kernel-6.1.14-100
* Sat Feb 25 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.1.14-0] - Linux v6.1.14 Resolves: Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
This commit is contained in:
Justin M. Forbes
parent
9739ec2707
commit
b00c932ac6
3 changed files with 11 additions and 49 deletions
|
|
@ -124,17 +124,17 @@ Summary: The Linux kernel
|
|||
# the --with-release option overrides this setting.)
|
||||
%define debugbuildsenabled 1
|
||||
# define buildid .local
|
||||
%define specversion 6.1.13
|
||||
%define specversion 6.1.14
|
||||
%define patchversion 6.1
|
||||
%define pkgrelease 100
|
||||
%define kversion 6
|
||||
%define tarfile_release 6.1.13
|
||||
%define tarfile_release 6.1.14
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 1
|
||||
# This allows pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 100%{?buildid}%{?dist}
|
||||
# This defines the kabi tarball version
|
||||
%define kabiversion 6.1.13
|
||||
%define kabiversion 6.1.14
|
||||
|
||||
# If this variable is set to 1, a bpf selftests build failure will cause a
|
||||
# fatal kernel package build error
|
||||
|
|
@ -3178,6 +3178,9 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Sat Feb 25 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.1.14-0]
|
||||
- Linux v6.1.14
|
||||
|
||||
* Wed Feb 22 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.1.13-0]
|
||||
- Linux v6.1.13
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,6 @@
|
|||
arch/x86/include/asm/pgtable_areas.h | 8 +-
|
||||
arch/x86/kernel/hw_breakpoint.c | 2 +-
|
||||
arch/x86/kernel/setup.c | 22 ++--
|
||||
arch/x86/kvm/vmx/nested.c | 11 ++
|
||||
arch/x86/kvm/vmx/vmx.c | 6 +-
|
||||
arch/x86/mm/cpu_entry_area.c | 46 +++++++-
|
||||
drivers/acpi/apei/hest.c | 8 ++
|
||||
drivers/acpi/irq.c | 17 ++-
|
||||
|
|
@ -40,10 +38,10 @@
|
|||
security/lockdown/Kconfig | 13 +++
|
||||
security/lockdown/lockdown.c | 1 +
|
||||
security/security.c | 6 +
|
||||
42 files changed, 534 insertions(+), 190 deletions(-)
|
||||
40 files changed, 519 insertions(+), 188 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index e51356b982f9..38e5ed779572 100644
|
||||
index 3e82a3224362..9dd0648927cf 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
|
||||
|
|
@ -234,45 +232,6 @@ index 892609cde4a2..ad9aa11ba3a0 100644
|
|||
|
||||
reserve_initrd();
|
||||
|
||||
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
|
||||
index 10c63b1bf92f..df8995977ec2 100644
|
||||
--- a/arch/x86/kvm/vmx/nested.c
|
||||
+++ b/arch/x86/kvm/vmx/nested.c
|
||||
@@ -4767,6 +4767,17 @@ void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 vm_exit_reason,
|
||||
|
||||
vmx_switch_vmcs(vcpu, &vmx->vmcs01);
|
||||
|
||||
+ /*
|
||||
+ * If IBRS is advertised to the vCPU, KVM must flush the indirect
|
||||
+ * branch predictors when transitioning from L2 to L1, as L1 expects
|
||||
+ * hardware (KVM in this case) to provide separate predictor modes.
|
||||
+ * Bare metal isolates VMX root (host) from VMX non-root (guest), but
|
||||
+ * doesn't isolate different VMCSs, i.e. in this case, doesn't provide
|
||||
+ * separate modes for L2 vs L1.
|
||||
+ */
|
||||
+ if (guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL))
|
||||
+ indirect_branch_prediction_barrier();
|
||||
+
|
||||
/* Update any VMCS fields that might have changed while L2 ran */
|
||||
vmcs_write32(VM_EXIT_MSR_LOAD_COUNT, vmx->msr_autoload.host.nr);
|
||||
vmcs_write32(VM_ENTRY_MSR_LOAD_COUNT, vmx->msr_autoload.guest.nr);
|
||||
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
|
||||
index 4ae248e87f5e..95ed874fbbcc 100644
|
||||
--- a/arch/x86/kvm/vmx/vmx.c
|
||||
+++ b/arch/x86/kvm/vmx/vmx.c
|
||||
@@ -1348,8 +1348,10 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu,
|
||||
|
||||
/*
|
||||
* No indirect branch prediction barrier needed when switching
|
||||
- * the active VMCS within a guest, e.g. on nested VM-Enter.
|
||||
- * The L1 VMM can protect itself with retpolines, IBPB or IBRS.
|
||||
+ * the active VMCS within a vCPU, unless IBRS is advertised to
|
||||
+ * the vCPU. To minimize the number of IBPBs executed, KVM
|
||||
+ * performs IBPB on nested VM-Exit (a single nested transition
|
||||
+ * may switch the active VMCS multiple times).
|
||||
*/
|
||||
if (!buddy || WARN_ON_ONCE(buddy->vmcs != prev))
|
||||
indirect_branch_prediction_barrier();
|
||||
diff --git a/arch/x86/mm/cpu_entry_area.c b/arch/x86/mm/cpu_entry_area.c
|
||||
index 6c2f1b76a0b6..20844cf141fb 100644
|
||||
--- a/arch/x86/mm/cpu_entry_area.c
|
||||
|
|
|
|||
6
sources
6
sources
|
|
@ -1,3 +1,3 @@
|
|||
SHA512 (linux-6.1.13.tar.xz) = 3bc9f550d1ab0fe39585c1df1a9ea0b155ec170fb3d65f08449fcbbdf239b3266b088fc4f47f057f181d0282ff28aa20bd7d7c5b4b35cffb555372ef826ee96a
|
||||
SHA512 (kernel-abi-stablelists-6.1.13.tar.bz2) = db07c81a5c0a9a5dde00476662b0774f8d951a5b1b98cd45c2b2d132cb93cb18c8e2efe858202232ca25a83762318f27b7584c14fc659b0d818becfebb693d22
|
||||
SHA512 (kernel-kabi-dw-6.1.13.tar.bz2) = 98d52d05e6aa6fee9bd0e7af48d25ebd9dd8a71988d9f260414eb138f3259957ba404317106d720b515165d0826ef1e075d30cc5bce635a475f0fea4b0c6b90b
|
||||
SHA512 (linux-6.1.14.tar.xz) = 3ed9f882ccfb10bc3deb27a111d49afb9b171e740d75169c94415474a2945331b97e85b05573064e4a052ebcdd124e001e6b22694aaee1035ecd52a0e5e325c0
|
||||
SHA512 (kernel-abi-stablelists-6.1.14.tar.bz2) = cf72d128c4ae9c1eb075fac3604d90bf4e48e61bb987c7df0e73b4dfb5329dd54b0117422b90516d7bbe266f097835facb619bd66958a7cb45b1f2fcc0584dd9
|
||||
SHA512 (kernel-kabi-dw-6.1.14.tar.bz2) = 221c668cffd283f69df51282dbfcf923f1be8cf12d8b094892da4aa8995a900fc7a0494e962322383f3069acf4beba0d8fbcb98c36342cf3e34be9614337c40a
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue