-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Jul 2022 01:20:17 +0200
Source: linux-signed-amd64
Architecture: source
Version: 5.19~rc6+1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Kernel Team <debian-ker...@lists.debian.org>
Changed-By: Ben Hutchings <b...@debian.org>
Changes:
 linux-signed-amd64 (5.19~rc6+1~exp1) experimental; urgency=medium
 .
   * Sign kernel from linux 5.19~rc6-1~exp1
 .
   * New upstream release candidate
 .
   [ Ben Hutchings ]
   * [mips64el/mips64r2el] Fix package description
   * [x86] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
     Intel (CVE-2022-29901) processors:
     - x86/kvm/vmx: Make noinstr clean
     - x86/cpufeatures: Move RETPOLINE flags to word 11
     - x86/retpoline: Cleanup some #ifdefery
     - x86/retpoline: Swizzle retpoline thunk
     - x86/retpoline: Use -mfunction-return
     - x86: Undo return-thunk damage
     - x86,objtool: Create .return_sites
     - x86,static_call: Use alternative RET encoding
     - x86/ftrace: Use alternative RET encoding
     - x86/bpf: Use alternative RET encoding
     - x86/kvm: Fix SETcc emulation for return thunks
     - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
     - x86/sev: Avoid using __x86_return_thunk
     - x86: Use return-thunk in asm code
     - x86/entry: Avoid very early RET
     - objtool: Treat .text.__x86.* as noinstr
     - x86: Add magic AMD return-thunk
     - x86/bugs: Report AMD retbleed vulnerability
     - x86/bugs: Add AMD retbleed= boot parameter
     - x86/bugs: Enable STIBP for JMP2RET
     - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
     - x86/entry: Add kernel IBRS implementation
     - x86/bugs: Optimize SPEC_CTRL MSR writes
     - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
     - x86/bugs: Split spectre_v2_select_mitigation() and
       spectre_v2_user_select_mitigation()
     - x86/bugs: Report Intel retbleed vulnerability
     - intel_idle: Disable IBRS during long idle
     - objtool: Update Retpoline validation
     - x86/xen: Rename SYS* entry points
     - x86/xen: Add UNTRAIN_RET
     - x86/bugs: Add retbleed=ibpb
     - x86/bugs: Do IBPB fallback check only once
     - objtool: Add entry UNRET validation
     - x86/cpu/amd: Add Spectral Chicken
     - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
     - x86/speculation: Fix firmware entry SPEC_CTRL handling
     - x86/speculation: Fix SPEC_CTRL write on SMT state change
     - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
     - x86/speculation: Remove x86_spec_ctrl_mask
     - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
     - KVM: VMX: Flatten __vmx_vcpu_run()
     - KVM: VMX: Convert launched argument to flags
     - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
     - KVM: VMX: Fix IBRS handling after vmexit
     - x86/speculation: Fill RSB on vmexit for IBRS
     - KVM: VMX: Prevent RSB underflow before vmenter
     - x86/common: Stamp out the stepping madness
     - x86/cpu/amd: Enumerate BTC_NO
     - x86/retbleed: Add fine grained Kconfig knobs
     - x86/bugs: Add Cannon lake to RETBleed affected CPU list
     - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
     - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
     - x86/kexec: Disable RET on kexec
     - x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
   * [amd64] Enable SLS mitigation
Checksums-Sha1:
 eabf3c0f8d24609dd5fec6f04cf4bf07284fa48e 8763 
linux-signed-amd64_5.19~rc6+1~exp1.dsc
 844014ca990b75a01c7e854fa81e424c043108ee 2888048 
linux-signed-amd64_5.19~rc6+1~exp1.tar.xz
Checksums-Sha256:
 b987d35b80b6b1230343aff05636340a94bfbc3c36b8b85cb4336d4d1c71c59d 8763 
linux-signed-amd64_5.19~rc6+1~exp1.dsc
 1e89c42d739ac6576816c251c853ec78e7760d0e5ed4fa0aa30443456bf3c249 2888048 
linux-signed-amd64_5.19~rc6+1~exp1.tar.xz
Files:
 604b8a9f8e12d69406f3258eb68b2375 8763 kernel optional 
linux-signed-amd64_5.19~rc6+1~exp1.dsc
 d733bee7446759915c834d3c918ce9d2 2888048 kernel optional 
linux-signed-amd64_5.19~rc6+1~exp1.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmLPMRUACgkQi0FRiLdO
Nzba7Q//dW1zxpdsmnGNn988z08Ikza22gRKO2TCz6b1eqL2ncL9WCOKUws//uv8
1hK0BOPXPYoDzMqlP64zv9yKTcKneyd0m+glgdq8vogxbdvC6nJ4gBTMjdY5HjeR
nPPA/4ro11a0nHqd3MvQxb+3AtlSJuQcHaBtVt788GWF6Tm3ueH5hbh6ppU9WnWq
7Ghue6Rksyq8CzqIW5uP+t6Jv4i5ThVjuYiE17WOADObXpiWd8TR7o5R9Z9eoQ1w
S3w8ArlUmM7houfZ0RtstfOHZSaEOF4H+fvXa5x/o8b8TbeCwIUaARqVUnssSy8Z
Qe3eazRXe6W0BjENqqyQMkPYbuI3z0lIIssiDMUDigrUfteW8aXI32ssYzDyZ+Hr
RK3x0tzpkrQIh71xmRzIVub+rI6x9pqrmAIKeljXHSYtmMv2TVsl0oM+3/nqNucC
HKe1jrq+u8Cqj3Wj0iqy0UVumXGNf5lG1nCR/SvGLp3W4l9Hr6sAJhjiLzpl0e1E
wIEi4QDbTmUf18ZfL4GfrcXpImHl8TZWf1BvbAEETpI7L9xWC5QeUAzW83Vpwvxu
mvV5Ln6QbwFiovVMOmQw/yEBAfshYHts2lesM80HIV84GNCVtSwNpvM9WKTEyEuP
vHiikuwCPDeimVOSovsEok0cODwXezUzmY9+VQrsha9Eltf4dn0=
=nozp
-----END PGP SIGNATURE-----

Reply via email to