Accepted linux 4.19.37-2 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 14 May 2019 17:34:37 +0100
Source: linux
Architecture: source
Version: 4.19.37-2
Distribution: unstable
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <ben@decadent.org.uk>
Closes: 928618
Changes:
linux (4.19.37-2) unstable; urgency=high
.
* debian/bin: Fix Python static checker regressions (Closes: #928618)
* Clean up speculation mitigations:
- Documentation/l1tf: Fix small spelling typo
- x86/cpu: Sanitize FAM6_ATOM naming
- kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
- x86/msr-index: Cleanup bit defines
- x86/speculation: Consolidate CPU whitelists
- Documentation: Move L1TF to separate directory
- cpu/speculation: Add 'mitigations=' cmdline option
- x86/speculation: Support 'mitigations=' cmdline option
- powerpc/speculation: Support 'mitigations=' cmdline option
- s390/speculation: Support 'mitigations=' cmdline option
- x86/speculation/mds: Add 'mitigations=' support for MDS
* [x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
(CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091):
- x86/speculation/mds: Add basic bug infrastructure for MDS
- x86/speculation/mds: Add BUG_MSBDS_ONLY
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
- x86/speculation/mds: Add mds_clear_cpu_buffers()
- x86/speculation/mds: Clear CPU buffers on exit to user
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry
- x86/speculation/mds: Add mitigation control for MDS
- x86/speculation/mds: Add sysfs reporting for MDS
- x86/speculation/mds: Add mitigation mode VMWERV
- Documentation: Add MDS vulnerability documentation
- x86/speculation/mds: Add mds=full,nosmt cmdline option
- x86/speculation: Move arch_smt_update() call to after mitigation decisions
- x86/speculation/mds: Add SMT warning message
- x86/speculation/mds: Fix comment
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
- x86/mds: Add MDSUM variant to the MDS documentation
- Documentation: Correct the possible MDS sysfs values
- x86/speculation/mds: Fix documentation typo
* [x86] linux-cpupower: Update CPPFLAGS for change in <asm/msr-index.h>
Checksums-Sha1:
0f3898fb50eaf82ebcccffcea79b6af3ac83e58d 189124 linux_4.19.37-2.dsc
e5d28f26074b82ba27ef5bf3ec470f52fae36224 1231028 linux_4.19.37-2.debian.tar.xz
04d7e8722f9b410bc3d5b3f4b3b8ce9d5bb9745a 47334 linux_4.19.37-2_source.buildinfo
Checksums-Sha256:
fa5e2bb6ecbfd13b0db17ace1e2b0edc8f860ad0c6e1c6054635f8bb93adaa46 189124 linux_4.19.37-2.dsc
758572eb0b6eaf20097cd3046e1ab35dfc01643db4c32669c5816489408ad12f 1231028 linux_4.19.37-2.debian.tar.xz
aa653914dfac9fedc580b6c5137525de46c53cb176a417d21971040554d7c07b 47334 linux_4.19.37-2_source.buildinfo
Files:
1acdf564916a6db0c9136dce0938afbc 189124 kernel optional linux_4.19.37-2.dsc
2c2c39e74d5edbd524f445abec3afe96 1231028 kernel optional linux_4.19.37-2.debian.tar.xz
7b9b8b9a0ddb1afa1a18f073880a4ccd 47334 kernel optional linux_4.19.37-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlzbCwoACgkQ57/I7JWG
EQlJ3xAAvQgCCeyrcmW+NRRNq2u76aXDF9sJq2tIi6d1Pwh4yU3M2zAVq/O1IMoi
RCinxFUvkrx00XOtA9h2DCdVwLltXxv+fcMD6odiwHo5nPBVoi0LkoiR8jNNwZmL
sEP67Wc/ve2/HZq06NHhyK+/SHs5YdHizhsgw7eTN1PlUuXMIa9sIWtEAdSs/Yi0
uJ0SUmb7CVZwa6EQHz5iV1nLAqt5nI09kIulBLfCKtPlimrVTxiIxTvyDJzXcFEr
e+Q32LH63pWula/bjVwp24pL3b9ceejDucqsoYwaY7NjDhZfk8jKQheacsHBpAKG
HimB984q5DP3jzSmOQVZu+kWZ8kTGMSgcJhHSBzYrhYjmu4N3PQWxWOP5ymU+DCn
hki+UpSkbt8ngChpkVS0gWcOnwRA+T3sH5j1XSjjXd3a8Lyy5BoP/B4EIyP5z47V
sNtgVumh5TVt7ZSlKQbuMtFPkndbakS+7ZlEwjg2m8ly4frUk/U8WDclEFdXcBuu
bv3rj/yB3rbMGtKia5LN6maA0CWMBjr9ATT36fWw0DzWu9mN6lBEzRaoJOroha17
wgy429F6yf2xzkufdzKSwS3den0S2F2nh5hrURyGivctckEHMw8tV/mXtyxxp9yS
CqU42smMLB1/WMccmOs04XrArgOTzSgHL5K/3YIjFK4b/B33/AY=
=H8IY
-----END PGP SIGNATURE-----