Linux 4.18.1-rc1
It contains the L1TF fixes, so push the rc1 for now.
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
(bnc#1012628).
- x86/speculation: Protect against userspace-userspace spectreRSB
(bnc#1012628).
- kprobes/x86: Fix %p uses in error messages (bnc#1012628).
- x86/irqflags: Provide a declaration for native_save_fl
(bnc#1012628).
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
(bnc#1012628).
- x86/speculation/l1tf: Change order of offset/type in swap entry
(bnc#1012628).
- x86/speculation/l1tf: Protect swap entries against L1TF
(bnc#1012628).
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
(bnc#1012628).
- x86/speculation/l1tf: Make sure the first page is always
reserved (bnc#1012628).
- x86/speculation/l1tf: Add sysfs reporting for l1tf
(bnc#1012628).
- x86/speculation/l1tf: Disallow non privileged high MMIO
PROT_NONE mappings (bnc#1012628).
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2
(bnc#1012628).
- x86/bugs: Move the l1tf function and define pr_fmt properly
(bnc#1012628).
- sched/smt: Update sched_smt_present at runtime (bnc#1012628).
- x86/smp: Provide topology_is_primary_thread() (bnc#1012628).
- x86/topology: Provide topology_smt_supported() (bnc#1012628).
- cpu/hotplug: Make bringup/teardown of smp threads symmetric
(bnc#1012628).
- cpu/hotplug: Split do_cpu_down() (bnc#1012628).
- cpu/hotplug: Provide knobs to control SMT (bnc#1012628).
- x86/cpu: Remove the pointless CPU printout (bnc#1012628).
- x86/cpu/AMD: Remove the pointless detect_ht() call
(bnc#1012628).
- x86/cpu/common: Provide detect_ht_early() (bnc#1012628).
- x86/cpu/topology: Provide detect_extended_topology_early()
(bnc#1012628).
- x86/cpu/intel: Evaluate smp_num_siblings early (bnc#1012628).
- x86/CPU/AMD: Do not check CPUID max ext level before parsing
SMP info (bnc#1012628).
- x86/cpu/AMD: Evaluate smp_num_siblings early (bnc#1012628).
- x86/apic: Ignore secondary threads if nosmt=force (bnc#1012628).
- x86/speculation/l1tf: Extend 64bit swap file size limit
(bnc#1012628).
- x86/cpufeatures: Add detection of L1D cache flush support
(bnc#1012628).
- x86/CPU/AMD: Move TOPOEXT reenablement before reading
smp_num_siblings (bnc#1012628).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF
(bnc#1012628).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
(bnc#1012628).
- Revert "x86/apic: Ignore secondary threads if nosmt=force"
(bnc#1012628).
- cpu/hotplug: Boot HT siblings at least once (bnc#1012628).
- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being
present (bnc#1012628).
- x86/KVM/VMX: Add module argument for L1TF mitigation
(bnc#1012628).
- x86/KVM/VMX: Add L1D flush algorithm (bnc#1012628).
- x86/KVM/VMX: Add L1D MSR based flush (bnc#1012628).
- x86/KVM/VMX: Add L1D flush logic (bnc#1012628).
- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an
host/guest numbers (bnc#1012628).
- x86/KVM/VMX: Add find_msr() helper function (bnc#1012628).
- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number
accounting (bnc#1012628).
- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER
only MSRs (bnc#1012628).
- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
(bnc#1012628).
- cpu/hotplug: Online siblings when SMT control is turned on
(bnc#1012628).
- x86/litf: Introduce vmx status variable (bnc#1012628).
- x86/kvm: Drop L1TF MSR list approach (bnc#1012628).
- x86/l1tf: Handle EPT disabled state proper (bnc#1012628).
- x86/kvm: Move l1tf setup function (bnc#1012628).
- x86/kvm: Add static key for flush always (bnc#1012628).
- x86/kvm: Serialize L1D flush parameter setter (bnc#1012628).
- x86/kvm: Allow runtime control of L1D flush (bnc#1012628).
- cpu/hotplug: Expose SMT control init function (bnc#1012628).
- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (bnc#1012628).
- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
(bnc#1012628).
- Documentation: Add section about CPU vulnerabilities
(bnc#1012628).
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED
architectures (bnc#1012628).
- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
(bnc#1012628).
- Documentation/l1tf: Fix typos (bnc#1012628).
- cpu/hotplug: detect SMT disabled by BIOS (bnc#1012628).
- x86/KVM/VMX: Don't set l1tf_flush_l1d to true from
vmx_l1d_flush() (bnc#1012628).
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with
'vmx_l1d_flush_cond' (bnc#1012628).
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
(bnc#1012628).
- x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
(bnc#1012628).
- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
(bnc#1012628).
- x86: Don't include linux/irq.h from asm/hardirq.h (bnc#1012628).
- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
(bnc#1012628).
- x86/KVM/VMX: Don't set l1tf_flush_l1d from
vmx_handle_external_intr() (bnc#1012628).
- Documentation/l1tf: Remove Yonah processors from not vulnerable
list (bnc#1012628).
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
(bnc#1012628).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on
vmentry (bnc#1012628).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on
vmentry (bnc#1012628).
- cpu/hotplug: Fix SMT supported evaluation (bnc#1012628).
- x86/speculation/l1tf: Invert all not present mappings
(bnc#1012628).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
(bnc#1012628).
- x86/mm/pat: Make set_memory_np() L1TF safe (bnc#1012628).
- x86/mm/kmmio: Make the tracer robust against L1TF (bnc#1012628).
- tools headers: Synchronise x86 cpufeatures.h for L1TF additions
(bnc#1012628).
- x86/microcode: Allow late microcode loading with SMT disabled
(bnc#1012628).
- Refresh
patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch.
- Update config files.