read(&ni->vfs_inode);
- u32 frame_bits = ni_ext_compress_bits(ni);
- u64 frame64 = frame_vbo >> frame_bits;
- u64 frames, vbo_data;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/mptcp-avoid-printing-warning-once-on-client-side.patch
new/patches.suse/mptcp-avoid-printing-warning-once-on-client-side.patch
--- old/patches.suse/mptcp-avoid-printing-warning-once-on-client-side.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/mptcp-avoid-printing-warning-once-on-client-side.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,42 +0,0 @@
-From: "Matthieu Baerts (NGI0)" <matt...@kernel.org>
-Date: Fri, 23 Feb 2024 17:14:13 +0100
-Subject: mptcp: avoid printing warning once on client side
-Git-commit: 5b49c41ac8f27aa3a63a1712b1f54f91015c18f2
-Patch-mainline: v6.8-rc7
-References: git-fixes
-
-After the 'Fixes' commit mentioned below, the client side might print
-the following warning once when a subflow is fully established at the
-reception of any valid additional ack:
-
- MPTCP: bogus mpc option on established client sk
-
-That's a normal situation, and no warning should be printed for that. We
-can then skip the check when the label is used.
-
-Fixes: e4a0fa47e816 ("mptcp: corner case locking for rx path fields
initialization")
-Cc: sta...@vger.kernel.org
-Suggested-by: Paolo Abeni <pab...@redhat.com>
-Reviewed-by: Mat Martineau <martin...@kernel.org>
-Signed-off-by: Matthieu Baerts (NGI0) <matt...@kernel.org>
-Link:
https://lore.kernel.org/r/20240223-upstream-net-20240223-misc-fixes-v1-3-162e87e48...@kernel.org
-Signed-off-by: Jakub Kicinski <k...@kernel.org>
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- net/mptcp/options.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/net/mptcp/options.c
-+++ b/net/mptcp/options.c
-@@ -981,10 +981,10 @@ static bool check_fully_established(stru
- if (mp_opt->deny_join_id0)
- WRITE_ONCE(msk->pm.remote_deny_join_id0, true);
-
--set_fully_established:
- if (unlikely(!READ_ONCE(msk->pm.server_side)))
- pr_warn_once("bogus mpc option on established client sk");
-
-+set_fully_established:
- mptcp_data_lock((struct sock *)msk);
- __mptcp_subflow_fully_established(msk, subflow, mp_opt);
- mptcp_data_unlock((struct sock *)msk);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/mptcp-fix-possible-deadlock-in-subflow-diag.patch
new/patches.suse/mptcp-fix-possible-deadlock-in-subflow-diag.patch
--- old/patches.suse/mptcp-fix-possible-deadlock-in-subflow-diag.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/mptcp-fix-possible-deadlock-in-subflow-diag.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,115 +0,0 @@
-From: Paolo Abeni <pab...@redhat.com>
-Date: Fri, 23 Feb 2024 17:14:19 +0100
-Subject: mptcp: fix possible deadlock in subflow diag
-Git-commit: d6a9608af9a75d13243d217f6ce1e30e57d56ffe
-Patch-mainline: v6.8-rc7
-References: git-fixes
-
-Syzbot and Eric reported a lockdep splat in the subflow diag:
-
- WARNING: possible circular locking dependency detected
- 6.8.0-rc4-syzkaller-00212-g40b9385dd8e6 #0 Not tainted
-
- syz-executor.2/24141 is trying to acquire lock:
- ffff888045870130 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at:
- tcp_diag_put_ulp net/ipv4/tcp_diag.c:100 [inline]
- ffff888045870130 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at:
- tcp_diag_get_aux+0x738/0x830 net/ipv4/tcp_diag.c:137
-
- but task is already holding lock:
- ffffc9000135e488 (&h->lhash2[i].lock){+.+.}-{2:2}, at: spin_lock
- include/linux/spinlock.h:351 [inline]
- ffffc9000135e488 (&h->lhash2[i].lock){+.+.}-{2:2}, at:
- inet_diag_dump_icsk+0x39f/0x1f80 net/ipv4/inet_diag.c:1038
-
- which lock already depends on the new lock.
-
- the existing dependency chain (in reverse order) is:
-
- -> #1 (&h->lhash2[i].lock){+.+.}-{2:2}:
- lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754
- __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
- _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
- spin_lock include/linux/spinlock.h:351 [inline]
- __inet_hash+0x335/0xbe0 net/ipv4/inet_hashtables.c:743
- inet_csk_listen_start+0x23a/0x320 net/ipv4/inet_connection_sock.c:1261
- __inet_listen_sk+0x2a2/0x770 net/ipv4/af_inet.c:217
- inet_listen+0xa3/0x110 net/ipv4/af_inet.c:239
- rds_tcp_listen_init+0x3fd/0x5a0 net/rds/tcp_listen.c:316
- rds_tcp_init_net+0x141/0x320 net/rds/tcp.c:577
- ops_init+0x352/0x610 net/core/net_namespace.c:136
- __register_pernet_operations net/core/net_namespace.c:1214 [inline]
- register_pernet_operations+0x2cb/0x660 net/core/net_namespace.c:1283
- register_pernet_device+0x33/0x80 net/core/net_namespace.c:1370
- rds_tcp_init+0x62/0xd0 net/rds/tcp.c:735
- do_one_initcall+0x238/0x830 init/main.c:1236
- do_initcall_level+0x157/0x210 init/main.c:1298
- do_initcalls+0x3f/0x80 init/main.c:1314
- kernel_init_freeable+0x42f/0x5d0 init/main.c:1551
- kernel_init+0x1d/0x2a0 init/main.c:1441
- ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
- ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:242
-
- -> #0 (k-sk_lock-AF_INET6){+.+.}-{0:0}:
- check_prev_add kernel/locking/lockdep.c:3134 [inline]
- check_prevs_add kernel/locking/lockdep.c:3253 [inline]
- validate_chain+0x18ca/0x58e0 kernel/locking/lockdep.c:3869
- __lock_acquire+0x1345/0x1fd0 kernel/locking/lockdep.c:5137
- lock_acquire+0x1e3/0x530 kernel/locking/lockdep.c:5754
- lock_sock_fast include/net/sock.h:1723 [inline]
- subflow_get_info+0x166/0xd20 net/mptcp/diag.c:28
- tcp_diag_put_ulp net/ipv4/tcp_diag.c:100 [inline]
- tcp_diag_get_aux+0x738/0x830 net/ipv4/tcp_diag.c:137
- inet_sk_diag_fill+0x10ed/0x1e00 net/ipv4/inet_diag.c:345
- inet_diag_dump_icsk+0x55b/0x1f80 net/ipv4/inet_diag.c:1061
- __inet_diag_dump+0x211/0x3a0 net/ipv4/inet_diag.c:1263
- inet_diag_dump_compat+0x1c1/0x2d0 net/ipv4/inet_diag.c:1371
- netlink_dump+0x59b/0xc80 net/netlink/af_netlink.c:2264
- __netlink_dump_start+0x5df/0x790 net/netlink/af_netlink.c:2370
- netlink_dump_start include/linux/netlink.h:338 [inline]
- inet_diag_rcv_msg_compat+0x209/0x4c0 net/ipv4/inet_diag.c:1405
- sock_diag_rcv_msg+0xe7/0x410
- netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543
- sock_diag_rcv+0x2a/0x40 net/core/sock_diag.c:280
- netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]
- netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367
- netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908
- sock_sendmsg_nosec net/socket.c:730 [inline]
- __sock_sendmsg+0x221/0x270 net/socket.c:745
- ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584
- ___sys_sendmsg net/socket.c:2638 [inline]
- __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667
- do_syscall_64+0xf9/0x240
- entry_SYSCALL_64_after_hwframe+0x6f/0x77
-
-As noted by Eric we can break the lock dependency chain avoid
-dumping any extended info for the mptcp subflow listener:
-nothing actually useful is presented there.
-
-Fixes: b8adb69a7d29 ("mptcp: fix lockless access in subflow ULP diag")
-Cc: sta...@vger.kernel.org
-Reported-by: Eric Dumazet <eduma...@google.com>
-Closes:
https://lore.kernel.org/netdev/CANn89iJ=oecw6ozdwmsyc9hjkq_g32un11l+oucmu+tod5x...@mail.gmail.com/
-Suggested-by: Eric Dumazet <eduma...@google.com>
-Signed-off-by: Paolo Abeni <pab...@redhat.com>
-Reviewed-by: Matthieu Baerts (NGI0) <matt...@kernel.org>
-Signed-off-by: Matthieu Baerts (NGI0) <matt...@kernel.org>
-Link:
https://lore.kernel.org/r/20240223-upstream-net-20240223-misc-fixes-v1-9-162e87e48...@kernel.org
-Signed-off-by: Jakub Kicinski <k...@kernel.org>
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- net/mptcp/diag.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/mptcp/diag.c
-+++ b/net/mptcp/diag.c
-@@ -21,6 +21,9 @@ static int subflow_get_info(struct sock
- bool slow;
- int err;
-
-+ if (inet_sk_state_load(sk) == TCP_LISTEN)
-+ return 0;
-+
- start = nla_nest_start_noflag(skb, INET_ULP_INFO_MPTCP);
- if (!start)
- return -EMSGSIZE;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-s.patch
new/patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-s.patch
--- old/patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-s.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-s.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,198 +0,0 @@
-From: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Date: Tue, 13 Feb 2024 18:22:24 -0800
-Subject: x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key
-Git-commit: 6613d82e617dd7eb8b0c40b2fe3acea655b1d611
-Patch-mainline: 6.8-rc6
-References: git-fixes
-
-The VERW mitigation at exit-to-user is enabled via a static branch
-mds_user_clear. This static branch is never toggled after boot, and can
-be safely replaced with an ALTERNATIVE() which is convenient to use in
-asm.
-
-Switch to ALTERNATIVE() to use the VERW mitigation late in exit-to-user
-path. Also remove the now redundant VERW in exc_nmi() and
-arch_exit_to_user_mode().
-
-Signed-off-by: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.han...@linux.intel.com>
-Link:
https://lore.kernel.org/all/20240213-delay-verw-v8-4-a6216d83edb7%40linux.intel.com
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- Documentation/arch/x86/mds.rst | 36
+++++++++++++++++++++++++----------
- arch/x86/include/asm/entry-common.h | 1
- arch/x86/include/asm/nospec-branch.h | 12 -----------
- arch/x86/kernel/cpu/bugs.c | 15 +++++---------
- arch/x86/kernel/nmi.c | 3 --
- arch/x86/kvm/vmx/vmx.c | 2 -
- 6 files changed, 33 insertions(+), 36 deletions(-)
-
---- a/Documentation/arch/x86/mds.rst
-+++ b/Documentation/arch/x86/mds.rst
-@@ -95,6 +95,9 @@ The kernel provides a function to invoke
-
- mds_clear_cpu_buffers()
-
-+Also macro CLEAR_CPU_BUFFERS can be used in ASM late in exit-to-user path.
-+Other than CFLAGS.ZF, this macro doesn't clobber any registers.
-+
- The mitigation is invoked on kernel/userspace, hypervisor/guest and C-state
- (idle) transitions.
-
-@@ -138,17 +141,30 @@ Mitigation points
-
- When transitioning from kernel to user space the CPU buffers are flushed
- on affected CPUs when the mitigation is not disabled on the kernel
-- command line. The migitation is enabled through the static key
-- mds_user_clear.
-+ command line. The mitigation is enabled through the feature flag
-+ X86_FEATURE_CLEAR_CPU_BUF.
-
-- The mitigation is invoked in prepare_exit_to_usermode() which covers
-- all but one of the kernel to user space transitions. The exception
-- is when we return from a Non Maskable Interrupt (NMI), which is
-- handled directly in do_nmi().
--
-- (The reason that NMI is special is that prepare_exit_to_usermode() can
-- enable IRQs. In NMI context, NMIs are blocked, and we don't want to
-- enable IRQs with NMIs blocked.)
-+ The mitigation is invoked just before transitioning to userspace after
-+ user registers are restored. This is done to minimize the window in
-+ which kernel data could be accessed after VERW e.g. via an NMI after
-+ VERW.
-+
-+ **Corner case not handled**
-+ Interrupts returning to kernel don't clear CPUs buffers since the
-+ exit-to-user path is expected to do that anyways. But, there could be
-+ a case when an NMI is generated in kernel after the exit-to-user path
-+ has cleared the buffers. This case is not handled and NMI returning to
-+ kernel don't clear CPU buffers because:
-+
-+ 1. It is rare to get an NMI after VERW, but before returning to userspace.
-+ 2. For an unprivileged user, there is no known way to make that NMI
-+ less rare or target it.
-+ 3. It would take a large number of these precisely-timed NMIs to mount
-+ an actual attack. There's presumably not enough bandwidth.
-+ 4. The NMI in question occurs after a VERW, i.e. when user state is
-+ restored and most interesting data is already scrubbed. Whats left
-+ is only the data that NMI touches, and that may or may not be of
-+ any interest.
-
-
- 2. C-State transition
---- a/arch/x86/include/asm/entry-common.h
-+++ b/arch/x86/include/asm/entry-common.h
-@@ -91,7 +91,6 @@ static inline void arch_exit_to_user_mod
-
- static __always_inline void arch_exit_to_user_mode(void)
- {
-- mds_user_clear_cpu_buffers();
- amd_clear_divider();
- }
- #define arch_exit_to_user_mode arch_exit_to_user_mode
---- a/arch/x86/include/asm/nospec-branch.h
-+++ b/arch/x86/include/asm/nospec-branch.h
-@@ -540,7 +540,6 @@ DECLARE_STATIC_KEY_FALSE(switch_to_cond_
- DECLARE_STATIC_KEY_FALSE(switch_mm_cond_ibpb);
- DECLARE_STATIC_KEY_FALSE(switch_mm_always_ibpb);
-
--DECLARE_STATIC_KEY_FALSE(mds_user_clear);
- DECLARE_STATIC_KEY_FALSE(mds_idle_clear);
-
- DECLARE_STATIC_KEY_FALSE(switch_mm_cond_l1d_flush);
-@@ -575,17 +574,6 @@ static __always_inline void mds_clear_cp
- }
-
- /**
-- * mds_user_clear_cpu_buffers - Mitigation for MDS and TAA vulnerability
-- *
-- * Clear CPU buffers if the corresponding static key is enabled
-- */
--static __always_inline void mds_user_clear_cpu_buffers(void)
--{
-- if (static_branch_likely(&mds_user_clear))
-- mds_clear_cpu_buffers();
--}
--
--/**
- * mds_idle_clear_cpu_buffers - Mitigation for MDS vulnerability
- *
- * Clear CPU buffers if the corresponding static key is enabled
---- a/arch/x86/kernel/cpu/bugs.c
-+++ b/arch/x86/kernel/cpu/bugs.c
-@@ -111,9 +111,6 @@ DEFINE_STATIC_KEY_FALSE(switch_mm_cond_i
- /* Control unconditional IBPB in switch_mm() */
- DEFINE_STATIC_KEY_FALSE(switch_mm_always_ibpb);
-
--/* Control MDS CPU buffer clear before returning to user space */
--DEFINE_STATIC_KEY_FALSE(mds_user_clear);
--EXPORT_SYMBOL_GPL(mds_user_clear);
- /* Control MDS CPU buffer clear before idling (halt, mwait) */
- DEFINE_STATIC_KEY_FALSE(mds_idle_clear);
- EXPORT_SYMBOL_GPL(mds_idle_clear);
-@@ -252,7 +249,7 @@ static void __init mds_select_mitigation
- if (!boot_cpu_has(X86_FEATURE_MD_CLEAR))
- mds_mitigation = MDS_MITIGATION_VMWERV;
-
-- static_branch_enable(&mds_user_clear);
-+ setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
-
- if (!boot_cpu_has(X86_BUG_MSBDS_ONLY) &&
- (mds_nosmt || cpu_mitigations_auto_nosmt()))
-@@ -356,7 +353,7 @@ static void __init taa_select_mitigation
- * For guests that can't determine whether the correct microcode is
- * present on host, enable the mitigation for UCODE_NEEDED as well.
- */
-- static_branch_enable(&mds_user_clear);
-+ setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
-
- if (taa_nosmt || cpu_mitigations_auto_nosmt())
- cpu_smt_disable(false);
-@@ -424,7 +421,7 @@ static void __init mmio_select_mitigatio
- */
- if (boot_cpu_has_bug(X86_BUG_MDS) || (boot_cpu_has_bug(X86_BUG_TAA) &&
- boot_cpu_has(X86_FEATURE_RTM)))
-- static_branch_enable(&mds_user_clear);
-+ setup_force_cpu_cap(X86_FEATURE_CLEAR_CPU_BUF);
- else
- static_branch_enable(&mmio_stale_data_clear);
-
-@@ -484,12 +481,12 @@ static void __init md_clear_update_mitig
- if (cpu_mitigations_off())
- return;
-
-- if (!static_key_enabled(&mds_user_clear))
-+ if (!boot_cpu_has(X86_FEATURE_CLEAR_CPU_BUF))
- goto out;
-
- /*
-- * mds_user_clear is now enabled. Update MDS, TAA and MMIO Stale Data
-- * mitigation, if necessary.
-+ * X86_FEATURE_CLEAR_CPU_BUF is now enabled. Update MDS, TAA and MMIO
-+ * Stale Data mitigation, if necessary.
- */
- if (mds_mitigation == MDS_MITIGATION_OFF &&
- boot_cpu_has_bug(X86_BUG_MDS)) {
---- a/arch/x86/kernel/nmi.c
-+++ b/arch/x86/kernel/nmi.c
-@@ -563,9 +563,6 @@ nmi_restart:
- }
- if (this_cpu_dec_return(nmi_state))
- goto nmi_restart;
--
-- if (user_mode(regs))
-- mds_user_clear_cpu_buffers();
- }
-
- #if IS_ENABLED(CONFIG_KVM_INTEL)
---- a/arch/x86/kvm/vmx/vmx.c
-+++ b/arch/x86/kvm/vmx/vmx.c
-@@ -7229,7 +7229,7 @@ static noinstr void vmx_vcpu_enter_exit(
- /* L1D Flush includes CPU buffer clear to mitigate MDS */
- if (static_branch_unlikely(&vmx_l1d_should_flush))
- vmx_l1d_flush(vcpu);
-- else if (static_branch_unlikely(&mds_user_clear))
-+ else if (cpu_feature_enabled(X86_FEATURE_CLEAR_CPU_BUF))
- mds_clear_cpu_buffers();
- else if (static_branch_unlikely(&mmio_stale_data_clear) &&
- kvm_arch_has_assigned_device(vcpu->kvm))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transiti.patch
new/patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transiti.patch
--- old/patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transiti.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transiti.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,44 +0,0 @@
-From: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Date: Tue, 13 Feb 2024 18:22:08 -0800
-Subject: x86/entry_32: Add VERW just before userspace transition
-Git-commit: a0e2dab44d22b913b4c228c8b52b2a104434b0b3
-Patch-mainline: 6.8-rc6
-References: git-fixes
-
-As done for entry_64, add support for executing VERW late in exit to
-user path for 32-bit mode.
-
-Signed-off-by: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.han...@linux.intel.com>
-Link:
https://lore.kernel.org/all/20240213-delay-verw-v8-3-a6216d83edb7%40linux.intel.com
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- arch/x86/entry/entry_32.S | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/arch/x86/entry/entry_32.S
-+++ b/arch/x86/entry/entry_32.S
-@@ -885,6 +885,7 @@ SYM_FUNC_START(entry_SYSENTER_32)
- BUG_IF_WRONG_CR3 no_user_check=1
- popfl
- popl %eax
-+ CLEAR_CPU_BUFFERS
-
- /*
- * Return back to the vDSO, which will pop ecx and edx.
-@@ -954,6 +955,7 @@ restore_all_switch_stack:
-
- /* Restore user state */
- RESTORE_REGS pop=4 # skip orig_eax/error_code
-+ CLEAR_CPU_BUFFERS
- .Lirq_return:
- /*
- * ARCH_HAS_MEMBARRIER_SYNC_CORE rely on IRET core serialization
-@@ -1146,6 +1148,7 @@ SYM_CODE_START(asm_exc_nmi)
-
- /* Not on SYSENTER stack. */
- call exc_nmi
-+ CLEAR_CPU_BUFFERS
- jmp .Lnmi_return
-
- .Lnmi_from_sysenter_stack:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transiti.patch
new/patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transiti.patch
--- old/patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transiti.patch
2024-03-01 14:51:21.000000000 +0100
+++ new/patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transiti.patch
1970-01-01 01:00:00.000000000 +0100
@@ -1,105 +0,0 @@
-From: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Date: Tue, 13 Feb 2024 18:21:52 -0800
-Subject: x86/entry_64: Add VERW just before userspace transition
-Git-commit: 3c7501722e6b31a6e56edd23cea5e77dbb9ffd1a
-Patch-mainline: 6.8-rc6
-References: git-fixes
-
-Mitigation for MDS is to use VERW instruction to clear any secrets in
-CPU Buffers. Any memory accesses after VERW execution can still remain
-in CPU buffers. It is safer to execute VERW late in return to user path
-to minimize the window in which kernel data can end up in CPU buffers.
-There are not many kernel secrets to be had after SWITCH_TO_USER_CR3.
-
-Add support for deploying VERW mitigation after user register state is
-restored. This helps minimize the chances of kernel data ending up into
-CPU buffers after executing VERW.
-
-Note that the mitigation at the new location is not yet enabled.
-
- Corner case not handled
- =======================
- Interrupts returning to kernel don't clear CPUs buffers since the
- exit-to-user path is expected to do that anyways. But, there could be
- a case when an NMI is generated in kernel after the exit-to-user path
- has cleared the buffers. This case is not handled and NMI returning to
- kernel don't clear CPU buffers because:
-
- 1. It is rare to get an NMI after VERW, but before returning to userspace.
- 2. For an unprivileged user, there is no known way to make that NMI
- less rare or target it.
- 3. It would take a large number of these precisely-timed NMIs to mount
- an actual attack. There's presumably not enough bandwidth.
- 4. The NMI in question occurs after a VERW, i.e. when user state is
- restored and most interesting data is already scrubbed. Whats left
- is only the data that NMI touches, and that may or may not be of
- any interest.
-
-Suggested-by: Dave Hansen <dave.han...@intel.com>
-Signed-off-by: Pawan Gupta <pawan.kumar.gu...@linux.intel.com>
-Signed-off-by: Dave Hansen <dave.han...@linux.intel.com>
-Link:
https://lore.kernel.org/all/20240213-delay-verw-v8-2-a6216d83edb7%40linux.intel.com
-Signed-off-by: Jiri Slaby <jsl...@suse.cz>
----
- arch/x86/entry/entry_64.S | 11 +++++++++++
- arch/x86/entry/entry_64_compat.S | 1 +
- 2 files changed, 12 insertions(+)
-
---- a/arch/x86/entry/entry_64.S
-+++ b/arch/x86/entry/entry_64.S
-@@ -161,6 +161,7 @@ syscall_return_via_sysret:
- SYM_INNER_LABEL(entry_SYSRETQ_unsafe_stack, SYM_L_GLOBAL)
- ANNOTATE_NOENDBR
- swapgs
-+ CLEAR_CPU_BUFFERS
- sysretq
- SYM_INNER_LABEL(entry_SYSRETQ_end, SYM_L_GLOBAL)
- ANNOTATE_NOENDBR
-@@ -601,6 +602,7 @@ SYM_INNER_LABEL(swapgs_restore_regs_and_
- /* Restore RDI. */
- popq %rdi
- swapgs
-+ CLEAR_CPU_BUFFERS
- jmp .Lnative_iret
-
-
-@@ -712,6 +714,8 @@ native_irq_return_ldt:
- */
- popq %rax /* Restore user RAX */
-
-+ CLEAR_CPU_BUFFERS
-+
- /*
- * RSP now points to an ordinary IRET frame, except that the page
- * is read-only and RSP[31:16] are preloaded with the userspace
-@@ -1439,6 +1443,12 @@ nmi_restore:
- movq $0, 5*8(%rsp) /* clear "NMI executing" */
-
- /*
-+ * Skip CLEAR_CPU_BUFFERS here, since it only helps in rare cases like
-+ * NMI in kernel after user state is restored. For an unprivileged user
-+ * these conditions are hard to meet.
-+ */
-+
-+ /*
- * iretq reads the "iret" frame and exits the NMI stack in a
- * single instruction. We are returning to kernel mode, so this
- * cannot result in a fault. Similarly, we don't need to worry
-@@ -1455,6 +1465,7 @@ SYM_CODE_START(entry_SYSCALL32_ignore)
- UNWIND_HINT_END_OF_STACK
- ENDBR
- mov $-ENOSYS, %eax
-+ CLEAR_CPU_BUFFERS
- sysretl
- SYM_CODE_END(entry_SYSCALL32_ignore)
-
---- a/arch/x86/entry/entry_64_compat.S
-+++ b/arch/x86/entry/entry_64_compat.S
-@@ -270,6 +270,7 @@ SYM_INNER_LABEL(entry_SYSRETL_compat_uns
- xorl %r9d, %r9d
- xorl %r10d, %r10d
- swapgs
-+ CLEAR_CPU_BUFFERS
- sysretl
- SYM_INNER_LABEL(entry_SYSRETL_compat_end, SYM_L_GLOBAL)
- ANNOTATE_NOENDBR
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:33.775822668 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:33.775822668 +0100
@@ -2176,6 +2176,169 @@
patches.kernel.org/6.7.7-332-selftests-mptcp-join-stop-transfer-when-check-i.patch
patches.kernel.org/6.7.7-333-selftests-mptcp-add-mptcp_lib_get_counter.patch
patches.kernel.org/6.7.7-334-Linux-6.7.7.patch
+
patches.kernel.org/6.7.8-001-fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPR.patch
+ patches.kernel.org/6.7.8-002-Linux-6.7.8.patch
+
patches.kernel.org/6.7.9-001-mtd-spinand-gigadevice-Fix-the-get-ecc-status-i.patch
+
patches.kernel.org/6.7.9-002-ice-fix-connection-state-of-DPLL-and-out-pin.patch
+
patches.kernel.org/6.7.9-003-ice-fix-dpll-input-pin-phase_adjust-value-updat.patch
+
patches.kernel.org/6.7.9-004-ice-fix-dpll-and-dpll_pin-data-access-on-PF-res.patch
+
patches.kernel.org/6.7.9-005-ice-fix-dpll-periodic-work-data-updates-on-PF-r.patch
+
patches.kernel.org/6.7.9-006-ice-fix-pin-phase-adjust-updates-on-PF-reset.patch
+
patches.kernel.org/6.7.9-007-spi-cadence-qspi-fix-pointer-reference-in-runti.patch
+
patches.kernel.org/6.7.9-008-spi-cadence-qspi-remove-system-wide-suspend-hel.patch
+
patches.kernel.org/6.7.9-009-netlink-Fix-kernel-infoleak-after-free-in-__skb.patch
+
patches.kernel.org/6.7.9-010-netlink-add-nla-be16-32-types-to-minlen-array.patch
+
patches.kernel.org/6.7.9-011-net-ip_tunnel-prevent-perpetual-headroom-growth.patch
+
patches.kernel.org/6.7.9-012-net-mctp-take-ownership-of-skb-in-mctp_local_ou.patch
+
patches.kernel.org/6.7.9-013-net-dpaa-fman_memac-accept-phy-interface-type-1.patch
+
patches.kernel.org/6.7.9-014-tun-Fix-xdp_rxq_info-s-queue_index-when-detachi.patch
+
patches.kernel.org/6.7.9-015-cpufreq-intel_pstate-fix-pstate-limits-enforcem.patch
+
patches.kernel.org/6.7.9-016-net-veth-clear-GRO-when-clearing-XDP-even-when-.patch
+
patches.kernel.org/6.7.9-017-ipv6-fix-potential-struct-net-leak-in-inet6_rtm.patch
+
patches.kernel.org/6.7.9-018-lan78xx-enable-auto-speed-configuration-for-LAN.patch
+
patches.kernel.org/6.7.9-019-veth-try-harder-when-allocating-queue-memory.patch
+
patches.kernel.org/6.7.9-020-net-usb-dm9601-fix-wrong-return-value-in-dm9601.patch
+
patches.kernel.org/6.7.9-021-net-lan78xx-fix-softirq-work-is-pending-error.patch
+
patches.kernel.org/6.7.9-022-uapi-in6-replace-temporary-label-with-rfc9486.patch
+
patches.kernel.org/6.7.9-023-stmmac-Clear-variable-when-destroying-workqueue.patch
+
patches.kernel.org/6.7.9-024-Bluetooth-hci_sync-Check-the-correct-flag-befor.patch
+
patches.kernel.org/6.7.9-025-Bluetooth-Avoid-potential-use-after-free-in-hci.patch
+
patches.kernel.org/6.7.9-026-Bluetooth-hci_sync-Fix-accept_list-when-attempt.patch
+
patches.kernel.org/6.7.9-027-Bluetooth-hci_event-Fix-wrongly-recorded-wakeup.patch
+
patches.kernel.org/6.7.9-028-Bluetooth-hci_event-Fix-handling-of-HCI_EV_IO_C.patch
+
patches.kernel.org/6.7.9-029-Bluetooth-Enforce-validation-on-max-value-of-co.patch
+
patches.kernel.org/6.7.9-030-Bluetooth-qca-Fix-wrong-event-type-for-patch-co.patch
+
patches.kernel.org/6.7.9-031-Bluetooth-hci_qca-Set-BDA-quirk-bit-if-fwnode-e.patch
+
patches.kernel.org/6.7.9-032-Bluetooth-qca-Fix-triggering-coredump-implement.patch
+
patches.kernel.org/6.7.9-033-netfilter-nf_tables-allow-NFPROTO_INET-in-nft_-.patch
+
patches.kernel.org/6.7.9-034-netfilter-bridge-confirm-multicast-packets-befo.patch
+
patches.kernel.org/6.7.9-035-tools-ynl-fix-handling-of-multiple-mcast-groups.patch
+
patches.kernel.org/6.7.9-036-rtnetlink-fix-error-logic-of-IFLA_BRIDGE_FLAGS-.patch
+
patches.kernel.org/6.7.9-037-igb-extend-PTP-timestamp-adjustments-to-i211.patch
+
patches.kernel.org/6.7.9-038-net-hsr-Use-correct-offset-for-HSR-TLV-values-i.patch
+
patches.kernel.org/6.7.9-039-tls-decrement-decrypt_pending-if-no-async-compl.patch
+
patches.kernel.org/6.7.9-040-tls-fix-peeking-with-sync-async-decryption.patch
+
patches.kernel.org/6.7.9-041-tls-separate-no-async-decryption-request-handli.patch
+
patches.kernel.org/6.7.9-042-tls-fix-use-after-free-on-failed-backlog-decryp.patch
+ patches.kernel.org/6.7.9-043-riscv-tlb-fix-__p-d_free_tlb.patch
+
patches.kernel.org/6.7.9-044-efi-capsule-loader-fix-incorrect-allocation-siz.patch
+
patches.kernel.org/6.7.9-045-power-supply-bq27xxx-i2c-Do-not-free-non-existi.patch
+
patches.kernel.org/6.7.9-046-ASoC-cs35l56-Must-clear-HALO_STATE-before-issui.patch
+
patches.kernel.org/6.7.9-047-ALSA-Drop-leftover-snd-rtctimer-stuff-from-Make.patch
+
patches.kernel.org/6.7.9-048-ASoC-qcom-Fix-uninitialized-pointer-dmactl.patch
+
patches.kernel.org/6.7.9-049-gpu-host1x-Skip-reset-assert-on-Tegra186.patch
+
patches.kernel.org/6.7.9-050-riscv-mm-fix-NOCACHE_THEAD-does-not-set-bit-61-.patch
+
patches.kernel.org/6.7.9-051-riscv-Fix-build-error-if-CONFIG_ARCH_ENABLE_HUG.patch
+
patches.kernel.org/6.7.9-052-ASoC-cs35l56-cs35l56_component_remove-must-clea.patch
+
patches.kernel.org/6.7.9-053-ASoC-cs35l56-cs35l56_component_remove-must-clea.patch
+
patches.kernel.org/6.7.9-054-ASoC-cs35l56-Don-t-add-the-same-register-patch-.patch
+
patches.kernel.org/6.7.9-055-ASoC-cs35l56-Fix-for-initializing-ASP1-mixer-re.patch
+
patches.kernel.org/6.7.9-056-ASoC-cs35l56-Fix-misuse-of-wm_adsp-part-string-.patch
+
patches.kernel.org/6.7.9-057-ASoC-cs35l56-Fix-deadlock-in-ASP1-mixer-registe.patch
+
patches.kernel.org/6.7.9-058-ASoC-soc-card-Fix-missing-locking-in-snd_soc_ca.patch
+
patches.kernel.org/6.7.9-059-RISC-V-Ignore-V-from-the-riscv-isa-DT-property-.patch
+
patches.kernel.org/6.7.9-060-drm-tegra-Remove-existing-framebuffer-only-if-w.patch
+
patches.kernel.org/6.7.9-061-fbcon-always-restore-the-old-font-data-in-fbcon.patch
+
patches.kernel.org/6.7.9-062-afs-Fix-endless-loop-in-directory-parsing.patch
+
patches.kernel.org/6.7.9-063-drm-amd-display-Prevent-potential-buffer-overfl.patch
+
patches.kernel.org/6.7.9-064-drivers-perf-added-capabilities-for-legacy-PMU.patch
+
patches.kernel.org/6.7.9-065-drivers-perf-ctr_get_width-function-for-legacy-.patch
+
patches.kernel.org/6.7.9-066-Revert-riscv-mm-support-Svnapot-in-huge-vmap.patch
+ patches.kernel.org/6.7.9-067-riscv-Fix-pte_leaf_size-for-NAPOT.patch
+
patches.kernel.org/6.7.9-068-riscv-Sparse-Memory-vmemmap-out-of-bounds-fix.patch
+
patches.kernel.org/6.7.9-069-btrfs-fix-race-between-ordered-extent-completio.patch
+
patches.kernel.org/6.7.9-070-drm-nouveau-keep-DMA-buffers-required-for-suspe.patch
+
patches.kernel.org/6.7.9-071-of-property-fw_devlink-Fix-stupid-bug-in-remote.patch
+
patches.kernel.org/6.7.9-072-tomoyo-fix-UAF-write-bug-in-tomoyo_write_contro.patch
+
patches.kernel.org/6.7.9-073-ALSA-firewire-lib-fix-to-check-cycle-continuity.patch
+
patches.kernel.org/6.7.9-074-ALSA-ump-Fix-the-discard-error-code-from-snd_um.patch
+
patches.kernel.org/6.7.9-075-ALSA-hda-realtek-Fix-top-speaker-connection-on-.patch
+
patches.kernel.org/6.7.9-076-ALSA-hda-realtek-tas2781-enable-subwoofer-volum.patch
+
patches.kernel.org/6.7.9-077-ALSA-hda-realtek-Enable-Mute-LED-on-HP-840-G8-M.patch
+
patches.kernel.org/6.7.9-078-ALSA-hda-realtek-fix-mute-micmute-LED-For-HP-mt.patch
+
patches.kernel.org/6.7.9-079-ALSA-hda-realtek-Add-special-fixup-for-Lenovo-1.patch
+
patches.kernel.org/6.7.9-080-Bluetooth-hci_bcm4377-do-not-mark-valid-bd_addr.patch
+
patches.kernel.org/6.7.9-081-landlock-Fix-asymmetric-private-inodes-referrin.patch
+
patches.kernel.org/6.7.9-082-gtp-fix-use-after-free-and-null-ptr-deref-in-gt.patch
+
patches.kernel.org/6.7.9-083-mm-cachestat-fix-folio-read-after-free-in-cache.patch
+ patches.kernel.org/6.7.9-084-mtd-rawnand-marvell-fix-layouts.patch
+
patches.kernel.org/6.7.9-085-wifi-nl80211-reject-iftype-change-with-mesh-ID-.patch
+
patches.kernel.org/6.7.9-086-btrfs-fix-double-free-of-anonymous-device-after.patch
+
patches.kernel.org/6.7.9-087-btrfs-dev-replace-properly-validate-device-name.patch
+
patches.kernel.org/6.7.9-088-btrfs-send-don-t-issue-unnecessary-zero-writes-.patch
+
patches.kernel.org/6.7.9-089-Revert-drm-amd-pm-resolve-reboot-exception-for-.patch
+ patches.kernel.org/6.7.9-090-drm-buddy-fix-range-bias.patch
+
patches.kernel.org/6.7.9-091-drm-amdgpu-pm-Fix-the-power1_min_cap-value.patch
+
patches.kernel.org/6.7.9-092-drm-amd-display-Add-monitor-patch-for-specific-.patch
+
patches.kernel.org/6.7.9-093-soc-qcom-pmic_glink-Fix-boot-when-QRTR-m.patch
+
patches.kernel.org/6.7.9-094-dmaengine-fsl-qdma-fix-SoC-may-hang-on-16-byte-.patch
+
patches.kernel.org/6.7.9-095-crypto-arm64-neonbs-fix-out-of-bounds-access-on.patch
+
patches.kernel.org/6.7.9-096-dmaengine-ptdma-use-consistent-DMA-masks.patch
+
patches.kernel.org/6.7.9-097-dmaengine-fsl-edma-correct-calculation-of-nbyte.patch
+
patches.kernel.org/6.7.9-098-dmaengine-fsl-qdma-init-irq-after-reg-initializ.patch
+
patches.kernel.org/6.7.9-099-mmc-mmci-stm32-fix-DMA-API-overlapping-mappings.patch
+
patches.kernel.org/6.7.9-100-mmc-core-Fix-eMMC-initialization-with-1-bit-bus.patch
+
patches.kernel.org/6.7.9-101-mmc-sdhci-xenon-add-timeout-for-PHY-init-comple.patch
+
patches.kernel.org/6.7.9-102-mmc-sdhci-xenon-fix-PHY-init-clock-stability.patch
+
patches.kernel.org/6.7.9-103-ceph-switch-to-corrected-encoding-of-max_xattr_.patch
+
patches.kernel.org/6.7.9-104-RISC-V-Drop-invalid-test-from-CONFIG_AS_HAS_OPT.patch
+ patches.kernel.org/6.7.9-105-riscv-add-CALLER_ADDRx-support.patch
+
patches.kernel.org/6.7.9-106-riscv-Fix-enabling-cbo.zero-when-running-in-M-m.patch
+ patches.kernel.org/6.7.9-107-power-supply-mm8013-select-REGMAP_I2C.patch
+
patches.kernel.org/6.7.9-108-kbuild-Add-Wa-fatal-warnings-to-as-instr-invoca.patch
+
patches.kernel.org/6.7.9-109-iommufd-Fix-iopt_access_list_id-overwrite-bug.patch
+
patches.kernel.org/6.7.9-110-iommufd-Fix-protection-fault-in-iommufd_test_sy.patch
+
patches.kernel.org/6.7.9-111-efivarfs-Request-at-most-512-bytes-for-variable.patch
+
patches.kernel.org/6.7.9-112-pmdomain-arm-Fix-NULL-dereference-on-scmi_perf_.patch
+
patches.kernel.org/6.7.9-113-pmdomain-qcom-rpmhpd-Fix-enabled_corner-aggrega.patch
+
patches.kernel.org/6.7.9-114-fprobe-Fix-to-allocate-entry_data_size-buffer-w.patch
+
patches.kernel.org/6.7.9-115-mm-debug_vm_pgtable-fix-BUG_ON-with-pud-advance.patch
+
patches.kernel.org/6.7.9-116-mm-vmscan-fix-a-bug-calling-wakeup_kswapd-with-.patch
+
patches.kernel.org/6.7.9-117-x86-e820-Don-t-reserve-SETUP_RNG_SEED-in-e820.patch
+
patches.kernel.org/6.7.9-118-x86-cpu-Allow-reducing-x86_phys_bits-during-ear.patch
+
patches.kernel.org/6.7.9-119-x86-cpu-intel-Detect-TME-keyid-bits-before-sett.patch
+
patches.kernel.org/6.7.9-120-mptcp-map-v4-address-to-v6-when-destroying-subf.patch
+
patches.kernel.org/6.7.9-121-mptcp-avoid-printing-warning-once-on-client-sid.patch
+ patches.kernel.org/6.7.9-122-mptcp-push-at-DSS-boundaries.patch
+
patches.kernel.org/6.7.9-123-selftests-mptcp-join-add-ss-mptcp-support-check.patch
+
patches.kernel.org/6.7.9-124-mptcp-fix-snd_wnd-initialization-for-passive-so.patch
+
patches.kernel.org/6.7.9-125-mptcp-fix-potential-wake-up-event-loss.patch
+
patches.kernel.org/6.7.9-126-mptcp-fix-double-free-on-socket-dismantle.patch
+
patches.kernel.org/6.7.9-127-mptcp-fix-possible-deadlock-in-subflow-diag.patch
+
patches.kernel.org/6.7.9-128-mfd-twl6030-irq-Revert-to-use-of_match_device.patch
+
patches.kernel.org/6.7.9-129-NFS-Fix-data-corruption-caused-by-congestion.patch
+
patches.kernel.org/6.7.9-130-af_unix-Fix-task-hung-while-purging-oob_skb-in-.patch
+
patches.kernel.org/6.7.9-131-af_unix-Drop-oob_skb-ref-before-purging-queue-i.patch
+
patches.kernel.org/6.7.9-132-ASoC-cs35l56-fix-reversed-if-statement-in-cs35l.patch
+
patches.kernel.org/6.7.9-133-dmaengine-dw-edma-Fix-the-ch_count-hdma-callbac.patch
+
patches.kernel.org/6.7.9-134-dmaengine-dw-edma-Fix-wrong-interrupt-bit-set-f.patch
+
patches.kernel.org/6.7.9-135-dmaengine-dw-edma-HDMA_V0_REMOTEL_STOP_INT_EN-t.patch
+
patches.kernel.org/6.7.9-136-dmaengine-dw-edma-Add-HDMA-remote-interrupt-con.patch
+
patches.kernel.org/6.7.9-137-dmaengine-dw-edma-HDMA-Add-sync-read-before-sta.patch
+
patches.kernel.org/6.7.9-138-dmaengine-dw-edma-eDMA-Add-sync-read-before-sta.patch
+
patches.kernel.org/6.7.9-139-phy-freescale-phy-fsl-imx8-mipi-dphy-Fix-alias-.patch
+
patches.kernel.org/6.7.9-140-phy-qcom-phy-qcom-m31-fix-wrong-pointer-pass-to.patch
+ patches.kernel.org/6.7.9-141-phy-qcom-qmp-usb-fix-v3-offsets-data.patch
+
patches.kernel.org/6.7.9-142-dmaengine-idxd-Remove-shadow-Event-Log-head-sto.patch
+
patches.kernel.org/6.7.9-143-dmaengine-idxd-Ensure-safe-user-copy-of-complet.patch
+
patches.kernel.org/6.7.9-144-powerpc-pseries-iommu-IOMMU-table-is-not-initia.patch
+
patches.kernel.org/6.7.9-145-powerpc-rtas-use-correct-function-name-for-rese.patch
+
patches.kernel.org/6.7.9-146-gpio-74x164-Enable-output-pins-after-registers-.patch
+
patches.kernel.org/6.7.9-147-gpiolib-Fix-the-error-path-order-in-gpiochip_ad.patch
+
patches.kernel.org/6.7.9-148-gpio-fix-resource-unwinding-order-in-error-path.patch
+
patches.kernel.org/6.7.9-149-block-define-bvec_iter-as-__packed-__aligned-4.patch
+
patches.kernel.org/6.7.9-150-x86-entry_64-Add-VERW-just-before-userspace-tra.patch
+
patches.kernel.org/6.7.9-151-x86-entry_32-Add-VERW-just-before-userspace-tra.patch
+
patches.kernel.org/6.7.9-152-x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_cl.patch
+
patches.kernel.org/6.7.9-153-KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMR.patch
+
patches.kernel.org/6.7.9-154-KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mit.patch
+
patches.kernel.org/6.7.9-155-selftests-mptcp-add-evts_get_info-helper.patch
+
patches.kernel.org/6.7.9-156-selftests-mptcp-add-chk_subflows_total-helper.patch
+
patches.kernel.org/6.7.9-157-selftests-mptcp-update-userspace-pm-test-helper.patch
+ patches.kernel.org/6.7.9-158-selftests-mptcp-add-mptcp_lib_is_v6.patch
+
patches.kernel.org/6.7.9-159-selftests-mptcp-rm-subflow-with-v4-v4mapped-add.patch
+
patches.kernel.org/6.7.9-160-drm-nouveau-don-t-fini-scheduler-before-entity-.patch
+ patches.kernel.org/6.7.9-161-Linux-6.7.9.patch
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -2204,15 +2367,6 @@
# sorted patches
########################################################
patches.suse/nvmet-tcp-remove-boilerplate-code.patch
- patches.suse/af_unix-Fix-task-hung-while-purging-oob_skb-in-GC.patch
- patches.suse/x86-entry_64-Add-VERW-just-before-userspace-transiti.patch
- patches.suse/x86-entry_32-Add-VERW-just-before-userspace-transiti.patch
- patches.suse/x86-bugs-Use-ALTERNATIVE-instead-of-mds_user_clear-s.patch
- patches.suse/KVM-VMX-Use-BT-JNC-i.e.-EFLAGS.CF-to-select-VMRESUME.patch
- patches.suse/KVM-VMX-Move-VERW-closer-to-VMentry-for-MDS-mitigati.patch
- patches.suse/fs-ntfs3-fix-build-without-CONFIG_NTFS3_LZX_XPRESS.patch
- patches.suse/mptcp-avoid-printing-warning-once-on-client-side.patch
- patches.suse/mptcp-fix-possible-deadlock-in-subflow-diag.patch
########################################################
# end of sorted patches
@@ -2365,6 +2519,8 @@
patches.suse/net-qrtr-support-suspend-hibernation.patch
patches.suse/wifi-ath11k-support-hibernation.patch
+ patches.suse/Bluetooth-btmtk-Add-MODULE_FIRMWARE-for-MT7922.patch
+
########################################################
# USB
########################################################
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.TnQ14T/_old 2024-03-13 22:16:33.795823405 +0100
+++ /var/tmp/diff_new_pack.TnQ14T/_new 2024-03-13 22:16:33.799823552 +0100
@@ -1,4 +1,4 @@
-2024-03-01 13:51:21 +0000
-GIT Revision: 1ff84c539098385746e3fa3aaf975296fb8e6791
+2024-03-07 06:07:11 +0000
+GIT Revision: 6049de6df9e2c9bf3b5a2534fd3cdc21c68a7421
GIT Branch: stable
