[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

linux-signed-arm64_5.19~rc6+1~exp1_source.changes ACCEPTED into experimental, experimental


Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 13 Jul 2022 01:20:17 +0200
Source: linux-signed-arm64
Architecture: source
Version: 5.19~rc6+1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Changes:
 linux-signed-arm64 (5.19~rc6+1~exp1) experimental; urgency=medium
 .
   * Sign kernel from linux 5.19~rc6-1~exp1
 .
   * New upstream release candidate
 .
   [ Ben Hutchings ]
   * [mips64el/mips64r2el] Fix package description
   * [x86] Add mitigations for RETbleed on AMD/Hygon (CVE-2022-29900) and
     Intel (CVE-2022-29901) processors:
     - x86/kvm/vmx: Make noinstr clean
     - x86/cpufeatures: Move RETPOLINE flags to word 11
     - x86/retpoline: Cleanup some #ifdefery
     - x86/retpoline: Swizzle retpoline thunk
     - x86/retpoline: Use -mfunction-return
     - x86: Undo return-thunk damage
     - x86,objtool: Create .return_sites
     - x86,static_call: Use alternative RET encoding
     - x86/ftrace: Use alternative RET encoding
     - x86/bpf: Use alternative RET encoding
     - x86/kvm: Fix SETcc emulation for return thunks
     - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
     - x86/sev: Avoid using __x86_return_thunk
     - x86: Use return-thunk in asm code
     - x86/entry: Avoid very early RET
     - objtool: Treat .text.__x86.* as noinstr
     - x86: Add magic AMD return-thunk
     - x86/bugs: Report AMD retbleed vulnerability
     - x86/bugs: Add AMD retbleed= boot parameter
     - x86/bugs: Enable STIBP for JMP2RET
     - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
     - x86/entry: Add kernel IBRS implementation
     - x86/bugs: Optimize SPEC_CTRL MSR writes
     - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
     - x86/bugs: Split spectre_v2_select_mitigation() and
       spectre_v2_user_select_mitigation()
     - x86/bugs: Report Intel retbleed vulnerability
     - intel_idle: Disable IBRS during long idle
     - objtool: Update Retpoline validation
     - x86/xen: Rename SYS* entry points
     - x86/xen: Add UNTRAIN_RET
     - x86/bugs: Add retbleed=ibpb
     - x86/bugs: Do IBPB fallback check only once
     - objtool: Add entry UNRET validation
     - x86/cpu/amd: Add Spectral Chicken
     - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
     - x86/speculation: Fix firmware entry SPEC_CTRL handling
     - x86/speculation: Fix SPEC_CTRL write on SMT state change
     - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
     - x86/speculation: Remove x86_spec_ctrl_mask
     - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
     - KVM: VMX: Flatten __vmx_vcpu_run()
     - KVM: VMX: Convert launched argument to flags
     - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
     - KVM: VMX: Fix IBRS handling after vmexit
     - x86/speculation: Fill RSB on vmexit for IBRS
     - KVM: VMX: Prevent RSB underflow before vmenter
     - x86/common: Stamp out the stepping madness
     - x86/cpu/amd: Enumerate BTC_NO
     - x86/retbleed: Add fine grained Kconfig knobs
     - x86/bugs: Add Cannon lake to RETBleed affected CPU list
     - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
     - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
     - x86/kexec: Disable RET on kexec
     - x86/speculation: Disable RRSBA behavior
     - x86/static_call: Serialize __static_call_fixup() properly
   * [amd64] Enable SLS mitigation
Checksums-Sha1:
 f6cfc0a660a0dc77d901eb5f04ea07f0e4f404d7 7472 linux-signed-arm64_5.19~rc6+1~exp1.dsc
 dc6490b4c5c40b93937a683137c7ae897f705b0e 2641996 linux-signed-arm64_5.19~rc6+1~exp1.tar.xz
Checksums-Sha256:
 70195ddec4c5c7748dfbd5d82e456734101fc67da4a93ceceaec08112016a07b 7472 linux-signed-arm64_5.19~rc6+1~exp1.dsc
 36fafb8d1b35935ebbae6c1f8424ef6ec96a802f15b5235b17b68f634eac2e27 2641996 linux-signed-arm64_5.19~rc6+1~exp1.tar.xz
Files:
 dfbd7dbcb81cc876650f767b30e1c0ff 7472 kernel optional linux-signed-arm64_5.19~rc6+1~exp1.dsc
 eed4f4b6057eb101605c7cc0130a42be 2641996 kernel optional linux-signed-arm64_5.19~rc6+1~exp1.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmLPvgMACgkQi0FRiLdO
NzbfkQ//Q2ZIHYkqouFeeDtWX0if8sVK2Ji5I8iuIfARgMdteq2vYU9xUOnBNvoi
DOnrRpgAm9xhzIooceSvb7ZjYk/exrK1aB1uos3lHk4iEDfa2A9YyI9mz72LIAmc
Z7p1vXH2HS9rSFWgXtC54yJloOVGLlvrg6e2AxF1AtN306OEk1mNYjU2VnGQWIMw
q9oCztsYjtbdoMQ3pQI4S3SGGhmeYLAYcX+Q5xhcZRU0HStFI1Nn+/cwuppISHsR
wnfaDjzxR0HsJMtFGl0/DrTQ6ErWiMcBgLhmEn0Tqsxz1kSLcf1QM6oXEbtnNGpr
d92uExQgwNxE2BzIs3JA8PqDYrb//Tk9wAUYf/GpoccuHYPJOLWiYZ+EICmpNJEi
64yvHdR0i2WUxmvaHY/gKI6reiwHWDqksszkMBUPzBQnlCybtaZzTF9oVzAyUJ2o
dQEDFYfKXrN/GAUx6qEcLN/6v3qEafAa7Q0vW6pKhUZY+m69rOMiX48H2qckd0Fv
auh8fcYhZkNkF1vI/uh9T7lc2FpwOQ2oRybPiQbgO8nWzbLaHwarX8AdQJxpVHP9
AVjIoBUpe/lHtPfCg1M51gbXvh7e2vJ+S7Av4D3sdbdXxwJzrCog3X/nxFmebtdi
f0osxldmC6h/TKI/q/IhskwJN7sMKkCCfBohp+mkMa/Rp7HxDuA=
=75DS
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.
Reply to: