Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20180104 When you reply to report some issues, make sure to change the subject. It is not helpful to keep the release announcement subject in a thread while discussing a specific problem. Packages changed: icecream (1.1rc2 -> 1.1) kernel-firmware (20171221 -> 20180104) kernel-source (4.14.9 -> 4.14.11) ucode-intel === Details === ==== icecream ==== Version update (1.1rc2 -> 1.1) Subpackages: icecream-clang-wrappers - Update dependencies to fix building on SLE - Cleanup spec file: * Run spec-clener * Make building more verbose - changes icecream 1.1rc3 -> 1.1 - revert "Add load control for preprocessing" - better handle clang arugments with spaces - remove "crashme" command from scheduler - better logging around exception 30 - changes icecream 1.1rc2 -> 1.1rc3 - Fix broken pipe race condition - Better error handling - Crash fixes - Documentation update - Include objcopy in environment if it exists - Add CI builds on travis-ci: OSX, ubuntu trusty - Fixed several memory errors - Extract enviornments with compile priority, not daemon priority - Handle spaces in the parameters following -MT - Handle -target -arch -c-isystem and -cxx-isystem (clang) - Handle NAT situations better - Add load control for preprocessing - Handle scheduler unable to reach remote machine - Make scheduler election algorithm handle multiple netnames ==== kernel-firmware ==== Version update (20171221 -> 20180104) Subpackages: ucode-amd - Update to version 20180104: * wl18xx: update firmware file 8.9.0.0.76 * wl127x/wl128x: update firmwares * rtlwifi: rtl8723de: Add firmware for new driver/device * linux-firmware: DMC firmware for cannonlake v1.07 - Add microcode_amd_fam17h.bin (bsc#1068032 CVE-2017-5715) ==== kernel-source ==== Version update (4.14.9 -> 4.14.11) Subpackages: kernel-default kernel-default-devel kernel-devel kernel-docs kernel-macros kernel-syms - Refresh patches.suse/0027-x86-kvm-Pad-RSB-on-VM-transition.patch. - Refresh patches.suse/0031-Reverting-the-commit-e5247c4f209530-to-replace.patch. Fix i386 build. - commit c36893f - Set IBPB when running a different VCPU (bnc#1068032 CVE-2017-5715). - Clear the host registers after setbe (bnc#1068032 CVE-2017-5715). - Use the ibpb_inuse variable (bnc#1068032 CVE-2017-5715). - Remove the code that uses MSR save/restore list (bnc#1068032 CVE-2017-5715). - KVM: x86: add SPEC_CTRL to MSR and CPUID lists (bnc#1068032 CVE-2017-5715). - kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (bnc#1068032 CVE-2017-5715). - Reverting the commit e5247c4f209530 to replace (bnc#1068032 CVE-2017-5715). - Use the "ibrs_inuse" variable (bnc#1068032 CVE-2017-5715). - kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (bnc#1068032 CVE-2017-5715). - x86/svm: Set IBPB when running a different VCPU (bnc#1068032 CVE-2017-5715). - x86/kvm: Pad RSB on VM transition (bnc#1068032 CVE-2017-5715). - Revert x86/kvm: Pad RSB on VM transition (bnc#1068032 CVE-2017-5715). - x86/cpu/AMD: Add speculative control support for AMD (bnc#1068032 CVE-2017-5715). - x86/microcode: Recheck IBRS and IBPB feature on microcode reload (bnc#1068032 CVE-2017-5715). - x86: Move IBRS/IBPB feature detection to scattered.c (bnc#1068032 CVE-2017-5715). - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (bnc#1068032 CVE-2017-5715). - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (bnc#1068032 CVE-2017-5715). - x86/kvm: clear registers on VM exit (bnc#1068032 CVE-2017-5715). - x86/kvm: Pad RSB on VM transition (bnc#1068032 CVE-2017-5715). - x86/kvm: Toggle IBRS on VM entry and exit (bnc#1068032 CVE-2017-5715). - x86/kvm: Set IBPB when switching VM (bnc#1068032 CVE-2017-5715). - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm (bnc#1068032 CVE-2017-5715). - x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance (bnc#1068032 CVE-2017-5715). - x86/syscall: Clear unused extra registers on syscall entrance (bnc#1068032 CVE-2017-5715). - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (bnc#1068032 CVE-2017-5715). - x86/mm: Only set IBPB when the new thread cannot ptrace current thread (bnc#1068032 CVE-2017-5715). - x86/mm: Set IBPB upon context switch (bnc#1068032 CVE-2017-5715). - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (bnc#1068032 CVE-2017-5715). - x86/idle: Disable IBRS entering idle and enable it on wakeup (bnc#1068032 CVE-2017-5715). - x86/spec_ctrl: save IBRS MSR value in paranoid_entry (bnc#1068032 CVE-2017-5715). - x86/enter: Use IBRS on syscall and interrupts (bnc#1068032 CVE-2017-5715). - x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (bnc#1068032 CVE-2017-5715). - x86/enter: MACROS to set/clear IBRS and set IBPB (bnc#1068032 CVE-2017-5715). - x86/feature: Report presence of IBPB and IBRS control (bnc#1068032 CVE-2017-5715). - x86: Add STIBP feature enumeration (bnc#1068032 CVE-2017-5715). - x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (bnc#1068032 CVE-2017-5715). - x86/feature: Enable the x86 feature to control Speculation (bnc#1068032 CVE-2017-5715). - commit 816f713 - userns: prevent speculative execution (bnc#1068032 CVE-2017-5753). - udf: prevent speculative execution (bnc#1068032 CVE-2017-5753). - net: mpls: prevent speculative execution (bnc#1068032 CVE-2017-5753). - fs: prevent speculative execution (bnc#1068032 CVE-2017-5753). - ipv6: prevent speculative execution (bnc#1068032 CVE-2017-5753). - ipv4: prevent speculative execution (bnc#1068032 CVE-2017-5753). - Thermal/int340x: prevent speculative execution (bnc#1068032 CVE-2017-5753). - cw1200: prevent speculative execution (bnc#1068032 CVE-2017-5753). - qla2xxx: prevent speculative execution (bnc#1068032 CVE-2017-5753). - p54: prevent speculative execution (bnc#1068032 CVE-2017-5753). - carl9170: prevent speculative execution (bnc#1068032 CVE-2017-5753). - uvcvideo: prevent speculative execution (bnc#1068032 CVE-2017-5753). - x86, bpf, jit: prevent speculative execution when JIT is enabled (bnc#1068032 CVE-2017-5753). - bpf: prevent speculative execution in eBPF interpreter (bnc#1068032 CVE-2017-5753). - locking/barriers: introduce new observable speculation barrier (bnc#1068032 CVE-2017-5753). - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (bnc#1068032 CVE-2017-5753). - x86/cpu/AMD: Make the LFENCE instruction serialized (bnc#1068032 CVE-2017-5753). - commit cf46932 - Linux 4.14.11 (bnc#1012628). - tracing: Remove extra zeroing out of the ring buffer page (bnc#1012628). - tracing: Fix possible double free on failure of allocating trace buffer (bnc#1012628). - tracing: Fix crash when it fails to alloc ring buffer (bnc#1012628). - x86/cpufeatures: Add X86_BUG_CPU_INSECURE (bnc#1012628). - x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y (bnc#1012628). - x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching (bnc#1012628). - x86/mm/pti: Add infrastructure for page table isolation (bnc#1012628). - x86/pti: Add the pti= cmdline option and documentation (bnc#1012628). - x86/mm/pti: Add mapping helper functions (bnc#1012628). - x86/mm/pti: Allow NX poison to be set in p4d/pgd (bnc#1012628). - x86/mm/pti: Allocate a separate user PGD (bnc#1012628). - x86/mm/pti: Populate user PGD (bnc#1012628). - x86/mm/pti: Add functions to clone kernel PMDs (bnc#1012628). - x86/mm/pti: Force entry through trampoline when PTI active (bnc#1012628). - x86/mm/pti: Share cpu_entry_area with user space page tables (bnc#1012628). - x86/entry: Align entry text section to PMD boundary (bnc#1012628). - x86/mm/pti: Share entry text PMD (bnc#1012628). - x86/mm/pti: Map ESPFIX into user space (bnc#1012628). - x86/cpu_entry_area: Add debugstore entries to cpu_entry_area (bnc#1012628). - x86/events/intel/ds: Map debug buffers in cpu_entry_area (bnc#1012628). - x86/mm/64: Make a full PGD-entry size hole in the memory map (bnc#1012628). - x86/pti: Put the LDT in its own PGD if PTI is on (bnc#1012628). - x86/pti: Map the vsyscall page if needed (bnc#1012628). - x86/mm: Allow flushing for future ASID switches (bnc#1012628). - x86/mm: Abstract switching CR3 (bnc#1012628). - x86/mm: Use/Fix PCID to optimize user/kernel switches (bnc#1012628). - x86/mm: Optimize RESTORE_CR3 (bnc#1012628). - x86/mm: Use INVPCID for __native_flush_tlb_single() (bnc#1012628). - x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming (bnc#1012628). - x86/dumpstack: Indicate in Oops whether PTI is configured and enabled (bnc#1012628). - x86/mm/pti: Add Kconfig (bnc#1012628). - x86/mm/dump_pagetables: Add page table directory to the debugfs VFS hierarchy (bnc#1012628). - x86/mm/dump_pagetables: Check user space page table for WX pages (bnc#1012628). - x86/mm/dump_pagetables: Allow dumping current pagetables (bnc#1012628). - x86/ldt: Make the LDT mapping RO (bnc#1012628). - ring-buffer: Mask out the info bits when returning buffer page length (bnc#1012628). - ring-buffer: Do no reuse reader page if still in use (bnc#1012628). - iw_cxgb4: Only validate the MSN for successful completions (bnc#1012628). - ASoC: codecs: msm8916-wcd: Fix supported formats (bnc#1012628). - ASoC: wm_adsp: Fix validation of firmware and coeff lengths (bnc#1012628). - ASoC: da7218: fix fix child-node lookup (bnc#1012628). - ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure (bnc#1012628). - ASoC: twl4030: fix child-node lookup (bnc#1012628). - ASoC: tlv320aic31xx: Fix GPIO1 register definition (bnc#1012628). - gpio: fix "gpio-line-names" property retrieval (bnc#1012628). - IB/hfi: Only read capability registers if the capability exists (bnc#1012628). - IB/mlx5: Serialize access to the VMA list (bnc#1012628). - IB/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() (bnc#1012628). - IB/core: Verify that QP is security enabled in create and destroy (bnc#1012628). - ALSA: hda: Drop useless WARN_ON() (bnc#1012628). - ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines (bnc#1012628). - ALSA: hda - change the location for one mic on a Lenovo machine (bnc#1012628). - ALSA: hda - fix headset mic detection issue on a Dell machine (bnc#1012628). - ALSA: hda - Fix missing COEF init for ALC225/295/299 (bnc#1012628). - cpufreq: schedutil: Use idle_calls counter of the remote CPU (bnc#1012628). - block: fix blk_rq_append_bio (bnc#1012628). - block: don't let passthrough IO go into .make_request_fn() (bnc#1012628). - kbuild: add '-fno-stack-check' to kernel build options (bnc#1012628). - ipv4: igmp: guard against silly MTU values (bnc#1012628). - ipv6: mcast: better catch silly mtu values (bnc#1012628). - net: fec: unmap the xmit buffer that are not transferred by DMA (bnc#1012628). - net: igmp: Use correct source address on IGMPv3 reports (bnc#1012628). - net: qmi_wwan: add Sierra EM7565 1199:9091 (bnc#1012628). - net: reevalulate autoflowlabel setting after sysctl setting (bnc#1012628). - ptr_ring: add barriers (bnc#1012628). - RDS: Check cmsg_len before dereferencing CMSG_DATA (bnc#1012628). - tcp_bbr: record "full bw reached" decision in new full_bw_reached bit (bnc#1012628). - tcp md5sig: Use skb's saddr when replying to an incoming segment (bnc#1012628). - tg3: Fix rx hang on MTU change with 5717/5719 (bnc#1012628). - tcp_bbr: reset full pipe detection on loss recovery undo (bnc#1012628). - tcp_bbr: reset long-term bandwidth sampling on loss recovery undo (bnc#1012628). - s390/qeth: apply takeover changes when mode is toggled (bnc#1012628). - s390/qeth: don't apply takeover changes to RXIP (bnc#1012628). - s390/qeth: lock IP table while applying takeover changes (bnc#1012628). - s390/qeth: update takeover IPs after configuration change (bnc#1012628). - net: ipv4: fix for a race condition in raw_sendmsg (bnc#1012628). - net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case (bnc#1012628). - sctp: Replace use of sockets_allocated with specified macro (bnc#1012628). - adding missing rcu_read_unlock in ipxip6_rcv (bnc#1012628). - ip6_gre: fix device features for ioctl setup (bnc#1012628). - ipv4: Fix use-after-free when flushing FIB tables (bnc#1012628). - net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks (bnc#1012628). - net: Fix double free and memory corruption in get_net_ns_by_id() (bnc#1012628). - net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround (bnc#1012628). - sock: free skb in skb_complete_tx_timestamp on error (bnc#1012628). - tcp: invalidate rate samples during SACK reneging (bnc#1012628). - net/mlx5: Fix rate limit packet pacing naming and struct (bnc#1012628). - net/mlx5e: Fix possible deadlock of VXLAN lock (bnc#1012628). - net/mlx5e: Fix features check of IPv6 traffic (bnc#1012628). - net/mlx5e: Add refcount to VXLAN structure (bnc#1012628). - net/mlx5e: Prevent possible races in VXLAN control flow (bnc#1012628). - net/mlx5: Fix error flow in CREATE_QP command (bnc#1012628). - openvswitch: Fix pop_vlan action for double tagged frames (bnc#1012628). - sfc: pass valid pointers from efx_enqueue_unwind (bnc#1012628). - net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY (bnc#1012628). - s390/qeth: fix error handling in checksum cmd callback (bnc#1012628). - sctp: make sure stream nums can match optlen in sctp_setsockopt_reset_streams (bnc#1012628). - tipc: fix hanging poll() for stream sockets (bnc#1012628). - mlxsw: spectrum: Disable MAC learning for ovs port (bnc#1012628). - tcp: fix potential underestimation on rcv_rtt (bnc#1012628). - net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well (bnc#1012628). - ipv6: Honor specified parameters in fibmatch lookup (bnc#1012628). - tcp: refresh tcp_mstamp from timers callbacks (bnc#1012628). - net/mlx5: FPGA, return -EINVAL if size is zero (bnc#1012628). - vxlan: restore dev->mtu setting based on lower device (bnc#1012628). - net: sched: fix static key imbalance in case of ingress/clsact_init error (bnc#1012628). - bnxt_en: Fix sources of spurious netpoll warnings (bnc#1012628). - phylink: ensure the PHY interface mode is appropriately set (bnc#1012628). - phylink: ensure AN is enabled (bnc#1012628). - ipv4: fib: Fix metrics match when deleting a route (bnc#1012628). - ipv6: set all.accept_dad to 0 by default (bnc#1012628). - Revert "mlx5: move affinity hints assignments to generic code" (bnc#1012628). - skbuff: orphan frags before zerocopy clone (bnc#1012628). - skbuff: skb_copy_ubufs must release uarg even without user frags (bnc#1012628). - skbuff: in skb_copy_ubufs unclone before releasing zerocopy (bnc#1012628). - sparc64: repair calling incorrect hweight function from stubs (bnc#1012628). - usbip: fix usbip bind writing random string after command in match_busid (bnc#1012628). - usbip: prevent leaking socket pointer address in messages (bnc#1012628). - usbip: stub: stop printing kernel pointer addresses in messages (bnc#1012628). - usbip: vhci: stop printing kernel pointer addresses in messages (bnc#1012628). - USB: chipidea: msm: fix ulpi-node lookup (bnc#1012628). - USB: serial: ftdi_sio: add id for Airbus DS P8GR (bnc#1012628). - USB: serial: qcserial: add Sierra Wireless EM7565 (bnc#1012628). - USB: serial: option: add support for Telit ME910 PID 0x1101 (bnc#1012628). - USB: serial: option: adding support for YUGA CLM920-NC5 (bnc#1012628). - usb: Add device quirk for Logitech HD Pro Webcam C925e (bnc#1012628). - usb: add RESET_RESUME for ELSA MicroLink 56K (bnc#1012628). - USB: Fix off by one in type-specific length check of BOS SSP capability (bnc#1012628). - usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 (bnc#1012628). - timers: Use deferrable base independent of base::nohz_active (bnc#1012628). - timers: Invoke timer_start_debug() where it makes sense (bnc#1012628). - timers: Reinitialize per cpu bases on hotplug (bnc#1012628). - binder: fix proc->files use-after-free (bnc#1012628). - phy: tegra: fix device-tree node lookups (bnc#1012628). - drivers: base: cacheinfo: fix cache type for non-architected system cache (bnc#1012628). - staging: android: ion: Fix dma direction for dma_sync_sg_for_cpu/device (bnc#1012628). - nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() (bnc#1012628). - x86/smpboot: Remove stale TLB flush invocations (bnc#1012628). - x86/mm: Remove preempt_disable/enable() from __native_flush_tlb() (bnc#1012628). - x86-32: Fix kexec with stack canary (CONFIG_CC_STACKPROTECTOR) (bnc#1012628). - x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bnc#1012628). - x86/ldt: Plug memory leak in error path (bnc#1012628). - x86/ldt: Make LDT pgtable free conditional (bnc#1012628). - n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) (bnc#1012628). - tty: fix tty_ldisc_receive_buf() documentation (bnc#1012628). - Update config files. - commit 58fec0f - Update config files. - i386: NR_CPUS 128->64 - 7bbcbd3d1cd (x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount) - commit 69201cf - Linux 4.14.10 (bnc#1012628). - Revert "ipmi_si: fix memory leak on new_smi" (bnc#1012628). - net: mvneta: eliminate wrong call to handle rx descriptor error (bnc#1012628). - net: mvneta: use proper rxq_number in loop on rx queues (bnc#1012628). - net: mvneta: clear interface link status on port disable (bnc#1012628). - libnvdimm, pfn: fix start_pad handling for aligned namespaces (bnc#1012628). - libnvdimm, btt: Fix an incompatibility in the log layout (bnc#1012628). - libnvdimm, dax: fix 1GB-aligned namespaces vs physical misalignment (bnc#1012628). - drm/sun4i: Fix error path handling (bnc#1012628). - drm/i915: Flush pending GTT writes before unbinding (bnc#1012628). - powerpc/perf: Dereference BHRB entries safely (bnc#1012628). - clk: sunxi: sun9i-mmc: Implement reset callback for reset controls (bnc#1012628). - kvm: x86: fix RSM when PCID is non-zero (bnc#1012628). - KVM: X86: Fix load RFLAGS w/o the fixed bit (bnc#1012628). - KVM: MMU: Fix infinite loop when there is no available mmu page (bnc#1012628). - KVM: PPC: Book3S HV: Fix pending_pri value in kvmppc_xive_get_icp() (bnc#1012628). - KVM: PPC: Book3S: fix XIVE migration of pending interrupts (bnc#1012628). - KVM: arm/arm64: Fix HYP unmapping going off limits (bnc#1012628). - arm64: kvm: Prevent restoring stale PMSCR_EL1 for vcpu (bnc#1012628). - pinctrl: cherryview: Mask all interrupts on Intel_Strago based systems (bnc#1012628). - spi: a3700: Fix clk prescaling for coefficient over 15 (bnc#1012628). - spi: xilinx: Detect stall with Unknown commands (bnc#1012628). - Revert "parisc: Re-enable interrupts early" (bnc#1012628). - parisc: Hide Diva-built-in serial aux and graphics card (bnc#1012628). - parisc: Fix indenting in puts() (bnc#1012628). - parisc: Align os_hpmc_size on word boundary (bnc#1012628). - block-throttle: avoid double charge (bnc#1012628). - block: unalign call_single_data in struct request (bnc#1012628). - PCI / PM: Force devices to D0 in pci_pm_thaw_noirq() (bnc#1012628). - ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU (bnc#1012628). - ALSA: usb-audio: Add native DSD support for Esoteric D-05X (bnc#1012628). - ALSA: hda - Add vendor id for Cannonlake HDMI codec (bnc#1012628). - ALSA: hda/realtek - Fix Dell AIO LineOut issue (bnc#1012628). - ALSA: rawmidi: Avoid racy info ioctl via ctl device (bnc#1012628). - mfd: twl6040: Fix child-node lookup (bnc#1012628). - mfd: twl4030-audio: Fix sibling-node lookup (bnc#1012628). - mfd: cros ec: spi: Don't send first message too soon (bnc#1012628). - crypto: af_alg - fix race accessing cipher request (bnc#1012628). - crypto: af_alg - wait for data at beginning of recvmsg (bnc#1012628). - crypto: mcryptd - protect the per-CPU queue with a lock (bnc#1012628). - crypto: skcipher - set walk.iv for zero-length inputs (bnc#1012628). - acpi, nfit: fix health event notification (bnc#1012628). - ACPI: APEI / ERST: Fix missing error handling in erst_reader() (bnc#1012628). - x86/cpu_entry_area: Prevent wraparound in setup_cpu_entry_area_ptes() on 32bit (bnc#1012628). - init: Invoke init_espfix_bsp() from mm_init() (bnc#1012628). - x86/cpu_entry_area: Move it out of the fixmap (bnc#1012628). - x86/cpu_entry_area: Move it to a separate unit (bnc#1012628). - x86/mm: Create asm/invpcid.h (bnc#1012628). - x86/mm: Put MMU to hardware ASID translation in one place (bnc#1012628). - x86/mm: Remove hard-coded ASID limit checks (bnc#1012628). - x86/mm: Move the CR3 construction functions to tlbflush.h (bnc#1012628). - x86/mm: Add comments to clarify which TLB-flush functions are supposed to flush what (bnc#1012628). - x86/mm: Remove superfluous barriers (bnc#1012628). - x86/mm: Use __flush_tlb_one() for kernel memory (bnc#1012628). - x86/microcode: Dont abuse the TLB-flush interface (bnc#1012628). - x86/uv: Use the right TLB-flush API (bnc#1012628). - x86/entry: Rename SYSENTER_stack to CPU_ENTRY_AREA_entry_stack (bnc#1012628). - x86/doc: Remove obvious weirdnesses from the x86 MM layout documentation (bnc#1012628). - x86/mm/64: Improve the memory map documentation (bnc#1012628). - x86/ldt: Prevent LDT inheritance on exec (bnc#1012628). - x86/ldt: Rework locking (bnc#1012628). - arch, mm: Allow arch_dup_mmap() to fail (bnc#1012628). - x86/vsyscall/64: Warn and fail vsyscall emulation in NATIVE mode (bnc#1012628). - x86/vsyscall/64: Explicitly set _PAGE_USER in the pagetable hierarchy (bnc#1012628). - x86/mm/dump_pagetables: Make the address hints correct and readable (bnc#1012628). - x86/mm/dump_pagetables: Check PAGE_PRESENT for real (bnc#1012628). - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bnc#1012628). - x86/insn-eval: Add utility functions to get segment selector (bnc#1012628). - x86/decoder: Fix and update the opcodes map (bnc#1012628). - objtool: Fix 64-bit build on 32-bit host (bnc#1012628). - tools/headers: Sync objtool UAPI header (bnc#1012628). - objtool: Fix cross-build (bnc#1012628). - objtool: Move kernel headers/code sync check to a script (bnc#1012628). - objtool: Move synced files to their original relative locations (bnc#1012628). - Revert "ipv6: grab rt->rt6i_ref before allocating pcpu rt" (bnc#1012628). - commit a9b9f85 ==== ucode-intel ==== - firmware-CVE-2017-5715.tar.gz: updates for: HSX EP 000306F2 BDX E EP EP4S EX 000406F1 SKX H0 00050654 (bsc#1068032 CVE-2017-5715) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org