-linux (5.15.0-45.48) UNRELEASED; urgency=medium
-
- CHANGELOG: Do not edit directly. Autogenerated at release.
- CHANGELOG: Use the printchanges target to see the curent changes.
- CHANGELOG: Use the insertchanges target to create the final log.
-
- -- Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Tue, 19 Jul 2022 18:53:34 -0300
+linux (5.15.0-45.48) jammy; urgency=medium
+
+ * CVE-2022-29900 // CVE-2022-29901
+ - x86/lib/atomic64_386_32: Rename things
+ - x86: Prepare asm files for straight-line-speculation
+ - x86: Prepare inline-asm for straight-line-speculation
+ - x86/alternative: Relax text_poke_bp() constraint
+ - kbuild: move objtool_args back to scripts/Makefile.build
+ - x86: Add straight-line-speculation mitigation
+ - kvm/emulate: Fix SETcc emulation function offsets with SLS
+ - crypto: x86/poly1305 - Fixup SLS
+ - objtool: Add straight-line-speculation validation
+ - objtool: Fix SLS validation for kcov tail-call replacement
+ - objtool: Fix objtool regression on x32 systems
+ - objtool: Fix symbol creation
+ - objtool: Introduce CFI hash
+ - objtool: Default ignore INT3 for unreachable
+ - x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
+ - x86/traps: Use pt_regs directly in fixup_bad_iret()
+ - x86/entry: Switch the stack after error_entry() returns
+ - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
+ - x86/entry: Don't call error_entry() for XENPV
+ - x86/entry: Remove skip_r11rcx
+ - x86/realmode: build with -D__DISABLE_EXPORTS
+ - x86/ibt,ftrace: Make function-graph play nice
+ - x86/kvm/vmx: Make noinstr clean
+ - x86/cpufeatures: Move RETPOLINE flags to word 11
+ - x86/retpoline: Cleanup some #ifdefery
+ - x86/retpoline: Swizzle retpoline thunk
+ - x86/retpoline: Use -mfunction-return
+ - x86: Undo return-thunk damage
+ - x86,objtool: Create .return_sites
+ - objtool: skip non-text sections when adding return-thunk sites
+ - x86,static_call: Use alternative RET encoding
+ - x86/ftrace: Use alternative RET encoding
+ - x86/bpf: Use alternative RET encoding
+ - x86/kvm: Fix SETcc emulation for return thunks
+ - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
+ - x86/sev: Avoid using __x86_return_thunk
+ - x86: Use return-thunk in asm code
+ - x86/entry: Avoid very early RET
+ - objtool: Treat .text.__x86.* as noinstr
+ - x86: Add magic AMD return-thunk
+ - x86/bugs: Report AMD retbleed vulnerability
+ - x86/bugs: Add AMD retbleed= boot parameter
+ - x86/bugs: Enable STIBP for JMP2RET
+ - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
+ - x86/entry: Add kernel IBRS implementation
+ - x86/bugs: Optimize SPEC_CTRL MSR writes
+ - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
+ - x86/bugs: Split spectre_v2_select_mitigation() and
+ spectre_v2_user_select_mitigation()
+ - x86/bugs: Report Intel retbleed vulnerability
+ - intel_idle: Disable IBRS during long idle
+ - objtool: Update Retpoline validation
+ - x86/xen: Rename SYS* entry points
+ - x86/xen: Add UNTRAIN_RET
+ - x86/bugs: Add retbleed=ibpb
+ - x86/bugs: Do IBPB fallback check only once
+ - objtool: Add entry UNRET validation
+ - x86/cpu/amd: Add Spectral Chicken
+ - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
+ - x86/speculation: Fix firmware entry SPEC_CTRL handling
+ - x86/speculation: Fix SPEC_CTRL write on SMT state change
+ - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
+ - x86/speculation: Remove x86_spec_ctrl_mask
+ - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
+ - KVM: VMX: Flatten __vmx_vcpu_run()
+ - KVM: VMX: Convert launched argument to flags
+ - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
+ - KVM: VMX: Fix IBRS handling after vmexit
+ - x86/speculation: Fill RSB on vmexit for IBRS
+ - KVM: VMX: Prevent RSB underflow before vmenter
+ - x86/common: Stamp out the stepping madness
+ - x86/cpu/amd: Enumerate BTC_NO
+ - x86/retbleed: Add fine grained Kconfig knobs
+ - x86/bugs: Add Cannon lake to RETBleed affected CPU list
+ - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
+ - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
+ - x86/kexec: Disable RET on kexec
+ - x86/speculation: Disable RRSBA behavior
+ - [Config]: Enable speculation mitigations
+ - x86/static_call: Serialize __static_call_fixup() properly
+ - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
+ - x86/bugs: Mark retbleed_strings static
+ - x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
+ - x86/kvm: fix FASTOP_SIZE when return thunks are enabled
+ - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
+ - KVM: emulate: do not adjust size of fastop and setcc subroutines
+ - x86/bugs: Remove apostrophe typo
+ - efi/x86: use naked RET on mixed mode call wrapper
+
+ -- Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Tue, 19 Jul 2022 18:57:17 -0300
linux (5.15.0-43.46) jammy; urgency=medium
projects / mirror_ubuntu-jammy-kernel.git / commitdiff