This bug was fixed in the package linux - 4.13.0-25.29
---------------
linux (4.13.0-25.29) artful; urgency=low
* linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
* CVE-2017-5754
- Revert "UBUNTU: [Config] updateconfigs to enable PTI"
- [Config] Enable PTI with UNWINDER_FRAME_POINTER
linux (4.13.0-24.28) artful; urgency=low
* linux: 4.13.0-24.28 -proposed tracker (LP: #1741745)
* CVE-2017-5754
- x86/cpu, x86/pti: Do not enable PTI on AMD processors
linux (4.13.0-23.27) artful; urgency=low
* linux: 4.13.0-23.27 -proposed tracker (LP: #1741556)
[ Kleber Sacilotto de Souza ]
* CVE-2017-5754
- x86/mm: Add the 'nopcid' boot option to turn off PCID
- x86/mm: Enable CR4.PCIDE on supported systems
- x86/mm: Document how CR4.PCIDE restore works
- x86/entry/64: Refactor IRQ stacks and make them NMI-safe
- x86/entry/64: Initialize the top of the IRQ stack before switching stacks
- x86/entry/64: Add unwind hint annotations
- xen/x86: Remove SME feature in PV guests
- x86/xen/64: Rearrange the SYSCALL entries
- irq: Make the irqentry text section unconditional
- x86/xen/64: Fix the reported SS and CS in SYSCALL
- x86/paravirt/xen: Remove xen_patch()
- x86/traps: Simplify pagefault tracing logic
- x86/idt: Unify gate_struct handling for 32/64-bit kernels
- x86/asm: Replace access to desc_struct:a/b fields
- x86/xen: Get rid of paravirt op adjust_exception_frame
- x86/paravirt: Remove no longer used paravirt functions
- x86/entry: Fix idtentry unwind hint
- x86/mm/64: Initialize CR4.PCIDE early
- objtool: Add ORC unwind table generation
- objtool, x86: Add facility for asm code to provide unwind hints
- x86/unwind: Add the ORC unwinder
- x86/kconfig: Consolidate unwinders into multiple choice selection
- objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER
- x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry
- x86/mm: Give each mm TLB flush generation a unique ID
- x86/mm: Track the TLB's tlb_gen and update the flushing algorithm
- x86/mm: Rework lazy TLB mode and TLB freshness tracking
- x86/mm: Implement PCID based optimization: try to preserve old TLB entries
using PCID
- x86/mm: Factor out CR3-building code
- x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code
- x86/mm: Flush more aggressively in lazy TLB mode
- Revert "x86/mm: Stop calling leave_mm() in idle code"
- kprobes/x86: Set up frame pointer in kprobe trampoline
- x86/tracing: Introduce a static key for exception tracing
- x86/boot: Add early cmdline parsing for options with arguments
- mm, x86/mm: Fix performance regression in get_user_pages_fast()
- x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates
- objtool: Don't report end of section error after an empty unwind hint
- x86/head: Remove confusing comment
- x86/head: Remove unused 'bad_address' code
- x86/head: Fix head ELF function annotations
- x86/boot: Annotate verify_cpu() as a callable function
- x86/xen: Fix xen head ELF annotations
- x86/xen: Add unwind hint annotations
- x86/head: Add unwind hint annotations
- ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq()
- x86/unwinder: Make CONFIG_UNWINDER_ORC=y the default in the 64-bit
defconfig
- x86/fpu/debug: Remove unused 'x86_fpu_state' and
'x86_fpu_deactivate_state'
tracepoints
- x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'
- x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit
- bitops: Add clear/set_bit32() to linux/bitops.h
- x86/cpuid: Add generic table for CPUID dependencies
- x86/fpu: Parse clearcpuid= as early XSAVE argument
- x86/fpu: Make XSAVE check the base CPUID features before enabling
- x86/fpu: Remove the explicit clearing of XSAVE dependent features
- x86/platform/UV: Convert timers to use timer_setup()
- objtool: Print top level commands on incorrect usage
- x86/cpuid: Prevent out of bound access in do_clear_cpu_cap()
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
- mm/sparsemem: Allocate mem_section at runtime for
CONFIG_SPARSEMEM_EXTREME=y
- x86/kasan: Use the same shadow offset for 4- and 5-level paging
- x86/xen: Provide pre-built page tables only for CONFIG_XEN_PV=y and
CONFIG_XEN_PVH=y
- x86/xen: Drop 5-level paging support code from the XEN_PV code
- ACPI / APEI: remove the unused dead-code for SEA/NMI notification type
- x86/asm: Don't use the confusing '.ifeq' directive
- x86/build: Beautify build log of syscall headers
- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to
'nr_pages'
- x86/cpufeatures: Enable new SSE/AVX/AVX512 CPU features
- x86/mm: Relocate page fault error codes to traps.h
- x86/boot: Relocate definition of the initial state of CR0
- ptrace,x86: Make user_64bit_mode() available to 32-bit builds
- x86/entry/64: Remove the restore_c_regs_and_iret label
- x86/entry/64: Split the IRET-to-user and IRET-to-kernel paths
- x86/entry/64: Move SWAPGS into the common IRET-to-usermode path
- x86/entry/64: Simplify reg restore code in the standard IRET paths
- x86/entry/64: Shrink paranoid_exit_restore and make labels local
- x86/entry/64: Use pop instead of movq in syscall_return_via_sysret
- x86/entry/64: Merge the fast and slow SYSRET paths
- x86/entry/64: Use POP instead of MOV to restore regs on NMI return
- x86/entry/64: Remove the RESTORE_..._REGS infrastructure
- xen, x86/entry/64: Add xen NMI trap entry
- x86/entry/64: De-Xen-ify our NMI code
- x86/entry/32: Pull the MSR_IA32_SYSENTER_CS update code out of
native_load_sp0()
- x86/entry/64: Pass SP0 directly to load_sp0()
- x86/entry: Add task_top_of_stack() to find the top of a task's stack
- x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context()
- x86/entry/64: Stop initializing TSS.sp0 at boot
- x86/entry/64: Remove all remaining direct thread_struct::sp0 reads
- x86/entry/32: Fix cpu_current_top_of_stack initialization at boot
- x86/entry/64: Remove thread_struct::sp0
- x86/traps: Use a new on_thread_stack() helper to clean up an assertion
- x86/entry/64: Shorten TEST instructions
- x86/cpuid: Replace set/clear_bit32()
- bitops: Revert cbe96375025e ("bitops: Add clear/set_bit32() to
linux/bitops.h")
- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE
- x86/cpufeatures: Re-tabulate the X86_FEATURE definitions
- x86/cpufeatures: Fix various details in the feature definitions
- selftests/x86/protection_keys: Fix syscall NR redefinition warnings
- selftests/x86/ldt_gdt: Robustify against set_thread_area() and LAR
oddities
- selftests/x86/ldt_gdt: Add infrastructure to test set_thread_area()
- selftests/x86/ldt_gdt: Run most existing LDT test cases against the GDT as
well
- selftests/x86/ldt_get: Add a few additional tests for limits
- ACPI / APEI: Replace ioremap_page_range() with fixmap
- x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct
x86_platform'
and 'struct x86_init'
- x86/virt: Add enum for hypervisors to replace x86_hyper
- drivers/misc/intel/pti: Rename the header file to free up the namespace
- x86/cpufeature: Add User-Mode Instruction Prevention definitions
- x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD
- perf/x86: Enable free running PEBS for REGS_USER/INTR
- bpf: fix build issues on um due to mising bpf_perf_event.h
- locking/barriers: Add implicit smp_read_barrier_depends() to READ_ONCE()
- locking/barriers: Convert users of lockless_dereference() to READ_ONCE()
- x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow
- mm/sparsemem: Fix ARM64 boot crash when CONFIG_SPARSEMEM_EXTREME=y
- objtool: Move synced files to their original relative locations
- objtool: Move kernel headers/code sync check to a script
- objtool: Fix cross-build
- tools/headers: Sync objtool UAPI header
- objtool: Fix 64-bit build on 32-bit host
- x86/decoder: Fix and update the opcodes map
- x86/decoder: Add new TEST instruction pattern
- x86/insn-eval: Add utility functions to get segment selector
- x86/entry/64/paravirt: Use paravirt-safe macro to access eflags
- x86/unwinder/orc: Dont bail on stack overflow
- x86/unwinder: Handle stack overflows more gracefully
- x86/irq: Remove an old outdated comment about context tracking races
- x86/irq/64: Print the offending IP in the stack overflow warning
- x86/entry/64: Allocate and enable the SYSENTER stack
- x86/dumpstack: Add get_stack_info() support for the SYSENTER stack
- x86/entry/gdt: Put per-CPU GDT remaps in ascending order
- x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct
cpu_entry_area
- x86/kasan/64: Teach KASAN about the cpu_entry_area
- x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
- x86/dumpstack: Handle stack overflow on all stacks
- x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct
- x86/entry: Remap the TSS into the CPU entry area
- x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0
- x86/espfix/64: Stop assuming that pt_regs is on the entry stack
- x86/entry/64: Use a per-CPU trampoline stack for IDT entries
- x86/entry/64: Return to userspace from the trampoline stack
- x86/entry/64: Create a per-CPU SYSCALL entry trampoline
- x86/entry/64: Move the IST stacks into struct cpu_entry_area
- x86/entry/64: Remove the SYSENTER stack canary
- x86/entry: Clean up the SYSENTER_stack code
- x86/entry/64: Make cpu_entry_area.tss read-only
- x86/paravirt: Dont patch flush_tlb_single
- x86/paravirt: Provide a way to check for hypervisors
- x86/cpufeatures: Make CPU bugs sticky
- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount
- x86/mm/dump_pagetables: Check PAGE_PRESENT for real
- x86/mm/dump_pagetables: Make the address hints correct and readable
- x86/vsyscall/64: Explicitly set _PAGE_USER in the pagetable hierarchy
- x86/vsyscall/64: Warn and fail vsyscall emulation in NATIVE mode
- arch, mm: Allow arch_dup_mmap() to fail
- x86/ldt: Rework locking
- x86/ldt: Prevent LDT inheritance on exec
- x86/mm/64: Improve the memory map documentation
- x86/doc: Remove obvious weirdnesses from the x86 MM layout documentation
- x86/entry: Rename SYSENTER_stack to CPU_ENTRY_AREA_entry_stack
- x86/uv: Use the right TLB-flush API
- x86/microcode: Dont abuse the TLB-flush interface
- x86/mm: Use __flush_tlb_one() for kernel memory
- x86/mm: Remove superfluous barriers
- x86/mm: Add comments to clarify which TLB-flush functions are supposed to
flush what
- x86/mm: Move the CR3 construction functions to tlbflush.h
- x86/mm: Remove hard-coded ASID limit checks
- x86/mm: Put MMU to hardware ASID translation in one place
- x86/mm: Create asm/invpcid.h
- x86/cpu_entry_area: Move it to a separate unit
- x86/cpu_entry_area: Move it out of the fixmap
- init: Invoke init_espfix_bsp() from mm_init()
- x86/cpu_entry_area: Prevent wraparound in setup_cpu_entry_area_ptes() on
32bit
- x86/cpufeatures: Add X86_BUG_CPU_INSECURE
- x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y
- x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3
switching
- x86/mm/pti: Add infrastructure for page table isolation
- x86/pti: Add the pti= cmdline option and documentation
- x86/mm/pti: Add mapping helper functions
- x86/mm/pti: Allow NX poison to be set in p4d/pgd
- x86/mm/pti: Allocate a separate user PGD
- x86/mm/pti: Populate user PGD
- x86/mm/pti: Add functions to clone kernel PMDs
- x86/mm/pti: Force entry through trampoline when PTI active
- x86/mm/pti: Share cpu_entry_area with user space page tables
- x86/entry: Align entry text section to PMD boundary
- x86/mm/pti: Share entry text PMD
- x86/mm/pti: Map ESPFIX into user space
- x86/cpu_entry_area: Add debugstore entries to cpu_entry_area
- x86/events/intel/ds: Map debug buffers in cpu_entry_area
- x86/mm/64: Make a full PGD-entry size hole in the memory map
- x86/pti: Put the LDT in its own PGD if PTI is on
- x86/pti: Map the vsyscall page if needed
- x86/mm: Allow flushing for future ASID switches
- x86/mm: Abstract switching CR3
- x86/mm: Use/Fix PCID to optimize user/kernel switches
- x86/mm: Optimize RESTORE_CR3
- x86/mm: Use INVPCID for __native_flush_tlb_single()
- x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming
- x86/dumpstack: Indicate in Oops whether PTI is configured and enabled
- x86/mm/pti: Add Kconfig
- x86/mm/dump_pagetables: Add page table directory to the debugfs VFS
hierarchy
- x86/mm/dump_pagetables: Check user space page table for WX pages
- x86/mm/dump_pagetables: Allow dumping current pagetables
- x86/ldt: Make the LDT mapping RO
- x86/smpboot: Remove stale TLB flush invocations
- x86/mm: Remove preempt_disable/enable() from __native_flush_tlb()
- x86/ldt: Plug memory leak in error path
- x86/ldt: Make LDT pgtable free conditional
- [Config] updateconfigs to enable PTI
- kvm: x86: fix RSM when PCID is non-zero
- x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat()
- SAUCE: only attempt to use PCID in 64 bit builds
- SAUCE: BODGE: temporarily disable some kprobe trace points which are
cratering
- s390/mm: use generic mm_hooks
- objtool: use sh to invoke sync-check.sh in the Makefile
* CVE-2017-17862
- bpf: fix branch pruning logic
* CVE-2017-17864
- SAUCE: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN
* CVE-2017-16995
- bpf: fix incorrect sign extension in check_alu_op()
* CVE-2017-17863
- SAUCE: bpf: reject out-of-bounds stack pointer calculation
-- Marcelo Henrique Cerri <marcelo.ce...@canonical.com> Mon, 08 Jan
2018 17:13:57 -0200
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16995
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17862
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17863
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17864
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1730660
Title:
Set PANIC_TIMEOUT=10 on Power Systems
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Zesty:
Fix Released
Status in linux source package in Artful:
Fix Released
Bug description:
[Impact]
When stopping CPUs fail when doing kdump, the system will hang
indefinitively, instead of rebooting. With this option set, it will reboot
after 10 seconds when that happens.
This setting has been the default for trusty, where panic_timeout is
10. Later releases set it to 0.
[Test Case]
When booting a kernel, /proc/sys/kernel/panic should be 10. It's 0 for
xenial, zesty and artful. After the fix, it's 10.
[Regression Potential]
For users that rely on the setting as 0, they will see their system reboot 10
seconds after a panic. They can set it back to 0 or other value. Though, on
some rare cases, the system might not boot enough for this setting to be set.
Balancing that with the case where kdump is used and the system is expected to
boot, we expect the 10 seconds setting is okay.
===
For ppc64le, in some rare crash cases, kdump won't load unless timeout
is greater than 0. Only 10 has been tested by IBM, so using a smaller
value may not work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1730660/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
