1. Forum
  2. Usenet
  3. LINUX.DEBIAN.KERNEL

  • linux-signed-amd64_5.19~rc6+1~exp1_source.changes ACCEPTED into experim

    From Debian FTP Masters@21:1/5 to All on Thu Jul 14 07:20:01 2022
    Accepted:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Wed, 13 Jul 2022 01:20:17 +0200
    Source: linux-signed-amd64
    Architecture: source
    Version: 5.19~rc6+1~exp1
    Distribution: experimental
    Urgency: medium
    Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
    Changed-By: Ben Hutchings <benh@debian.org>
    Changes:
    linux-signed-amd64 (5.19~rc6+1~exp1) experimental; urgency=medium
    .
    * Sign kernel from linux 5.19~rc6-1~exp1
    .
    * New upstream release candidate
    .
    [ Ben Hutchings ]
    * [mips64el/mips64r2el] Fix package description
    * [x86] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
    Intel (CVE-2022-29901) processors:
    - x86/kvm/vmx: Make noinstr clean
    - x86/cpufeatures: Move RETPOLINE flags to word 11
    - x86/retpoline: Cleanup some #ifdefery
    - x86/retpoline: Swizzle retpoline thunk
    - x86/retpoline: Use -mfunction-return
    - x86: Undo return-thunk damage
    - x86,objtool: Create .return_sites
    - x86,static_call: Use alternative RET encoding
    - x86/ftrace: Use alternative RET encoding
    - x86/bpf: Use alternative RET encoding
    - x86/kvm: Fix SETcc emulation for return thunks
    - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
    - x86/sev: Avoid using __x86_return_thunk
    - x86: Use return-thunk in asm code
    - x86/entry: Avoid very early RET
    - objtool: Treat .text.__x86.* as noinstr
    - x86: Add magic AMD return-thunk
    - x86/bugs: Report AMD retbleed vulnerability
    - x86/bugs: Add AMD retbleed= boot parameter
    - x86/bugs: Enable STIBP for JMP2RET
    - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
    - x86/entry: Add kernel IBRS implementation
    - x86/bugs: Optimize SPEC_CTRL MSR writes
    - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
    - x86/bugs: Split spectre_v2_select_mitigation() and
    spectre_v2_user_select_mitigation()
    - x86/bugs: Report Intel retbleed vulnerability
    - intel_idle: Disable IBRS during long idle
    - objtool: Update Retpoline validation
    - x86/xen: Rename SYS* entry points
    - x86/xen: Add UNTRAIN_RET
    - x86/bugs: Add retbleed=ibpb
    - x86/bugs: Do IBPB fallback check only once
    - objtool: Add entry UNRET validation
    - x86/cpu/amd: Add Spectral Chicken
    - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
    - x86/speculation: Fix firmware entry SPEC_CTRL handling
    - x86/speculation: Fix SPEC_CTRL write on SMT state change
    - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
    - x86/speculation: Remove x86_spec_ctrl_mask
    - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
    - KVM: VMX: Flatten __vmx_vcpu_run()
    - KVM: VMX: Convert launched argument to flags
    - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
    - KVM: VMX: Fix IBRS handling after vmexit
    - x86/speculation: Fill RSB on vmexit for IBRS
    - KVM: VMX: Prevent RSB underflow before vmenter
    - x86/common: Stamp out the stepping madness
    - x86/cpu/amd: Enumerate BTC_NO
    - x86/retbleed: Add fine grained Kconfig knobs
    - x86/bugs: Add Cannon lake to RETBleed affected CPU list
    - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
    - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
    - x86/kexec: Disable RET on kexec
    - x86/speculation: Disable RRSBA behavior
    - x86/static_call: Serialize __static_call_fixup() properly
    * [amd64] Enable SLS mitigation
    Checksums-Sha1:
    eabf3c0f8d24609dd5fec6f04cf4bf07284fa48e 8763 linux-signed-amd64_5.19~rc6+1~exp1.dsc
    844014ca990b75a01c7e854fa81e424c043108ee 2888048 linux-signed-amd64_5.19~rc6+1~exp1.tar.xz
    Checksums-Sha256:
    b987d35b80b6b1230343aff05636340a94bfbc3c36b8b85cb4336d4d1c71c59d 8763 linux-signed-amd64_5.19~rc6+1~exp1.dsc
    1e89c42d739ac6576816c251c853ec78e7760d0e5ed4fa0aa30443456bf3c249 2888048 linux-signed-amd64_5.19~rc6+1~exp1.tar.xz
    Files:
    604b8a9f8e12d69406f3258eb68b2375 8763 kernel optional linux-signed-amd64_5.19~rc6+1~exp1.dsc
    d733bee7446759915c834d3c918ce9d2 2888048 kernel optional linux-signed-amd64_5.19~rc6+1~exp1.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmLPMRUACgkQi0FRiLdO Nzba7Q//dW1zxpdsmnGNn988z08Ikza22gRKO2TCz6b1eqL2ncL9WCOKUws//uv8 1hK0BOPXPYoDzMqlP64zv9yKTcKneyd0m+glgdq8vogxbdvC6nJ4gBTMjdY5HjeR nPPA/4ro11a0nHqd3MvQxb+3AtlSJuQcHaBtVt788GWF6Tm3ueH5hbh6ppU9WnWq 7Ghue6Rksyq8CzqIW5uP+t6Jv4i5ThVjuYiE17WOADObXpiWd8TR7o5R9Z9eoQ1w S3w8ArlUmM7houfZ0RtstfOHZSaEOF4H+fvXa5x/o8b8TbeCwIUaARqVUnssSy8Z Qe3eazRXe6W0BjENqqyQMkPYbuI3z0lIIssiDMUDigrUfteW8aXI32ssYzDyZ+Hr RK3x0tzpkrQIh71xmRzIVub+rI6x9pqrmAIKeljXHSYtmMv2TVsl0oM+3/nqNucC HKe1jrq+u8Cqj3Wj0iqy0UVumXGNf5lG1nCR/SvGLp3W4l9Hr6sAJhjiLzpl0e1E wIEi4QDbTmUf18ZfL4GfrcXpImHl8TZWf1BvbAEETpI7L9xWC5QeUAzW83Vpwvxu mvV5Ln6QbwFiovVMOmQw/yEBAfshYHts2lesM80HIV84GNCVtSwNpvM9WKTEyEuP vHiikuwCPDeimVOSovsEok0cODwXezUzmY9+VQrsha9Eltf4dn0=
    =nozp
    -----END PGP SIGNATURE-----


    Thank you for your contribution to Debian.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)