diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-07-31 20:56:10 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-07-31 21:07:07 +0200 |
| commit | bd017adc3555b1edc2225fe2402d1f3be73680ec (patch) | |
| tree | 32653b5e73cec437ca0f03ebb781a6ec1442b1c6 /debian | |
| parent | 3491dcdc140192efa1d12557faa8a1c11043e8e9 (diff) | |
| download | linux-debian-bd017adc3555b1edc2225fe2402d1f3be73680ec.tar.gz | |
Update to 5.19-rc8
Drop patches applied upstream
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rw-r--r-- | debian/patches/bugfix/x86/x86-speculation-make-all-retbleed-mitigations-depend.patch | 56 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 1 insertions, 58 deletions
diff --git a/debian/changelog b/debian/changelog index 0e2538341..accbce2a7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (5.19~rc7-1~exp1) UNRELEASED; urgency=medium +linux (5.19~rc8-1~exp1) UNRELEASED; urgency=medium * New upstream release candidate - [i386] x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (fixes FTBFS) diff --git a/debian/patches/bugfix/x86/x86-speculation-make-all-retbleed-mitigations-depend.patch b/debian/patches/bugfix/x86/x86-speculation-make-all-retbleed-mitigations-depend.patch deleted file mode 100644 index 1fd1a380b..000000000 --- a/debian/patches/bugfix/x86/x86-speculation-make-all-retbleed-mitigations-depend.patch +++ /dev/null @@ -1,56 +0,0 @@ -From: Ben Hutchings <ben@decadent.org.uk> -Date: Sat, 23 Jul 2022 16:20:34 +0200 -Subject: x86/speculation: Make all RETbleed mitigations depend on X86_64 -Forwarded: https://lore.kernel.org/lkml/YtwSR3NNsWp1ohfV@decadent.org.uk/T/ - -The mitigations for RETBleed are currently ineffective on x86_32 since -entry_32.S does not use the required macros. However, for an x86_32 -target, the kconfig symbols for them are still enabled by default and -/sys/devices/system/cpu/vulnerabilities/retbleed will wrongly report -that mitigations are in place. - -Make all of these symbols depend on X86_64, and only enable RETHUNK by -default on X86_64. - -Cc: stable@vger.kernel.org -Signed-off-by: Ben Hutchings <ben@decadent.org.uk> ---- - arch/x86/Kconfig | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - ---- a/arch/x86/Kconfig -+++ b/arch/x86/Kconfig -@@ -2473,7 +2473,7 @@ config RETHUNK - bool "Enable return-thunks" - depends on RETPOLINE && CC_HAS_RETURN_THUNK - select OBJTOOL if HAVE_OBJTOOL -- default y -+ default y if X86_64 - help - Compile the kernel with the return-thunks compiler option to guard - against kernel-to-user data leaks by avoiding return speculation. -@@ -2482,21 +2482,21 @@ config RETHUNK - - config CPU_UNRET_ENTRY - bool "Enable UNRET on kernel entry" -- depends on CPU_SUP_AMD && RETHUNK -+ depends on CPU_SUP_AMD && RETHUNK && X86_64 - default y - help - Compile the kernel with support for the retbleed=unret mitigation. - - config CPU_IBPB_ENTRY - bool "Enable IBPB on kernel entry" -- depends on CPU_SUP_AMD -+ depends on CPU_SUP_AMD && X86_64 - default y - help - Compile the kernel with support for the retbleed=ibpb mitigation. - - config CPU_IBRS_ENTRY - bool "Enable IBRS on kernel entry" -- depends on CPU_SUP_INTEL -+ depends on CPU_SUP_INTEL && X86_64 - default y - help - Compile the kernel with support for the spectre_v2=ibrs mitigation. diff --git a/debian/patches/series b/debian/patches/series index 1d6d66e39..700c4fb76 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -99,7 +99,6 @@ features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signatu # Security fixes debian/i386-686-pae-pci-set-pci-nobios-by-default.patch debian/ntfs-mark-it-as-broken.patch -bugfix/x86/x86-speculation-make-all-retbleed-mitigations-depend.patch # Fix exported symbol versions bugfix/all/module-disable-matching-missing-version-crc.patch |