[Kernel-packages] [Bug 1772575] [NEW] Kernel 4.4 NBD size overflow with image size exceeding 1TB

2018-05-21 Thread Nathan O'Sullivan 
Public bug reported:

Release 16.04, kernel 4.4.0-124-generic

There's an issue in kernel's NBD module which prevents some larger images to be
correctly "connected" , largely described here:
https://github.com/NetworkBlockDevice/nbd/issues/44

There is a small patch here that was accepted into mainline 4.10:
https://www.spinics.net/lists/linux-block/msg07060.html

This is a regression from the previous LTS 3.13 kernel.



Here is a small example of the faulty behaviour:

# qemu-img create -f qcow2 test.img 1100G
Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 
lazy_refcounts=off refcount_bits=16
# qemu-nbd -c /dev/nbd0 test.img
# blockdev --getsize64 /dev/nbd0
18446743055802302464

The correct response would be 1181116006400; this breaks most tools and
makes the image unusable, e.g.

# fdisk -l /dev/nbd0
fdisk: cannot open /dev/nbd0: Invalid argument

** Affects: linux (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772575

Title:
  Kernel 4.4 NBD size overflow with image size exceeding 1TB

Status in linux package in Ubuntu:
  New

Bug description:
  Release 16.04, kernel 4.4.0-124-generic

  There's an issue in kernel's NBD module which prevents some larger images to 
be
  correctly "connected" , largely described here:
  https://github.com/NetworkBlockDevice/nbd/issues/44

  There is a small patch here that was accepted into mainline 4.10:
  https://www.spinics.net/lists/linux-block/msg07060.html

  This is a regression from the previous LTS 3.13 kernel.

  

  Here is a small example of the faulty behaviour:

  # qemu-img create -f qcow2 test.img 1100G
  Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 
lazy_refcounts=off refcount_bits=16
  # qemu-nbd -c /dev/nbd0 test.img
  # blockdev --getsize64 /dev/nbd0
  18446743055802302464

  The correct response would be 1181116006400; this breaks most tools
  and makes the image unusable, e.g.

  # fdisk -l /dev/nbd0
  fdisk: cannot open /dev/nbd0: Invalid argument

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1728244] Re: Touchpad stops working after reboot on Apollo Lake

2018-05-21 Thread Olivier Fock 
I finally managed to have a working 4.16.10 kernel (touchpad, gesture,
buttons, sdcard, sound, etc...).

I reverted this patch 0759e80b84e34a84e7e46e2b1adb528c83d84a47 (applied
cleanly) and applied manually 0cc2b4e5a020fc7f4d1795741c116c983e9467d7.
I'll attach a full diff later.

So that's the proof that's the "PM / QoS: Fix device resume latency PM
QoS" patch doesn't work on Thomson X6
(https://www.mythomson.com/fr_fr/ordinateurs-155-fr-fr/ultrabook-158-fr-
fr/ultrabook-13-3-32-go-2452).

@Hans, I'll contact you by email.

Regards,
Olivier

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1728244

Title:
  Touchpad stops working after reboot on Apollo Lake

Status in Linux:
  Unknown
Status in linux package in Ubuntu:
  Triaged

Bug description:
  On the Jumper EZBook 3 Pro (V4) laptop, using an Apollo Lake N3450
  processor, if you install Ubuntu 17.10 (or less) with isorespin and
  use rEFInd as bootloader (this is the only way to get linux booting on
  this laptop) everything works out of the box, but after a reboot or
  two the touchpad stops working. Both in Ubuntu and Windows 10. The
  only way to restore functionality is to boot from usb key ubuntu 17.10
  respined, or disassemble laptop and detach-reattach battery cable.
  This is mesg | grep i2c_hid:

  
  [ 2056.460636] i2c_hid i2c-SYNA3602:00: i2c_hid_get_input: incomplete report 
(27/34)
  [ 3077.604699] i2c_hid i2c-SYNA3602:00: failed to reset device.
  [ 3077.605473] dpm_run_callback(): i2c_hid_resume+0x0/0xe0 [i2c_hid] returns 
-61
  [ 3080.468156] i2c_hid i2c-SYNA3602:00: i2c_hid_get_input: incomplete report 
(27/34)

  
  uname -rvps
  Linux 4.10.0-32-generic #36~16.04.1-Ubuntu SMP Wed Aug 9 09:19:02 UTC 2017 
x86_64

  There has to be a bug in the kernel. Any way to avoid this?

To manage notifications about this bug go to:
https://bugs.launchpad.net/linux/+bug/1728244/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772573] Re: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned

2018-05-21 Thread Apport retracing service 
** Tags removed: need-duplicate-check

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1772573

Title:
  package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to
  install/upgrade: installed linux-image-4.15.0-20-generic package pre-
  removal script subprocess returned error exit status 1

Status in linux-signed package in Ubuntu:
  New

Bug description:
  Upgrade to newer kernel failed via command line, I used Synaptic and
  there were 2 broken packages  according to it. I removed/unmarked all
  but the current kernel "linux-image" files and that seems to have
  resolved the broken packages. I'm submitting this BEFORE I reboot just
  in case

  ProblemType: Package
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-20-generic 4.15.0-20.21
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  Uname: Linux 4.15.0-20-generic x86_64
  NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep 
uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core 
videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth 
rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl 
x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi 
snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec 
intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop 
sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 
wmi
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  Date: Tue May 22 06:18:12 2018
  DpkgTerminalLog:
   Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ...
   Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
   E: Aborting removal of the running kernel
   dpkg: error processing package linux-image-4.15.0-20-generic (--remove):
installed linux-image-4.15.0-20-generic package pre-removal script 
subprocess returned error exit status 1
  DuplicateSignature:
   package:linux-image-4.15.0-20-generic:4.15.0-20.21
   Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
   E: Aborting removal of the running kernel
   dpkg: error processing package linux-image-4.15.0-20-generic (--remove):
installed linux-image-4.15.0-20-generic package pre-removal script 
subprocess returned error exit status 1
  ErrorMessage: installed linux-image-4.15.0-20-generic package pre-removal 
script subprocess returned error exit status 1
  InstallationDate: Installed on 2015-03-07 (1171 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
  Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3
  PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 
2.7.15~rc1-1
  RelatedPackageVersions:
   dpkg 1.19.0.5ubuntu2
   apt  1.6.1
  SourcePackage: linux-signed
  Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to 
install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal 
script subprocess returned error exit status 1
  UpgradeStatus: Upgraded to bionic on 2018-05-08 (13 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed/+bug/1772573/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772573] [NEW] package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess return

2018-05-21 Thread Terry Love 
Public bug reported:

Upgrade to newer kernel failed via command line, I used Synaptic and
there were 2 broken packages  according to it. I removed/unmarked all
but the current kernel "linux-image" files and that seems to have
resolved the broken packages. I'm submitting this BEFORE I reboot just
in case

ProblemType: Package
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-20-generic 4.15.0-20.21
ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
Uname: Linux 4.15.0-20-generic x86_64
NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep 
uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core 
videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth 
rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl 
x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi 
snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec 
intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop 
sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 
wmi
ApportVersion: 2.20.9-0ubuntu7
Architecture: amd64
Date: Tue May 22 06:18:12 2018
DpkgTerminalLog:
 Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ...
 Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
 E: Aborting removal of the running kernel
 dpkg: error processing package linux-image-4.15.0-20-generic (--remove):
  installed linux-image-4.15.0-20-generic package pre-removal script subprocess 
returned error exit status 1
DuplicateSignature:
 package:linux-image-4.15.0-20-generic:4.15.0-20.21
 Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
 E: Aborting removal of the running kernel
 dpkg: error processing package linux-image-4.15.0-20-generic (--remove):
  installed linux-image-4.15.0-20-generic package pre-removal script subprocess 
returned error exit status 1
ErrorMessage: installed linux-image-4.15.0-20-generic package pre-removal 
script subprocess returned error exit status 1
InstallationDate: Installed on 2015-03-07 (1171 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3
PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 
2.7.15~rc1-1
RelatedPackageVersions:
 dpkg 1.19.0.5ubuntu2
 apt  1.6.1
SourcePackage: linux-signed
Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to 
install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal 
script subprocess returned error exit status 1
UpgradeStatus: Upgraded to bionic on 2018-05-08 (13 days ago)

** Affects: linux-signed (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-package bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1772573

Title:
  package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to
  install/upgrade: installed linux-image-4.15.0-20-generic package pre-
  removal script subprocess returned error exit status 1

Status in linux-signed package in Ubuntu:
  New

Bug description:
  Upgrade to newer kernel failed via command line, I used Synaptic and
  there were 2 broken packages  according to it. I removed/unmarked all
  but the current kernel "linux-image" files and that seems to have
  resolved the broken packages. I'm submitting this BEFORE I reboot just
  in case

  ProblemType: Package
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-20-generic 4.15.0-20.21
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  Uname: Linux 4.15.0-20-generic x86_64
  NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep 
uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core 
videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth 
rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl 
x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi 
snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec 
intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop 
sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 
wmi
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  Date: Tue May 22 06:18:12 2018
  DpkgTerminalLog:
   Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ...
   Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
   E: Aborting removal of the running kernel
   dpkg: error processing package linux-image-4.15.0-20-generic (--remove):
installed linux-image-4.15.0-20-generic package pre-removal script 
subprocess returned error exit status 1
  DuplicateSignature:
   package:linux-image-4.15.0-20-generic:4.15.0-20.21
   Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ...
   E: Aborting removal of the running

[Kernel-packages] [Bug 1636382] Re: [Ubuntu 16.10] Host BT couldn't send file to device on platform with Intel BT card like 8260/3168/8265

2018-05-21 Thread Launchpad Bug Tracker 
[Expired for bluez (Ubuntu) because there has been no activity for 60
days.]

** Changed in: bluez (Ubuntu)
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/1636382

Title:
  [Ubuntu 16.10] Host BT couldn't send file to device on platform with
  Intel BT  card like 8260/3168/8265

Status in bluez package in Ubuntu:
  Expired

Bug description:
  Platform information:
  BT Card: intel 3168/8265/8260
  OS: Ubuntu 16.10 release
  Kernel: 4.8.0-27-generic

  Details:
  1. Open Bluetooth Setting UI: set Bluetooth and Visble ON
  2. Open Bluetooth on Phone and Pair with Host
  3. On Bluetooth Setting UI, send a file from the host to the paired Phone and 
there is no response on the two devices.
  4. Ubuntu 16.04 doesn't have such issue

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1636382/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1771844] Comment bridged from LTC Bugzilla

2018-05-21 Thread bugproxy 
--- Comment From kamale...@in.ibm.com 2018-05-22 00:13 EDT---
(In reply to comment #5)
> I built a test kernel with commit df78d3f6148092d33a9a24c7a9cfac3d0220b484.
> The test kernel can be downloaded from:
> http://kernel.ubuntu.com/~jsalisbury/lp1771844
>
> Can you test this kernel and see if it resolves this bug?
>
> Note about installing test kernels:
> ? If the test kernel is prior to 4.15(Bionic) you need to install the
> linux-image and linux-image-extra .deb packages.
> ? If the test kernel is 4.15(Bionic) or newer, you need to install the
> linux-image-unsigned, linux-modules and linux-modules-extra .deb packages.
>
> Thanks in advance!

Thanks for building the kernel with the patch. Can you share the kernel 
sources, so that can I build the livepatch modules based on the sources. 
Standard .config, does not build the samples/livepatch to do the basic testing.
cat /boot/config-4.15.0-20-generic |grep -i livepatch
CONFIG_HAVE_LIVEPATCH=y
CONFIG_LIVEPATCH=y

I would also try to build livepatch modules other than the sample
modules in the kernel sources to verify save_stack_trace functionality.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1771844

Title:
  powerpc/livepatch: Implement reliable stack tracing for the
  consistency model

Status in The Ubuntu-power-systems project:
  Triaged
Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Bionic:
  In Progress
Status in linux source package in Cosmic:
  In Progress

Bug description:
  == Comment: #0 - Kamalesh Babulal - 2018-05-15 09:37:52 ==
  Livepatch has a consistency model which is a hybrid of kGraft and kpatch:  it 
uses kGraft's per-task consistency and syscall barrier switching combined with 
kpatch's stack trace switching. The current approach is stack checking of 
sleeping tasks.  If no affected functions are on the stack of a given task, the 
task is patched.  In most cases this will patch most or all of the tasks on the 
first try.  Otherwise, it'll keep trying periodically.  This patch implements 
the reliable stack tracing for consistency model a.k.a 
HAVE_RELIABLE_STACKTRACE. 

  This will help in switching livepatching implementation to basic per-
  task consistency model. It is the foundation, which will help us
  enable security patches changing function or data semantics. This is
  the biggest remaining piece needed on ppc64le to make livepatch more
  generally useful.

  
https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=df78d3f6148092d33a9a24c7a9cfac

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1771844/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1751213] Re: kernel security test report that the lttng_probe_writeback module is tainted on Bionic s390x

2018-05-21 Thread Po-Hsu Lin 
Hi Colin,
did you successfully have this issue reproduced on your side?

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1751213

Title:
  kernel security test report that the lttng_probe_writeback module is
  tainted on Bionic s390x

Status in lttng-modules:
  New
Status in linux package in Ubuntu:
  In Progress

Bug description:
  This issue was only spotted on Bionic s390x instances.

    FAIL: test_140_kernel_modules_not_tainted (__main__.KernelSecurityTest)
    kernel modules are not marked with a taint flag (especially 'E' for 
TAINT_UNSIGNED_MODULE)
    --
    Traceback (most recent call last):
  File "./test-kernel-security.py", line 1727, in 
test_140_kernel_modules_not_tainted
    self.fail('Module \'%s\' is tainted: %s' % (fields[0], last_field))
    AssertionError: Module 'lttng_probe_writeback' is tainted: (OE)

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-10-generic 4.15.0-10.11
  ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
  Uname: Linux 4.15.0-10-generic s390x
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 
2: ls: cannot access '/dev/snd/': No such file or directory
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay': 'aplay'
  ApportVersion: 2.20.8-0ubuntu10
  Architecture: s390x
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord': 
'arecord'
  CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 
not found.
  CurrentDmesg:

  Date: Fri Feb 23 07:43:00 2018
  HibernationDevice: RESUME=UUID=caaee9b2-6bc1-4c8e-b26c-69038c092091
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig': 'iwconfig'
  Lspci:

  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  PciMultimedia:

  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=C
   SHELL=/bin/bash
  ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb'
  ProcKernelCmdLine: root=UUID=c7d7bbcb-a039-4ead-abfe-7672dea0add4 
crashkernel=196M
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-10-generic N/A
   linux-backports-modules-4.15.0-10-generic  N/A
   linux-firmware 1.171
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill': 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/lttng-modules/+bug/1751213/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1762385] Re: dell_wmi: Unknown key codes

2018-05-21 Thread Yuan-Chen Cheng 
** Changed in: oem-priority
   Status: New => Confirmed

** Changed in: oem-priority
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1762385

Title:
  dell_wmi: Unknown key codes

Status in OEM Priority Project:
  Confirmed
Status in linux package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Fix Committed
Status in systemd source package in Xenial:
  New
Status in systemd source package in Bionic:
  New
Status in systemd source package in Cosmic:
  Fix Committed

Bug description:
  [Impact]

   * Bogus keycode messages produced by the kernel / user annoyance
   * rfkill keyboard shortcuts not working as intended on some Dell machines

  [Test Case]

   * check that there are no spurious kernel messages about unknown keys
  in journalctl upon RFKill key presses

   * check that RFKill key presses work correctly and kill/restore RF
  capabilities

  [Regression Potential]

   * The change is scoped to particular SKUs and thus should only affect them
   * It is related to matching gsd support, which is in-place on xenial and up

  [Solution]
  Cherrypick upstream commit 
https://github.com/systemd/systemd/commit/cab01e9ecf1c69656785e64f5fc94cd4ed09e57f

  [Original Bug report]

  RFKill key produces these messages in kernel log:

  dell_wmi: Unknown key with type 0x0010 and code 0xe008 pressed

  This key code is a notification and should be added as KEY_IGNORE
  here:
  https://github.com/torvalds/linux/blob/master/drivers/platform/x86
  /dell-wmi.c#L263

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-15-generic 4.15.0-15.16
  ProcVersionSignature: Ubuntu 4.15.0-15.16-generic 4.15.15
  Uname: Linux 4.15.0-15-generic x86_64
  ApportVersion: 2.20.9-0ubuntu4
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  dmig   2737 F pulseaudio
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Apr  9 18:09:03 2018
  InstallationDate: Installed on 2018-03-27 (12 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180327)
  MachineType: Dell Inc. Inspiron 5379
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/@/boot/vmlinuz-4.15.0-15-generic 
root=UUID=9745e22b-0b19-4a7d-98a0-1a4bc5b19d99 ro rootflags=subvol=@ quiet 
splash vt.handoff=1
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-15-generic N/A
   linux-backports-modules-4.15.0-15-generic  N/A
   linux-firmware 1.173
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 01/31/2018
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: 1.6.0
  dmi.board.name: 0C6J64
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 10
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: 
dmi:bvnDellInc.:bvr1.6.0:bd01/31/2018:svnDellInc.:pnInspiron5379:pvr:rvnDellInc.:rn0C6J64:rvrA00:cvnDellInc.:ct10:cvr:
  dmi.product.family: Inspiron
  dmi.product.name: Inspiron 5379
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1762385/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772508] Re: [18.04] [regression testing] ubuntu_qrt_kernel_security tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1751213 ***
https://bugs.launchpad.net/bugs/1751213

** This bug has been marked a duplicate of bug 1751213
   kernel security test report that the lttng_probe_writeback module is tainted 
on Bionic s390x

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772508

Title:
  [18.04] [regression testing] ubuntu_qrt_kernel_security tests failing
  on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  see logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772508/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772515] Re: [18.04] [regression testing] ubuntu_unionmount_overlayfs_suite tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1751243 ***
https://bugs.launchpad.net/bugs/1751243

** This bug has been marked a duplicate of bug 1751243
   ubuntu_unionmount_overlayfs_suite failed with Bionic kernel

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772515

Title:
  [18.04] [regression testing] ubuntu_unionmount_overlayfs_suite tests
  failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  see logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772515/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772499] Re: [18.04] [regression testing] scrashme tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1689240 ***
https://bugs.launchpad.net/bugs/1689240

** This bug has been marked a duplicate of bug 1689240
   scrashme failed to build on s390x

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772499

Title:
  [18.04] [regression testing] scrashme tests failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  need to review the logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772499/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772501] Re: [18.04] [regression testing] ubuntu_bpf tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1711299 ***
https://bugs.launchpad.net/bugs/1711299

** This bug has been marked a duplicate of bug 1711299
   ubuntu_bpf test failed to build on s390x system

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772501

Title:
  [18.04] [regression testing] ubuntu_bpf tests failing on s390x

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  see logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772501/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1689240] Re: scrashme failed to build on s390x

2018-05-21 Thread Po-Hsu Lin 
** Summary changed:

- scrashme failed to build on LPAR Ubuntu
+ scrashme failed to build on s390x

** Tags added: artful boinic xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1689240

Title:
  scrashme failed to build on s390x

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  This test case failed to build on LPAR Ubuntu (s2lp4)
  Maybe we should disable it from the test suite.

  cc -Wall -W -Wshadow -g -O2 -o scrashme.o -c scrashme.c
  Makefile:13: recipe for target 'scrashme.o' failed
  stderr:
  scrashme.c: In function 'mkcall':
  scrashme.c:150:13: error: 'NR_SYSCALLS' undeclared (first use in this 
function)
  if (call > NR_SYSCALLS)
  ^~~
  scrashme.c:150:13: note: each undeclared identifier is reported only once for 
each function it appears in
  scrashme.c: In function 'do_syscall':
  scrashme.c:258:27: error: 'NR_SYSCALLS' undeclared (first use in this 
function)
  cl = rand() / (RAND_MAX/NR_SYSCALLS);
  ^~~
  scrashme.c: In function 'syscall_list':
  scrashme.c:293:15: error: 'NR_SYSCALLS' undeclared (first use in this 
function)
  for (i=0; i<=NR_SYSCALLS; i++) {
  ^~~
  scrashme.c: In function 'parse_args':
  scrashme.c:337:18: error: 'NR_SYSCALLS' undeclared (first use in this 
function)
  for (i=0; i<=NR_SYSCALLS; i++) {
  ^~~
  scrashme.c:371:13: error: 'KERNEL_ADDR' undeclared (first use in this 
function)
  regval = KERNEL_ADDR;
  ^~~
  scrashme.c: In function 'run_mode':
  scrashme.c:522:15: error: 'NR_SYSCALLS' undeclared (first use in this 
function)
   if (rep > NR_SYSCALLS) {
  ^~~
  scrashme.c: In function 'main':
  scrashme.c:588:13: error: 'syscalls_i386' undeclared (first use in this 
function)
  syscalls = syscalls_i386;
  ^
  scrashme.c: In function 'run_setup':
  scrashme.c:467:2: warning: ignoring return value of 'seteuid', declared with 
attribute warn_unused_result [-Wunused-result]
  seteuid(65536);
  ^~
  scrashme.c:468:2: warning: ignoring return value of 'seteuid', declared with 
attribute warn_unused_result [-Wunused-result]
  seteuid(65536);
  ^~
  scrashme.c:469:2: warning: ignoring return value of 'setgid', declared with 
attribute warn_unused_result [-Wunused-result]
  (void)setgid(65536);
  ^~~
  scrashme.c:470:2: warning: ignoring return value of 'seteuid', declared with 
attribute warn_unused_result [-Wunused-result]
  seteuid(65536);
  ^~
  scrashme.c:486:2: warning: ignoring return value of 'chroot', declared with 
attribute warn_unused_result [-Wunused-result]
  chroot("tmp");
  ^
  make: *** [scrashme.o] Error 1

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: linux-image-4.8.0-52-generic 4.8.0-52.55
  ProcVersionSignature: Ubuntu 4.8.0-52.55-generic 4.8.17
  Uname: Linux 4.8.0-52-generic s390x
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 
2: ls: cannot access '/dev/snd/': No such file or directory
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.20.3-0ubuntu8.2
  Architecture: s390x
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 
not found.
  Date: Mon May  8 03:25:31 2017
  HibernationDevice: RESUME=UUID=46fcf640-03e2-4fd5-b7d6-321d6a11ff8d
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  PciMultimedia:
   
  ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb'
  ProcKernelCmdLine: root=UUID=4a1de891-d624-42df-be09-50199aec3d11 
crashkernel=196M debug BOOT_IMAGE=0
  RelatedPackageVersions:
   linux-restricted-modules-4.8.0-52-generic N/A
   linux-backports-modules-4.8.0-52-generic  N/A
   linux-firmware1.161.1
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1689240/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772504] Re: [18.04] [regression testing] ubuntu_bpf_jit test failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1753941 ***
https://bugs.launchpad.net/bugs/1753941

** This bug has been marked a duplicate of bug 1753941
   ubuntu_bpf_jit test failed on Bionic s390x systems

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772504

Title:
  [18.04] [regression testing] ubuntu_bpf_jit test failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  see logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772504/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1768435] Re: aio-dio-extend-stat test in aio_dio_bugs failed on s390x

2018-05-21 Thread Po-Hsu Lin 
** Tags added: artful bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1768435

Title:
  aio-dio-extend-stat test in aio_dio_bugs failed on s390x

Status in linux package in Ubuntu:
  Triaged
Status in linux source package in Xenial:
  Triaged

Bug description:
  It can be reproduced on zVM, zKVM and Ubuntu on LPAR

  This should not be considered as a regression, the test suite stopped
  on the first test in this test suite before.

  Steps:
  1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git
  2. make -C autotest-client-tests/aio_dio_bugs/src
  3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-extend-stat file


   Running 'apt-get install --yes --force-yes build-essential gcc'
Reading package lists...
Building dependency tree...
Reading state information...
build-essential is already the newest version (12.1ubuntu2).
gcc is already the newest version (4:5.3.1-1ubuntu1).
The following packages were automatically installed and are no longer 
required:
linux-headers-4.4.0-121 linux-headers-4.4.0-121-generic
linux-image-4.4.0-121-generic linux-image-extra-4.4.0-121-generic
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
   Running 'which gcc'
/usr/bin/gcc
   Dependency libaio successfully built
   Running 'LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ 
/home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-extend-stat file'
write of 1024 bytes @0 finished, expected filesize at least 1024, but got 0
   Exception escaping from test:
  Traceback (most recent call last):
  File "/home/ubuntu/autotest/client/shared/test.py", line 411, in _exec
  _call_test_function(self.execute, *p_args, **p_dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 823, in 
_call_test_function
  return func(*args, **dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 291, in execute
  postprocess_profiled_run, args, dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 212, in 
_call_run_once
  self.run_once(*args, **dargs)
  File "/home/ubuntu/autotest/client/tests/aio_dio_bugs/aio_dio_bugs.py", line 
42, in run_once
  utils.system(var_ld_path + ' ' + cmd)
  File "/home/ubuntu/autotest/client/shared/utils.py", line 1232, in system
  verbose=verbose).exit_status
  File "/home/ubuntu/autotest/client/shared/utils.py", line 918, in run
  "Command returned non-zero exit status")
  CmdError: Command failed, rc=1, Command returned non-zero exit status
  * Command:
  LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/
  /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-extend-stat file
  Exit status: 1
  Duration: 0.10453414917

  stdout:
  write of 1024 bytes @0 finished, expected filesize at least 1024, but got 0

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-123-generic 4.4.0-123.147
  ProcVersionSignature: Ubuntu 4.4.0-123.147-generic 4.4.128
  Uname: Linux 4.4.0-123-generic s390x
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 
2: ls: cannot access '/dev/snd/': No such file or directory
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.20.1-0ubuntu2.16
  Architecture: s390x
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 
not found.
  CurrentDmesg:
   
  Date: Wed May  2 02:24:25 2018
  HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  PciMultimedia:
   
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb'
  ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 
crashkernel=196M BOOT_IMAGE=0
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-123-generic N/A
   linux-backports-modules-4.4.0-123-generic  N/A
   linux-firmware 1.157.17
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1768435/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1768430] Re: aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x

2018-05-21 Thread Po-Hsu Lin 
** Tags added: bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1768430

Title:
  aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x

Status in linux package in Ubuntu:
  Triaged
Status in linux source package in Xenial:
  Triaged

Bug description:
  It can be reproduced on zVM, zKVM and Ubuntu on LPAR

  This should not be considered as a regression, the test suite stopped
  on the first test in this test suite before.

  Steps:
  1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git
  2. make -C autotest-client-tests/aio_dio_bugs/src
  3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-subblock-eof-read 
eoftest

   Running 'apt-get install --yes --force-yes build-essential gcc'
   Reading package lists...
   Building dependency tree...
   Reading state information...
   build-essential is already the newest version (12.1ubuntu2).
   gcc is already the newest version (4:5.3.1-1ubuntu1).
   The following packages were automatically installed and are no longer 
required:
   linux-headers-4.4.0-121 linux-headers-4.4.0-121-generic
   linux-image-4.4.0-121-generic linux-image-extra-4.4.0-121-generic
   Use 'sudo apt autoremove' to remove them.
   0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
   Running 'which gcc'
   /usr/bin/gcc
   Dependency libaio successfully built
   Running 'LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ 
/home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-subblock-eof-read 
eoftest'
   buffered read returned -1, should be 300
   Exception escaping from test:
  Traceback (most recent call last):
  File "/home/ubuntu/autotest/client/shared/test.py", line 411, in _exec
  _call_test_function(self.execute, *p_args, **p_dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 823, in 
_call_test_function
  return func(*args, **dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 291, in execute
  postprocess_profiled_run, args, dargs)
  File "/home/ubuntu/autotest/client/shared/test.py", line 212, in 
_call_run_once
  self.run_once(*args, **dargs)
  File "/home/ubuntu/autotest/client/tests/aio_dio_bugs/aio_dio_bugs.py", line 
42, in run_once
  utils.system(var_ld_path + ' ' + cmd)
  File "/home/ubuntu/autotest/client/shared/utils.py", line 1232, in system
  verbose=verbose).exit_status
  File "/home/ubuntu/autotest/client/shared/utils.py", line 918, in run
  "Command returned non-zero exit status")
  CmdError: Command failed, rc=1, Command returned non-zero exit status
  * Command:
  LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/
  /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-subblock-eof-
  read eoftest
  Exit status: 1
  Duration: 0.00215792655945

  stdout:
  buffered read returned -1, should be 300

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-123-generic 4.4.0-123.147
  ProcVersionSignature: Ubuntu 4.4.0-123.147-generic 4.4.128
  Uname: Linux 4.4.0-123-generic s390x
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 
2: ls: cannot access '/dev/snd/': No such file or directory
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.20.1-0ubuntu2.16
  Architecture: s390x
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 
not found.
  CurrentDmesg:

  Date: Wed May  2 02:21:12 2018
  HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  PciMultimedia:

  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb'
  ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 
crashkernel=196M BOOT_IMAGE=0
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-123-generic N/A
   linux-backports-modules-4.4.0-123-generic  N/A
   linux-firmware 1.157.17
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1768430/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1730895] Re: aio-dio-invalidate-failure test failed with event res -22 on s390x

2018-05-21 Thread Po-Hsu Lin 
** Tags added: bionix

** Tags removed: bionix
** Tags added: bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1730895

Title:
  aio-dio-invalidate-failure test failed with event res -22 on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  This bug is for tracking purpose, this is not a regression for current
  cycle as this issue exists for a long time.

  It can be reproduced on zVM, zKVM and Ubuntu on LPAR

  Steps:
  1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git
  2. make -C autotest-client-tests/aio_dio_bugs/src
  3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-invalidate-failure 
poo

  Result:
  event res -22

  From the code itself, it's expecting a -EIO return value:
  if (event.res == -EIO) {
  printf("invalidation returned -EIO, OK\n");
  exit(0);
  }

  The actual return value is -22, which I think is -EINVAL

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-100-generic 4.4.0-100.123
  ProcVersionSignature: Ubuntu 4.4.0-100.123-generic 4.4.95
  Uname: Linux 4.4.0-100-generic s390x
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 
2: ls: cannot access '/dev/snd/': No such file or directory
  AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
  ApportVersion: 2.20.1-0ubuntu2.10
  Architecture: s390x
  ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
  CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 
not found.
  CurrentDmesg:

  Date: Wed Nov  8 01:57:40 2017
  HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345
  IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  PciMultimedia:

  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb'
  ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 
crashkernel=196M BOOT_IMAGE=0
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-100-generic N/A
   linux-backports-modules-4.4.0-100-generic  N/A
   linux-firmware 1.157.13
  RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1730895/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772495] Re: [18.04] [regression testing] aio_dio_bugs tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1768430 ***
https://bugs.launchpad.net/bugs/1768430

Duplicate of 
bug 1730895
bug 1768430
bug 1768435

** This bug has been marked a duplicate of bug 1730895
   aio-dio-invalidate-failure test failed with event res -22 on s390x

** This bug is no longer a duplicate of bug 1730895
   aio-dio-invalidate-failure test failed with event res -22 on s390x
** This bug has been marked a duplicate of bug 1768430
   aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772495

Title:
  [18.04] [regression testing] aio_dio_bugs tests failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  need to examine the logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772495/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic

2018-05-21 Thread Po-Hsu Lin 
** Tags added: s390x

** Summary changed:

- Unable to build libghugetlbfs test on 4.15 Bionic
+ Unable to build libhugetlbfs test on 4.15 Bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1765279

Title:
  Unable to build libhugetlbfs test on 4.15 Bionic

Status in linux package in Ubuntu:
  Incomplete
Status in linux-kvm package in Ubuntu:
  Confirmed

Bug description:
  When trying to build the libhugetlbfs test Bionic, it will fail with:
    CC32 obj32/linkhuge_nofd.o
    LD32 (hugelink test) obj32/linkhuge_nofd
    CC32 obj32/linkshare.o
    LD32 (hugelink test) obj32/linkshare
    LD32 (xB test) obj32/xB.linkhuge
  /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B'
  /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information
  collect2: error: ld returned 1 exit status
  Makefile:227: recipe for target 'obj32/xB.linkhuge' failed
  make[1]: *** [obj32/xB.linkhuge] Error 1
  Makefile:242: recipe for target 'tests/all' failed
  make: *** [tests/all] Error 2

  Steps:
    1. git clone --depth=1 -b next 
https://github.com/libhugetlbfs/libhugetlbfs.git
    2. cd libhugetlbfs
    3. make

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3
  ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10
  Uname: Linux 4.15.0-1003-kvm x86_64
  ApportVersion: 2.20.9-0ubuntu5
  Architecture: amd64
  Date: Thu Apr 19 04:44:08 2018
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: linux-kvm
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic

2018-05-21 Thread Launchpad Bug Tracker 
Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: linux-kvm (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1765279

Title:
  Unable to build libhugetlbfs test on 4.15 Bionic

Status in linux package in Ubuntu:
  Incomplete
Status in linux-kvm package in Ubuntu:
  Confirmed

Bug description:
  When trying to build the libhugetlbfs test Bionic, it will fail with:
    CC32 obj32/linkhuge_nofd.o
    LD32 (hugelink test) obj32/linkhuge_nofd
    CC32 obj32/linkshare.o
    LD32 (hugelink test) obj32/linkshare
    LD32 (xB test) obj32/xB.linkhuge
  /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B'
  /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information
  collect2: error: ld returned 1 exit status
  Makefile:227: recipe for target 'obj32/xB.linkhuge' failed
  make[1]: *** [obj32/xB.linkhuge] Error 1
  Makefile:242: recipe for target 'tests/all' failed
  make: *** [tests/all] Error 2

  Steps:
    1. git clone --depth=1 -b next 
https://github.com/libhugetlbfs/libhugetlbfs.git
    2. cd libhugetlbfs
    3. make

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3
  ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10
  Uname: Linux 4.15.0-1003-kvm x86_64
  ApportVersion: 2.20.9-0ubuntu5
  Architecture: amd64
  Date: Thu Apr 19 04:44:08 2018
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: linux-kvm
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic

2018-05-21 Thread Po-Hsu Lin 
** Changed in: linux (Ubuntu)
 Assignee: (unassigned) => Ubuntu Kernel Team (ubuntu-kernel-team)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1765279

Title:
  Unable to build libhugetlbfs test on 4.15 Bionic

Status in linux package in Ubuntu:
  Incomplete
Status in linux-kvm package in Ubuntu:
  Confirmed

Bug description:
  When trying to build the libhugetlbfs test Bionic, it will fail with:
    CC32 obj32/linkhuge_nofd.o
    LD32 (hugelink test) obj32/linkhuge_nofd
    CC32 obj32/linkshare.o
    LD32 (hugelink test) obj32/linkshare
    LD32 (xB test) obj32/xB.linkhuge
  /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B'
  /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information
  collect2: error: ld returned 1 exit status
  Makefile:227: recipe for target 'obj32/xB.linkhuge' failed
  make[1]: *** [obj32/xB.linkhuge] Error 1
  Makefile:242: recipe for target 'tests/all' failed
  make: *** [tests/all] Error 2

  Steps:
    1. git clone --depth=1 -b next 
https://github.com/libhugetlbfs/libhugetlbfs.git
    2. cd libhugetlbfs
    3. make

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3
  ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10
  Uname: Linux 4.15.0-1003-kvm x86_64
  ApportVersion: 2.20.9-0ubuntu5
  Architecture: amd64
  Date: Thu Apr 19 04:44:08 2018
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: linux-kvm
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772496] Re: [18.04] [regression testing] libhugetlbfs tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1765279 ***
https://bugs.launchpad.net/bugs/1765279

** This bug has been marked a duplicate of bug 1765279
   Unable to build libghugetlbfs test on 4.15 Bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772496

Title:
  [18.04] [regression testing] libhugetlbfs tests failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  need to review the logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772496/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1730804] Re: [Bug] Crystal Ridge - verify error clearing on writes for per inode fs-dax

2018-05-21 Thread quanxian 
** Description changed:

  Description:
  A dax mounted filesystem redirects the read/write system calls through the 
dax paths as an optimization, but the dax path is unable to clear media errors.
  With per inode fs-dax, userspace can turn off dax using an ioctl, and clear 
errors using writes. Write a unit test to do that, and inform nvml of this 
reference way to do it.
  
- Target Kernel: 4.16
+ Target Kernel: 4.19
  Target Release: 18.10

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1730804

Title:
  [Bug] Crystal Ridge - verify error clearing on writes for per inode
  fs-dax

Status in intel:
  Incomplete
Status in linux package in Ubuntu:
  Expired

Bug description:
  Description:
  A dax mounted filesystem redirects the read/write system calls through the 
dax paths as an optimization, but the dax path is unable to clear media errors.
  With per inode fs-dax, userspace can turn off dax using an ioctl, and clear 
errors using writes. Write a unit test to do that, and inform nvml of this 
reference way to do it.

  Target Kernel: 4.19
  Target Release: 18.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1730804/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic

2018-05-21 Thread Launchpad Bug Tracker 
Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: linux (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1758255

Title:
  lxc-tests package is not available in Bionic

Status in linux package in Ubuntu:
  Confirmed
Status in lxc package in Ubuntu:
  Invalid

Bug description:
  This lxc-tests required by the ubuntu_lxc test is not available on Bionic
  https://packages.ubuntu.com/search?keywords=lxc-tests

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic

2018-05-21 Thread Po-Hsu Lin 
** Also affects: linux (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1758255

Title:
  lxc-tests package is not available in Bionic

Status in linux package in Ubuntu:
  Confirmed
Status in lxc package in Ubuntu:
  Invalid

Bug description:
  This lxc-tests required by the ubuntu_lxc test is not available on Bionic
  https://packages.ubuntu.com/search?keywords=lxc-tests

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic

2018-05-21 Thread Po-Hsu Lin 
** Changed in: linux (Ubuntu)
 Assignee: (unassigned) => Ubuntu Kernel Team (ubuntu-kernel-team)

** Tags added: bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1758255

Title:
  lxc-tests package is not available in Bionic

Status in linux package in Ubuntu:
  Confirmed
Status in lxc package in Ubuntu:
  Invalid

Bug description:
  This lxc-tests required by the ubuntu_lxc test is not available on Bionic
  https://packages.ubuntu.com/search?keywords=lxc-tests

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1772507] Re: [18.04] [regression testing] ubuntu_lxc tests failing on s390x

2018-05-21 Thread Po-Hsu Lin 
*** This bug is a duplicate of bug 1758255 ***
https://bugs.launchpad.net/bugs/1758255

** This bug has been marked a duplicate of bug 1758255
   lxc-tests package is not available in Bionic

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772507

Title:
  [18.04] [regression testing] ubuntu_lxc tests failing on s390x

Status in linux package in Ubuntu:
  Triaged

Bug description:
  see logs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772507/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1723127] Re: Intel i40e PF reset due to incorrect MDD detection (continues...)

2018-05-21 Thread haosdent 
Hi, we still encounter this error in the latest 4.4.0 kernel. Our kernel
version is

```
$ uname -r
4.4.0-122

$ dpkg -l|grep linux-image-4.4.0-122-generic
ii  linux-image-4.4.0-122-generic   4.4.0-122.146   
   amd64Linux kernel image for version 4.4.0 on 64 bit x86 SMP
```

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1723127

Title:
  Intel i40e PF reset due to incorrect MDD detection (continues...)

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Won't Fix
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Artful:
  Fix Released
Status in linux source package in Bionic:
  Fix Released

Bug description:
  [impact]

  The i40e driver sometimes causes a "malicious device" event that the
  firmware detects, which causes the firmware to reset the nic, causing
  an interruption in the network connection - which can cause further
  problems, e.g. if the interface is in a bond; the reset will at least
  cause a temporary interruption in network traffic.

  [fix]

  The upstream patch to fix this adjusts how the driver fragments TX
  data; the "malicious driver" detected by the firmware is a result of
  incorrectly crafted TX fragment descriptors (the firmware has specific
  complicated restrictions on this).  The patch is from Intel, and they
  suggested this specific patch to address the problem; additionally I
  have checked with someone who reported this to me and provided a test
  kernel with the patch to them, and they have been able to run ~6 weeks
  so far without reproducing the issue; previously they could reproduce
  it as quickly as a day, but usually within 2-3 weeks.

  [test case]

  the bug is unfortunately very difficult to reproduce, but as shown in
  this (and previous) bug comments, some users of the i40e have traffic
  that can consistently reproduce the problem (although usually on the
  order of days, or longer, to reproduce).  Reproducing is easily
  detected, as the nw traffic will be interrupted and the system logs
  will contain a message like:

  i40e :02:00.1: TX driver issue detected, PF reset issued

  [regression potential]

  the patch for this alters how tx is fragmented by the driver, so a
  possible regression would likely cause problems in TX traffic and/or
  additional "malicious device detection" events.


  [original description]

  This is a continuation from bug 1713553; a patch was added in that bug
  to attempt to fix this, and it may have helped reduce the issue but
  appears not to have fixed it, based on more reports.

  The issue is the i40e driver, when TSO is enabled, sometimes sees the
  NIC firmware issue a "MDD event" where MDD is "Malicious Driver
  Detection".  This is vaguely defined in the i40e spec, but with no way
  to tell what the NIC actually saw that it didn't like.  So, the driver
  can do nothing but print an error message and reset the PF (or VF).
  Unfortunately, this resets the interface, which causes an interruption
  in network traffic flow while the PF is resetting.

  See bug 1713553 for more details.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1723127/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1087010] Re: kworker uses 70-90% of a CPU core (hyperthreaded)

2018-05-21 Thread Christopher M. Penalver 
** Tags removed: kernel-bug-exists-upstream-4.17-rc4 needs-filing-upstream
** Tags added: kernel-bug-exists-upstream-4.17-rc6

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1087010

Title:
  kworker uses 70-90% of a CPU core (hyperthreaded)

Status in linux package in Ubuntu:
  Triaged

Bug description:
  I see high (70-90%) cpu usage from a kworker thread. Usually
  kworker/0:1 or kworker/0:2. This does not always happen. On some boots
  all is fine but once it shows, rebooting does not make it go away.

  WORKAROUND: Execute:
  echo "disable" > /sys/firmware/acpi/interrupts/gpe13 

  ProblemType: Bug
  DistroRelease: Ubuntu 12.10
  Package: linux-image-3.5.0-19-generic 3.5.0-19.30
  ProcVersionSignature: Ubuntu 3.5.0-19.30-generic 3.5.7
  Uname: Linux 3.5.0-19-generic x86_64
  ApportVersion: 2.6.1-0ubuntu6
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  mio1965 F pulseaudio
   /dev/snd/pcmC0D0p:   mio1965 F...m pulseaudio
  Date: Wed Dec  5 22:37:00 2012
  HibernationDevice: RESUME=UUID=a371882c-0fe7-45e5-9adb-83da8374bc11
  InstallationDate: Installed on 2012-10-10 (55 days ago)
  InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 
(20120823.1)
  MachineType: SAMSUNG ELECTRONICS CO., LTD. 700Z7C
  MarkForUpload: True
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-19-generic 
root=UUID=79674508-93de-43e0-b313-f6a9b480c606 ro 
crashkernel=384M-2G:64M,2G-:128M acpi_osi=Linux pcie_aspm=force i915.modeset=1 
i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.semaphores=1 i915.powersave=1 
snd_hda_intel.power_save_controller=1 snd_hda_intel.power_save=1 quiet splash 
vt.handoff=7
  PulseList:
   Error: command ['pacmd', 'list'] failed with exit code 1: Home directory 
/home/mio not ours.
   No PulseAudio daemon running, or not running as session daemon.
  RelatedPackageVersions:
   linux-restricted-modules-3.5.0-19-generic N/A
   linux-backports-modules-3.5.0-19-generic  N/A
   linux-firmware1.95
  SourcePackage: linux
  UpgradeStatus: Upgraded to quantal on 2012-10-11 (55 days ago)
  dmi.bios.date: 08/02/2012
  dmi.bios.vendor: Phoenix Technologies Ltd.
  dmi.bios.version: P04AAE
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: SAMSUNG_NP1234567890
  dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.board.version: FAB1
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 9
  dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.chassis.version: 0.1
  dmi.modalias: 
dmi:bvnPhoenixTechnologiesLtd.:bvrP04AAE:bd08/02/2012:svnSAMSUNGELECTRONICSCO.,LTD.:pn700Z7C:pvr0.1:rvnSAMSUNGELECTRONICSCO.,LTD.:rnSAMSUNG_NP1234567890:rvrFAB1:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvr0.1:
  dmi.product.name: 700Z7C
  dmi.product.version: 0.1
  dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD.
  ---
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  mio1568 F pulseaudio
  CurrentDesktop: Unity:Unity7:ubuntu
  DistroRelease: Ubuntu 18.04
  HibernationDevice: RESUME=UUID=3f9af81f-77f0-4438-9a4b-6722de269cbb
  InstallationDate: Installed on 2018-05-09 (9 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
  MachineType: SAMSUNG ELECTRONICS CO., LTD. 700Z7C
  Package: linux (not installed)
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic 
root=UUID=7c436149-ab84-40d0-919f-032364393f9b ro quiet splash video=VGA1:d 
nouveau.runpm=0 vt.handoff=1
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-20-generic N/A
   linux-backports-modules-4.15.0-20-generic  N/A
   linux-firmware 1.173
  Tags:  bionic
  Uname: Linux 4.15.0-20-generic x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lp lpadmin plugdev sambashare sudo
  _MarkForUpload: True
  dmi.bios.date: 08/02/2012
  dmi.bios.vendor: Phoenix Technologies Ltd.
  dmi.bios.version: P04AAE
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: SAMSUNG_NP1234567890
  dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.board.version: FAB1
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 9
  dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD.
  dmi.chassis.version: 0.1
  dmi.modalias: 
dmi:bvnPhoenixTechnologiesLtd.:bvrP04AAE:bd08/02/2012:svnSAMSUNGELECTRONICSCO.,LTD.:pn700Z7C:pvr0.1:rvnSAMSUNGELECTRONICSCO.,LTD.:rnSAMSUNG_NP1234567890:rvrFAB1:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvr0.1:
  dmi.product.family: ChiefRiver System
  dmi.product.name: 700Z7C
  dmi.product.version: 0.1
  dmi.sys.vendor: SAMSUNG

[Kernel-packages] [Bug 1769236] Re: CPU frequency stuck at minimum value

2018-05-21 Thread Glen Ditchfield 
** Attachment added: "grep-thermal.txt"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769236/+attachment/5142653/+files/grep-thermal.txt

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1769236

Title:
  CPU frequency stuck at minimum value

Status in linux package in Ubuntu:
  Confirmed
Status in thermald package in Ubuntu:
  New

Bug description:
  I installed the Kubuntu variant of Ubuntu 18.04 on a new HP Spectre 13
  laptop.  Performance is poor.  The CPU (an i7-8550U) is running at
  400MHz, and never speeds up, even when running some of the Phoronix
  Test Suite benchmarks.

  I can use cpupower to switch to the "performance" cpufreq governor,
  but cannot change the frequency with either governor.

  Here is the output of some experiments I ran while Phoronix's c-ray test was 
running.
  __

  gjditchf@copperplate:/var/log$ cat /proc/cpuinfo | grep MHz
  cpu MHz : 400.008
  cpu MHz : 400.002
  cpu MHz : 400.002
  cpu MHz : 400.003
  cpu MHz : 400.005
  cpu MHz : 400.003
  cpu MHz : 400.001
  cpu MHz : 400.004

  gjditchf@copperplate:/var/log$ cpupower frequency-info
  analyzing CPU 0:
driver: intel_pstate
CPUs which run at the same hardware frequency: 0
CPUs which need to have their frequency coordinated by software: 0
maximum transition latency:  Cannot determine or is not supported.
hardware limits: 400 MHz - 4.00 GHz
available cpufreq governors: performance powersave
current policy: frequency should be within 400 MHz and 1.60 GHz.
The governor "powersave" may decide which speed to use
within this range.
current CPU frequency: Unable to call hardware
current CPU frequency: 400 MHz (asserted by call to kernel)
boost state support:
  Supported: yes
  Active: yes

  gjditchf@copperplate:/var/log$ sudo cpupower frequency-set -f 1.60GHz
  Setting cpu: 0
  Error setting new values. Common errors:
  - Do you have proper administration rights? (super-user?)
  - Is the governor you requested available and modprobed?
  - Trying to set an invalid policy?
  - Trying to set a specific frequency, but userspace governor is not available,
 for example because of hardware which cannot be set to a specific frequency
 or because the userspace governor isn't loaded?

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-20-generic 4.15.0-20.21
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  Uname: Linux 4.15.0-20-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Fri May  4 12:57:25 2018
  InstallationDate: Installed on 2018-04-28 (6 days ago)
  InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  SourcePackage: linux-signed
  UpgradeStatus: No upgrade log present (probably fresh install)
  --- 
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  gjditchf   1190 F pulseaudio
  CurrentDesktop: KDE
  DistroRelease: Ubuntu 18.04
  InstallationDate: Installed on 2018-04-28 (10 days ago)
  InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 004: ID 8087:0a2b Intel Corp. 
   Bus 001 Device 003: ID 0bda:564e Realtek Semiconductor Corp. 
   Bus 001 Device 002: ID 0bda:564f Realtek Semiconductor Corp. 
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  MachineType: HP HP Spectre Laptop 13-af0xx
  Package: linux (not installed)
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic 
root=UUID=ab54f00a-7dd6-4d75-a664-682f777c841c ro quiet splash vt.handoff=1
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-20-generic N/A
   linux-backports-modules-4.15.0-20-generic  N/A
   linux-firmware 1.173
  Tags:  bionic
  Uname: Linux 4.15.0-20-generic x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin monotone plugdev sambashare sudo
  _MarkForUpload: True
  dmi.bios.date: 10/13/2017
  dmi.bios.vendor: Insyde
  dmi.bios.version: F.06
  dmi.board.asset.tag: Type2 - Board Asset Tag
  dmi.board.name: 83A2
  dmi.board.vendor: HP
  dmi.board.version: 55.24
  dmi.chassis.asset.tag: Chassis Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: HP
  dmi.chassis.version: Chassis Version
  dmi.modalias: 
dmi:bvnInsyde:bvrF.06:bd10/13/2017:svnHP:pnHPSpectreLaptop13-af0xx:pvrType1ProductConfigId:rvnHP:rn83A2:rvr55.24:cvnHP:ct10:cvrChassisVersion:
  dmi.product.family: 103C_5335KV HP Spectre
  dmi.product.name: HP Spectre Laptop 13-af0xx

[Kernel-packages] [Bug 1769236] Re: CPU frequency stuck at minimum value

2018-05-21 Thread Glen Ditchfield 
I will attach acpi.out, and also the output of "grep -r .
/sys/class/thermal/*" in grep-thermal.txt.

As for editing /var/run/thermald/thermal-conf.xml.auto ... that file is
regenerated at boot.  How do I make persistent changes?  I tried copying
the edited file to /etc/thermald/thermal-conf.xml, but didn't see any
improvement, and the contents of the thermald debug log suggest that
thermald doesn't read the /etc/ file.

** Attachment added: "acpi.out"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769236/+attachment/5142652/+files/acpi.out

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1769236

Title:
  CPU frequency stuck at minimum value

Status in linux package in Ubuntu:
  Confirmed
Status in thermald package in Ubuntu:
  New

Bug description:
  I installed the Kubuntu variant of Ubuntu 18.04 on a new HP Spectre 13
  laptop.  Performance is poor.  The CPU (an i7-8550U) is running at
  400MHz, and never speeds up, even when running some of the Phoronix
  Test Suite benchmarks.

  I can use cpupower to switch to the "performance" cpufreq governor,
  but cannot change the frequency with either governor.

  Here is the output of some experiments I ran while Phoronix's c-ray test was 
running.
  __

  gjditchf@copperplate:/var/log$ cat /proc/cpuinfo | grep MHz
  cpu MHz : 400.008
  cpu MHz : 400.002
  cpu MHz : 400.002
  cpu MHz : 400.003
  cpu MHz : 400.005
  cpu MHz : 400.003
  cpu MHz : 400.001
  cpu MHz : 400.004

  gjditchf@copperplate:/var/log$ cpupower frequency-info
  analyzing CPU 0:
driver: intel_pstate
CPUs which run at the same hardware frequency: 0
CPUs which need to have their frequency coordinated by software: 0
maximum transition latency:  Cannot determine or is not supported.
hardware limits: 400 MHz - 4.00 GHz
available cpufreq governors: performance powersave
current policy: frequency should be within 400 MHz and 1.60 GHz.
The governor "powersave" may decide which speed to use
within this range.
current CPU frequency: Unable to call hardware
current CPU frequency: 400 MHz (asserted by call to kernel)
boost state support:
  Supported: yes
  Active: yes

  gjditchf@copperplate:/var/log$ sudo cpupower frequency-set -f 1.60GHz
  Setting cpu: 0
  Error setting new values. Common errors:
  - Do you have proper administration rights? (super-user?)
  - Is the governor you requested available and modprobed?
  - Trying to set an invalid policy?
  - Trying to set a specific frequency, but userspace governor is not available,
 for example because of hardware which cannot be set to a specific frequency
 or because the userspace governor isn't loaded?

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: linux-image-4.15.0-20-generic 4.15.0-20.21
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  Uname: Linux 4.15.0-20-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  CurrentDesktop: KDE
  Date: Fri May  4 12:57:25 2018
  InstallationDate: Installed on 2018-04-28 (6 days ago)
  InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  SourcePackage: linux-signed
  UpgradeStatus: No upgrade log present (probably fresh install)
  --- 
  ApportVersion: 2.20.9-0ubuntu7
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  gjditchf   1190 F pulseaudio
  CurrentDesktop: KDE
  DistroRelease: Ubuntu 18.04
  InstallationDate: Installed on 2018-04-28 (10 days ago)
  InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 004: ID 8087:0a2b Intel Corp. 
   Bus 001 Device 003: ID 0bda:564e Realtek Semiconductor Corp. 
   Bus 001 Device 002: ID 0bda:564f Realtek Semiconductor Corp. 
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  MachineType: HP HP Spectre Laptop 13-af0xx
  Package: linux (not installed)
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic 
root=UUID=ab54f00a-7dd6-4d75-a664-682f777c841c ro quiet splash vt.handoff=1
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  RelatedPackageVersions:
   linux-restricted-modules-4.15.0-20-generic N/A
   linux-backports-modules-4.15.0-20-generic  N/A
   linux-firmware 1.173
  Tags:  bionic
  Uname: Linux 4.15.0-20-generic x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin monotone plugdev sambashare sudo
  _MarkForUpload: True
  dmi.bios.date: 10/13/2017
  dmi.bios.vendor: Insyde
  dmi.bios.version: F.06
  dmi.board.asset.tag: Type2 - Board Asset Tag
  dmi.board.name: 83A2
  dmi.board.vendor: HP

[Kernel-packages] [Bug 1771467] Re: Reboot/shutdown kernel panic on HP DL360 Gen9 w/ bionic 4.15.0

2018-05-21 Thread Ryan Finnie 
I tracked it down to https://patchwork.kernel.org/patch/10027157/ just
before 4.15-rc1.  This appears to affect all DL360/DL380 Gen9 I've
encountered so far.  Opened
https://bugzilla.kernel.org/show_bug.cgi?id=199779 and currently working
with Sinan Kaya to disagnose.

** Tags added: kernel-bug-exists-upstream

** Bug watch added: Linux Kernel Bug Tracker #199779
   https://bugzilla.kernel.org/show_bug.cgi?id=199779

** Changed in: linux (Ubuntu)
   Status: Incomplete => Confirmed

** Changed in: linux (Ubuntu Bionic)
   Status: Incomplete => Confirmed

** Summary changed:

- Reboot/shutdown kernel panic on HP DL360 Gen9 w/ bionic 4.15.0
+ Reboot/shutdown kernel panic on HP DL360/DL380 Gen9 w/ bionic 4.15.0

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1771467

Title:
  Reboot/shutdown kernel panic on HP DL360/DL380 Gen9 w/ bionic 4.15.0

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Bionic:
  Confirmed

Bug description:
  Verified on multiple DL360 Gen9 servers with up to date firmware.
  Just before reboot or shutdown, there is the following panic:

  [  289.093083] {1}[Hardware Error]: Hardware error from APEI Generic Hardware 
Error Source: 1
  [  289.093085] {1}[Hardware Error]: event severity: fatal
  [  289.093087] {1}[Hardware Error]:  Error 0, type: fatal
  [  289.093088] {1}[Hardware Error]:   section_type: PCIe error
  [  289.093090] {1}[Hardware Error]:   port_type: 4, root port
  [  289.093091] {1}[Hardware Error]:   version: 1.16
  [  289.093093] {1}[Hardware Error]:   command: 0x6010, status: 0x0143
  [  289.093094] {1}[Hardware Error]:   device_id: :00:01.0
  [  289.093095] {1}[Hardware Error]:   slot: 0
  [  289.093096] {1}[Hardware Error]:   secondary_bus: 0x03
  [  289.093097] {1}[Hardware Error]:   vendor_id: 0x8086, device_id: 0x2f02
  [  289.093098] {1}[Hardware Error]:   class_code: 040600
  [  289.093378] {1}[Hardware Error]:   bridge: secondary_status: 0x2000, 
control: 0x0003
  [  289.093380] {1}[Hardware Error]:  Error 1, type: fatal
  [  289.093381] {1}[Hardware Error]:   section_type: PCIe error
  [  289.093382] {1}[Hardware Error]:   port_type: 4, root port
  [  289.093383] {1}[Hardware Error]:   version: 1.16
  [  289.093384] {1}[Hardware Error]:   command: 0x6010, status: 0x0143
  [  289.093386] {1}[Hardware Error]:   device_id: :00:01.0
  [  289.093386] {1}[Hardware Error]:   slot: 0
  [  289.093387] {1}[Hardware Error]:   secondary_bus: 0x03
  [  289.093388] {1}[Hardware Error]:   vendor_id: 0x8086, device_id: 0x2f02
  [  289.093674] {1}[Hardware Error]:   class_code: 040600
  [  289.093676] {1}[Hardware Error]:   bridge: secondary_status: 0x2000, 
control: 0x0003
  [  289.093678] Kernel panic - not syncing: Fatal hardware error!
  [  289.093745] Kernel Offset: 0x1cc0 from 0x8100 (relocation 
range: 0x8000-0xbfff)
  [  289.105835] ERST: [Firmware Warn]: Firmware does not respond in time.

  It does eventually restart after this.  Then during the subsequent
  POST, the following warning appears:

  Embedded RAID 1 : Smart Array P440ar Controller - (2048 MB, V6.30) 7 Logical
  Drive(s) - Operation Failed
   - 1719-Slot 0 Drive Array - A controller failure event occurred prior
 to this power-up.  (Previous lock up code = 0x13) Action: Install the
 latest controller firmware. If the problem persists, replace the
 controller.

  The latter's symptoms are described in
  https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04805565
  but the running storage controller firmware is much newer than the
  doc's resolution.

  Neither of these problems occur during shutdown/reboot on the xenial
  kernel.

  FWIW, when running on old P89 (1.50 (07/20/2015) vs 2.56
  (01/22/2018)), the shutdown failure mode was a loop like so:

  [529151.035267] NMI: IOCK error (debug interrupt?) for reason 75 on CPU 0.
  [529153.222883] Uhhuh. NMI received for unknown reason 25 on CPU 0.
  [529153.222884] Do you have a strange power saving mode enabled?
  [529153.222884] Dazed and confused, but trying to continue
  [529153.554447] Uhhuh. NMI received for unknown reason 25 on CPU 0.
  [529153.554448] Do you have a strange power saving mode enabled?
  [529153.554449] Dazed and confused, but trying to continue
  [529153.554450] Uhhuh. NMI received for unknown reason 25 on CPU 0.
  [529153.554451] Do you have a strange power saving mode enabled?
  [529153.554452] Dazed and confused, but trying to continue
  [529153.554452] Uhhuh. NMI received for unknown reason 25 on CPU 0.
  [529153.554453] Do you have a strange power saving mode enabled?
  [529153.554454] Dazed and confused, but trying to continue
  [529153.554454] Uhhuh. NMI received for unknown reason 35 on CPU 0.
  [529153.554455] Do you have a strange power saving mode enabled?
  [529153.554456] Dazed and confused, but trying to

[Kernel-packages] [Bug 1764316] Re: Xenial update to 4.4.120 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1759303] Re: Update Aquantia driver to fix various issues

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.15.0-1006.9

---
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
- source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
- SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
- SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
(LP: #1769610)
- serdev: ttyport: release tty lock sooner on open
- serdev: ttyport: ignore carrier detect to avoid hangups
- serdev: ttyport: do not used keyed wakeup in write_wakeup
- serdev: Make .remove in struct serdev_device_driver optional
- serdev: Introduce devm_serdev_device_open()
- serdev: do not generate modaliases for controllers
- serdev: only match serdev devices
- serdev: add method to set parity
- SAUCE: (no-up) Support HS-UART serdev slaves over tty
- [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
- SAUCE: rsi: add rx control block to handle rx packets in USB
- SAUCE: rsi: add bluetooth rx endpoint
- SAUCE: rsi: add header file rsi_91x
- SAUCE: rsi: add coex support
- SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
- SAUCE: rsi: handle BT traffic in driver
- SAUCE: rsi: add module parameter operating mode
- SAUCE: rsi: sdio changes to support BT
- SAUCE: rsi: improve RX handling in SDIO interface
- SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
- SAUCE: rsi: improve RX packet handling in USB interface
- SAUCE: rsi: add support for hardware scan offload
- SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
- SAUCE: rsi: move descriptor preparation to core
- SAUCE: rsi: enable 80MHz clock by default
- SAUCE: rsi: roaming enhancements
- SAUCE: rsi: add module parameter rsi_reg
- SAUCE: rsi: regulatory modifications for 'dlcar' mode
- SAUCE: rsi: device disconnect changes
- SAUCE: rsi: tx improvements
- SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
- SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
- SAUCE: rsi: Remove stack VLA usage
- SAUCE: rsi: fix nommu_map_sg overflow kernel panic
- SAUCE: rsi: Fix 'invalid vdd' warning in mmc
- SAUCE: Redpine: Fix wowlan issue with S4
- SAUCE: Redpine: rsi: Add deep sleep enable

[Kernel-packages] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.15.0-1006.9

---
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
- source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
- SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
- SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
(LP: #1769610)
- serdev: ttyport: release tty lock sooner on open
- serdev: ttyport: ignore carrier detect to avoid hangups
- serdev: ttyport: do not used keyed wakeup in write_wakeup
- serdev: Make .remove in struct serdev_device_driver optional
- serdev: Introduce devm_serdev_device_open()
- serdev: do not generate modaliases for controllers
- serdev: only match serdev devices
- serdev: add method to set parity
- SAUCE: (no-up) Support HS-UART serdev slaves over tty
- [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
- SAUCE: rsi: add rx control block to handle rx packets in USB
- SAUCE: rsi: add bluetooth rx endpoint
- SAUCE: rsi: add header file rsi_91x
- SAUCE: rsi: add coex support
- SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
- SAUCE: rsi: handle BT traffic in driver
- SAUCE: rsi: add module parameter operating mode
- SAUCE: rsi: sdio changes to support BT
- SAUCE: rsi: improve RX handling in SDIO interface
- SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
- SAUCE: rsi: improve RX packet handling in USB interface
- SAUCE: rsi: add support for hardware scan offload
- SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
- SAUCE: rsi: move descriptor preparation to core
- SAUCE: rsi: enable 80MHz clock by default
- SAUCE: rsi: roaming enhancements
- SAUCE: rsi: add module parameter rsi_reg
- SAUCE: rsi: regulatory modifications for 'dlcar' mode
- SAUCE: rsi: device disconnect changes
- SAUCE: rsi: tx improvements
- SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
- SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
- SAUCE: rsi: Remove stack VLA usage
- SAUCE: rsi: fix nommu_map_sg overflow kernel panic
- SAUCE: rsi: Fix 'invalid vdd' warning in mmc
- SAUCE: Redpine: Fix wowlan issue with S4
- SAUCE: Redpine: rsi: Add deep sleep enable

[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure - 4.13.0-1018.21

---
linux-azure (4.13.0-1018.21) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation
  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
- netlink: Add netns check on taps
  * CVE-2017-17975
- media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON

[Kernel-packages] [Bug 1769077] Re: linux: 3.13.0-148.197 -proposed tracker

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 3.13.0-149.199

---
linux (3.13.0-149.199) trusty; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- SAUCE: powerpc/64s: Move the data access exception out-of-line

  * CVE-2018-3639 (x86)
- arch: Introduce post-init read-only memory
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

linux (3.13.0-148.197) trusty; urgency=medium

  * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077)

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18221
- mlock: fix mlock count can not decrease in race condition

  * CVE-2017-12134
- xen: fix bio vec merging

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-13220
- Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()

  * CVE-2017-18204
- ocfs2: should wait dio before inode lock in ocfs2_setattr()

  * CVE-2017-13305
- KEYS: encrypted: fix buffer overread in valid_master_desc()

  * CVE-2017-18079
- Input: i8042 - fix crash at boot time

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader   Mon, 14 May 2018 16:58:50
+0200

** Changed in: linux (Ubuntu Trusty)
   Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220

**

[Kernel-packages] [Bug 1764999] Re: Xenial update to 4.4.126 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1760712] Re: perf vendor events arm64: Enable JSON events for ThunderX2 B0

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1758507] Re: sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1762812] Re: /dev/ipmi enumeration flaky on Cavium Sabre nodes

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1765850] Re: arm64: fix CONFIG_DEBUG_WX address reporting

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1726930] Re: System fails to start (boot) on battery due to read-only root file-system

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764985] Re: linux-kvm 4.15 needs CONFIG_VMAP_STACK set

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-kvm - 4.15.0-1010.10

---
linux-kvm (4.15.0-1010.10) bionic; urgency=medium

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-kvm (4.15.0-1009.9) bionic; urgency=medium

  * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * Unable to start docker application with B-KVM kernel (LP: #1763630)
- kvm: [config] enable NF_NAT, NF_CONNTRACK
- kvm: [config] enable IP_NF_TABLES

  * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
(LP: #1764975)
- kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM}

  * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985)
- kvm: [config] enable CONFIG_VMAP_STACK

  * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
kvm kernel (LP: #1766832)
- kvm: [config] enable CONFIG_MODULE_UNLOAD

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Thu, 17 May 2018 10:30:53
+0200

** Changed in: linux-kvm (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1764985

Title:
  linux-kvm 4.15 needs CONFIG_VMAP_STACK set

Status in QA Regression Testing:
  Fix Released
Status in linux package in Ubuntu:
  Invalid
Status in linux-kvm package in Ubuntu:
  Fix Committed
Status in linux source package in Bionic:
  Invalid
Status in linux-kvm source package in Bionic:
  Fix Released

Bug description:
  test_181_config_vmap_stack in ubuntu_qrt_kernel_security_test has
  failed with 4.15.0-1004-kvm

FAIL: test_181_config_vmap_stack (__main__.KernelSecurityTest)
Ensure kernel stack isolation is set
--
Traceback (most recent call last):
  File "./test-kernel-security.py", line 2149, in test_181_config_vmap_stack
self.assertEqual(self._get_config('VMAP_STACK'), expected)
AssertionError: None != 'y'

[Kernel-packages] [Bug 1763271] Re: [8086:3e92] display becomes blank after S3

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1769843] Re: [i915 CNL-Y] system hangs soon after bootup

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.15.0-1006.9

---
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
- source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
- SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
- SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
(LP: #1769610)
- serdev: ttyport: release tty lock sooner on open
- serdev: ttyport: ignore carrier detect to avoid hangups
- serdev: ttyport: do not used keyed wakeup in write_wakeup
- serdev: Make .remove in struct serdev_device_driver optional
- serdev: Introduce devm_serdev_device_open()
- serdev: do not generate modaliases for controllers
- serdev: only match serdev devices
- serdev: add method to set parity
- SAUCE: (no-up) Support HS-UART serdev slaves over tty
- [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
- SAUCE: rsi: add rx control block to handle rx packets in USB
- SAUCE: rsi: add bluetooth rx endpoint
- SAUCE: rsi: add header file rsi_91x
- SAUCE: rsi: add coex support
- SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
- SAUCE: rsi: handle BT traffic in driver
- SAUCE: rsi: add module parameter operating mode
- SAUCE: rsi: sdio changes to support BT
- SAUCE: rsi: improve RX handling in SDIO interface
- SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
- SAUCE: rsi: improve RX packet handling in USB interface
- SAUCE: rsi: add support for hardware scan offload
- SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
- SAUCE: rsi: move descriptor preparation to core
- SAUCE: rsi: enable 80MHz clock by default
- SAUCE: rsi: roaming enhancements
- SAUCE: rsi: add module parameter rsi_reg
- SAUCE: rsi: regulatory modifications for 'dlcar' mode
- SAUCE: rsi: device disconnect changes
- SAUCE: rsi: tx improvements
- SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
- SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
- SAUCE: rsi: Remove stack VLA usage
- SAUCE: rsi: fix nommu_map_sg overflow kernel panic
- SAUCE: rsi: Fix 'invalid vdd' warning in mmc
- SAUCE: Redpine: Fix wowlan issue with S4
- SAUCE: Redpine: rsi: Add deep sleep enable

[Kernel-packages] [Bug 1767409] Re: linux-kvm: 4.15.0-1009.9 -proposed tracker

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-kvm - 4.15.0-1010.10

---
linux-kvm (4.15.0-1010.10) bionic; urgency=medium

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-kvm (4.15.0-1009.9) bionic; urgency=medium

  * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * Unable to start docker application with B-KVM kernel (LP: #1763630)
- kvm: [config] enable NF_NAT, NF_CONNTRACK
- kvm: [config] enable IP_NF_TABLES

  * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
(LP: #1764975)
- kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM}

  * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985)
- kvm: [config] enable CONFIG_VMAP_STACK

  * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
kvm kernel (LP: #1766832)
- kvm: [config] enable CONFIG_MODULE_UNLOAD

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Thu, 17 May 2018 10:30:53
+0200

** Changed in: linux-kvm (Ubuntu Bionic)
   Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1767409

Title:
  linux-kvm: 4.15.0-1009.9 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  Invalid
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Invalid
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Fix

[Kernel-packages] [Bug 1765977] Re: HiSilicon HNS NIC names are truncated in /proc/interrupts

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure - 4.13.0-1018.21

---
linux-azure (4.13.0-1018.21) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation
  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
- netlink: Add netns check on taps
  * CVE-2017-17975
- media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON

[Kernel-packages] [Bug 1763454] Re: bpf_map_lookup_elem: BUG: unable to handle kernel paging request

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1756866] Re: Xenial update to 4.4.118 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 3.13.0-149.199

---
linux (3.13.0-149.199) trusty; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- SAUCE: powerpc/64s: Move the data access exception out-of-line

  * CVE-2018-3639 (x86)
- arch: Introduce post-init read-only memory
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

linux (3.13.0-148.197) trusty; urgency=medium

  * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077)

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18221
- mlock: fix mlock count can not decrease in race condition

  * CVE-2017-12134
- xen: fix bio vec merging

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-13220
- Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()

  * CVE-2017-18204
- ocfs2: should wait dio before inode lock in ocfs2_setattr()

  * CVE-2017-13305
- KEYS: encrypted: fix buffer overread in valid_master_desc()

  * CVE-2017-18079
- Input: i8042 - fix crash at boot time

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader   Mon, 14 May 2018 16:58:50
+0200

** Changed in: linux (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220

[Kernel-packages] [Bug 1769263] Re: LSM Stacking prctl values should be redefined as to not collide with upstream prctls

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.15.0-22.24

---
linux (4.15.0-22.24) bionic; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations

  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.15.0-21.22) bionic; urgency=medium

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)

  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Tue, 15 May 2018 07:41:28
+0200

** Changed in: linux (Ubuntu)
   Status: Triaged => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1769263

Title:
  LSM Stacking prctl values should be redefined as to not collide with
  upstream prctls

Status in linux package in Ubuntu:
  Fix Released

Bug description:
  The prctl values selected for LSM Stacking made some amount of sense
  at the time of Bionic's release but there may be future upstream
  changes that we want to be backport which would collide with the
  values selected.

  Since LSM stacking is provided as an early preview in the Ubuntu
  kernels, we should use unusually high numbers to reduce the chances of
  colliding with an upstream feature.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769263/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1761104] Re: fix regression in mm/hotplug, allows NVIDIA driver to work

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1769610] Re: Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.15.0-1006.9

---
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
- source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
- SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
- SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
(LP: #1769610)
- serdev: ttyport: release tty lock sooner on open
- serdev: ttyport: ignore carrier detect to avoid hangups
- serdev: ttyport: do not used keyed wakeup in write_wakeup
- serdev: Make .remove in struct serdev_device_driver optional
- serdev: Introduce devm_serdev_device_open()
- serdev: do not generate modaliases for controllers
- serdev: only match serdev devices
- serdev: add method to set parity
- SAUCE: (no-up) Support HS-UART serdev slaves over tty
- [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
- SAUCE: rsi: add rx control block to handle rx packets in USB
- SAUCE: rsi: add bluetooth rx endpoint
- SAUCE: rsi: add header file rsi_91x
- SAUCE: rsi: add coex support
- SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
- SAUCE: rsi: handle BT traffic in driver
- SAUCE: rsi: add module parameter operating mode
- SAUCE: rsi: sdio changes to support BT
- SAUCE: rsi: improve RX handling in SDIO interface
- SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
- SAUCE: rsi: improve RX packet handling in USB interface
- SAUCE: rsi: add support for hardware scan offload
- SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
- SAUCE: rsi: move descriptor preparation to core
- SAUCE: rsi: enable 80MHz clock by default
- SAUCE: rsi: roaming enhancements
- SAUCE: rsi: add module parameter rsi_reg
- SAUCE: rsi: regulatory modifications for 'dlcar' mode
- SAUCE: rsi: device disconnect changes
- SAUCE: rsi: tx improvements
- SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
- SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
- SAUCE: rsi: Remove stack VLA usage
- SAUCE: rsi: fix nommu_map_sg overflow kernel panic
- SAUCE: rsi: Fix 'invalid vdd' warning in mmc
- SAUCE: Redpine: Fix wowlan issue with S4
- SAUCE: Redpine: rsi: Add deep sleep enable

[Kernel-packages] [Bug 1759303] Re: Update Aquantia driver to fix various issues

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1769996] Re: linux-oem: 4.13.0-1027.30 -proposed tracker

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1763494] Re: linux-azure-edge should follow bionic/linux-azure in a similar way to linux-hwe

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure-edge -
4.15.0-1012.12~16.04.2

---
linux-azure-edge (4.15.0-1012.12~16.04.2) xenial; urgency=medium

  * linux-azure-edge headers are broken after change to support scripted
rebases (LP: #1772058)
- [Packaging]: azure-edge: Fix headers packages after switching to scripted
  rebase

linux-azure-edge (4.15.0-1012.12~16.04.1) xenial; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Add versioned dependency for linux-base

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

linux-azure (4.15.0-1011.11) bionic; urgency=medium

  * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294)

  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
- fsnotify: Fix fsnotify_mark_connector race

linux-azure (4.15.0-1009.9) bionic; urgency=medium

  * linux-azure: 4.15.0-1009.9 -proposed tracker (LP: #1766467)

  [ Ubuntu: 4.15.0-20.21 ]

  * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)
  * package shim-signed (not installed) failed to install/upgrade: installed
shim-signed package post-installation script subprocess returned error exit
status 5 (LP: #1766391)
- [Packaging] fix invocation of header postinst hooks

linux-azure (4.15.0-1008.8) bionic; urgency=medium

  * linux-azure: 4.15.0-1008.8 -proposed tracker (LP: #1766025)

  [ Ubuntu: 4.15.0-19.20 ]

  * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
  * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
- Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
- Revert "genirq/affinity: assign vectors to all possible CPUs"

linux-azure (4.15.0-1007.7) bionic; urgency=medium

  * linux-azure: 4.15.0-1007.7 -proposed tracker (LP: #1765495)

  * Miscellaneous Ubuntu changes
- [Config] updateconfigs after rebase to Ubuntu-4.15.0-18.19
- [Packaging] update flavour-control.stub for signing changes

  [ Ubuntu: 4.15.0-18.19 ]

  * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
  * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
(LP: #1765429)
- powerpc/pseries: Fix clearing of

[Kernel-packages] [Bug 1763494] Re: linux-azure-edge should follow bionic/linux-azure in a similar way to linux-hwe

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure-edge -
4.15.0-1012.12~16.04.2

---
linux-azure-edge (4.15.0-1012.12~16.04.2) xenial; urgency=medium

  * linux-azure-edge headers are broken after change to support scripted
rebases (LP: #1772058)
- [Packaging]: azure-edge: Fix headers packages after switching to scripted
  rebase

linux-azure-edge (4.15.0-1012.12~16.04.1) xenial; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Add versioned dependency for linux-base

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

linux-azure (4.15.0-1011.11) bionic; urgency=medium

  * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294)

  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
- fsnotify: Fix fsnotify_mark_connector race

linux-azure (4.15.0-1009.9) bionic; urgency=medium

  * linux-azure: 4.15.0-1009.9 -proposed tracker (LP: #1766467)

  [ Ubuntu: 4.15.0-20.21 ]

  * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)
  * package shim-signed (not installed) failed to install/upgrade: installed
shim-signed package post-installation script subprocess returned error exit
status 5 (LP: #1766391)
- [Packaging] fix invocation of header postinst hooks

linux-azure (4.15.0-1008.8) bionic; urgency=medium

  * linux-azure: 4.15.0-1008.8 -proposed tracker (LP: #1766025)

  [ Ubuntu: 4.15.0-19.20 ]

  * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021)
  * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232)
- Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU"
- Revert "genirq/affinity: assign vectors to all possible CPUs"

linux-azure (4.15.0-1007.7) bionic; urgency=medium

  * linux-azure: 4.15.0-1007.7 -proposed tracker (LP: #1765495)

  * Miscellaneous Ubuntu changes
- [Config] updateconfigs after rebase to Ubuntu-4.15.0-18.19
- [Packaging] update flavour-control.stub for signing changes

  [ Ubuntu: 4.15.0-18.19 ]

  * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490)
  * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel:
meltdown: rfi/fallback displacement flush not enabled bydefault (kvm)
(LP: #1765429)
- powerpc/pseries: Fix clearing of

[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1766197] Re: Update btusb reset-resume quirk to decrease power usage

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure - 4.15.0-1012.12

---
linux-azure (4.15.0-1012.12) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Add versioned dependency for linux-base

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

linux-azure (4.15.0-1011.11) bionic; urgency=medium

  * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294)

  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
- fsnotify: Fix fsnotify_mark_connector race

 -- Stefan Bader   Wed, 16 May 2018 18:31:36
+0200

** Changed in: linux-azure (Ubuntu Xenial)
   Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17449

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17975

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-18203

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-18208

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-8822

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure in Ubuntu.
https://bugs.launchpad.net/bugs/1765564

Title:
  fsnotify: Fix fsnotify_mark_connector race

Status in Linux:
  New
Status in linux-azure package in Ubuntu:
  In Progress
Status in linux-azure source package in Xenial:
  Fix Released
Status in linux-azure source package in Bionic:
  Fix Released

Bug description:
  On Azure we have had sporadic cases of soft lockups in fsnotify that
  may very well be mitigated by the following fix. The LKML thread is
  "kernel panics with 4.14.X".

  This should be applied to 4.13 and 4.15 versions of the linux-azure
  kernel, and possibly the 4.15 generic kernel in bionic as well.

  -

  fsnotify() acquires a reference to a fsnotify_mark_connector through
  the SRCU-protected pointer to_tell->i_fsnotify_marks. However, it
  appears that no precautions are taken in fsnotify_put_mark() to
  ensure that fsnotify() drops its reference to this
  fsnotify_mark_connector before assigning a value to its 'destroy_next'
  field. This can result in fsnotify_put_mark() assigning a value
  to a connector's 'destroy_next'

[Kernel-packages] [Bug 1762693] Re: No network with e1000e driver on 4.13.0-38-generic

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1765241] Re: virtio_scsi race can corrupt memory, panic kernel

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1726930] Re: System fails to start (boot) on battery due to read-only root file-system

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1769997] Re: linux-azure: 4.13.0-1017.20 -proposed tracker

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure - 4.13.0-1018.21

---
linux-azure (4.13.0-1018.21) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.13.0-42.47 ]

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)
  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting
  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation
  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances
  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()
  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()
  * CVE-2017-17449
- netlink: Add netns check on taps
  * CVE-2017-17975
- media: usbtv: prevent double free in error case
  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP
  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend
  * perf vendor events arm64: Enable JSON

[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1758507] Re: sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1749420] Re: [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1765698] Re: Unable to insert test_bpf module on Xenial

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1769658] Re: hts221 sensor stops working after resume from S3/S4

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.15.0-1006.9

---
linux-oem (4.15.0-1006.9) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.15.0-1005.8) bionic; urgency=medium

  * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398)
- source built with a clean tree

  * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843)
- SAUCE: drm/i915/execlists: Use rmb() to order CSB reads

  * hts221 sensor stops working after resume from S3/S4 (LP: #1769658)
- SAUCE: iio: humidity: hts221: Fix sensor reads after resume

  * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
(LP: #1769610)
- serdev: ttyport: release tty lock sooner on open
- serdev: ttyport: ignore carrier detect to avoid hangups
- serdev: ttyport: do not used keyed wakeup in write_wakeup
- serdev: Make .remove in struct serdev_device_driver optional
- serdev: Introduce devm_serdev_device_open()
- serdev: do not generate modaliases for controllers
- serdev: only match serdev devices
- serdev: add method to set parity
- SAUCE: (no-up) Support HS-UART serdev slaves over tty
- [Config] CONFIG_HSUART_SERIAL_DEVICE=y

  * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682)
- SAUCE: rsi: add rx control block to handle rx packets in USB
- SAUCE: rsi: add bluetooth rx endpoint
- SAUCE: rsi: add header file rsi_91x
- SAUCE: rsi: add coex support
- SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver
- SAUCE: rsi: handle BT traffic in driver
- SAUCE: rsi: add module parameter operating mode
- SAUCE: rsi: sdio changes to support BT
- SAUCE: rsi: improve RX handling in SDIO interface
- SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB
- SAUCE: rsi: improve RX packet handling in USB interface
- SAUCE: rsi: add support for hardware scan offload
- SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h
- SAUCE: rsi: move descriptor preparation to core
- SAUCE: rsi: enable 80MHz clock by default
- SAUCE: rsi: roaming enhancements
- SAUCE: rsi: add module parameter rsi_reg
- SAUCE: rsi: regulatory modifications for 'dlcar' mode
- SAUCE: rsi: device disconnect changes
- SAUCE: rsi: tx improvements
- SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN
- SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit
- SAUCE: rsi: Remove stack VLA usage
- SAUCE: rsi: fix nommu_map_sg overflow kernel panic
- SAUCE: rsi: Fix 'invalid vdd' warning in mmc
- SAUCE: Redpine: Fix wowlan issue with S4
- SAUCE: Redpine: rsi: Add deep sleep enable

[Kernel-packages] [Bug 1769993] Re: linux: 4.13.0-42.47 -proposed tracker

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.13.0-43.48

---
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
- arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
- net: hns: Avoid action name truncation

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-17975
- media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
- drm/i915/edp: Allow alternate fixed mode for eDP if available.
- drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
- drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
- drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
from sleep (88E8055) (LP: #1758507)
- sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for

[Kernel-packages] [Bug 1762453] Re: Xenial update to 4.4.119 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 3.13.0-149.199

---
linux (3.13.0-149.199) trusty; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- SAUCE: powerpc/64s: Move the data access exception out-of-line

  * CVE-2018-3639 (x86)
- arch: Introduce post-init read-only memory
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

linux (3.13.0-148.197) trusty; urgency=medium

  * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077)

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18221
- mlock: fix mlock count can not decrease in race condition

  * CVE-2017-12134
- xen: fix bio vec merging

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-13220
- Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()

  * CVE-2017-18204
- ocfs2: should wait dio before inode lock in ocfs2_setattr()

  * CVE-2017-13305
- KEYS: encrypted: fix buffer overread in valid_master_desc()

  * CVE-2017-18079
- Input: i8042 - fix crash at boot time

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader   Mon, 14 May 2018 16:58:50
+0200

** Changed in: linux (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220

[Kernel-packages] [Bug 1772128] Re: [REGRESSION] linux 4.4.0-126.152 disables speculation control when running under a hypervisor

2018-05-21 Thread Tyler Hicks 
This bug was fixed before the affected kernel was released and,
therefore, it never affected a publicly released kernel.

** Changed in: linux (Ubuntu)
   Status: Triaged => Fix Released

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772128

Title:
  [REGRESSION] linux 4.4.0-126.152 disables speculation control when
  running under a hypervisor

Status in linux package in Ubuntu:
  Fix Released

Bug description:
  The Xenial kernel 4.4.0-126.152, which is to be released on 5/21,
  introduced a regression that disables speculation control when running
  under a hypervisor such as QEMU.

  The problem is caused by pulling in the following upstream commit:

a5b296636453 ("x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early
  Spectre v2 microcodes")

  The following upstream commit is needed to fix the bug:

36268223c1e9 ("x86/spectre_v2: Don't check microcode versions when
  running under hypervisors")

  However, the following fixes are also likely needed:

e3b3121fa8da ("x86/speculation: Remove Skylake C2 from Speculation Control 
microcode blacklist")
d37fc6d360a4 ("x86/speculation: Correct Speculation Control microcode 
blacklist again")
1751342095f0 ("x86/speculation: Update Speculation Control microcode 
blacklist")

  With the required accuracy in maintaining such a list and considering
  that we don't have the blacklist in the artful or trusty backports, I
  wonder if it is better to just remove the original offending commit so
  that we don't have a blacklist.

  
  To reproduce, you need to configure libvirt to use CPU passthrough and your 
CPU needs to be one that matches the family and stepping in the blacklist from 
commit a5b296636453. See the attached domain xml for an example libvirt xml 
file.

  The host can be any Ubuntu release running one of the kernels to be
  released on 5/21. The guest needs to be running 4.4.0-126.152. Boot
  the guest and run the following command:

  $ dmesg | grep -i specul
  [0.00] Intel Spectre v2 broken microcode detected; disabling 
Speculation Control
  [0.024568] Spectre V2 : Speculation control IBPB not-supported IBRS 
not-supported
  [0.024570] Speculative Store Bypass: Vulnerable

  The first line is the problem. Broken microcode is detected because
  the guest kernel always sees 0x1 as the microcode revision (you can
  see this by running 'grep ^microcode /proc/cpuinfo' in the guest).

  Here's the desired output, which is seen when booting the guest with
  4.4.0-124.148 (it is missing the Speculative Store Bypass message
  because it doesn't contain SSB mitigation):

  $ dmesg | grep -i specul
  [0.066675] Spectre V2 mitigation: Speculation control IBPB supported IBRS 
supported

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772128/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 3.13.0-149.199

---
linux (3.13.0-149.199) trusty; urgency=medium

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- SAUCE: powerpc/64s: Move the data access exception out-of-line

  * CVE-2018-3639 (x86)
- arch: Introduce post-init read-only memory
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

linux (3.13.0-148.197) trusty; urgency=medium

  * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077)

  * CVE-2017-18208
- mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
- staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18221
- mlock: fix mlock count can not decrease in race condition

  * CVE-2017-12134
- xen: fix bio vec merging

  * CVE-2017-18203
- dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
- netlink: Add netns check on taps

  * CVE-2017-13220
- Bluetooth: hidp_connection_add() unsafe use of l2cap_pi()

  * CVE-2017-18204
- ocfs2: should wait dio before inode lock in ocfs2_setattr()

  * CVE-2017-13305
- KEYS: encrypted: fix buffer overread in valid_master_desc()

  * CVE-2017-18079
- Input: i8042 - fix crash at boot time

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
- virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader   Mon, 14 May 2018 16:58:50
+0200

** Changed in: linux (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16995

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17862

[Kernel-packages] [Bug 1772146] Re: Xenial 4.4.0-126.152 does not properly virtualize cpuid, resulting in disabled SSBD

2018-05-21 Thread Tyler Hicks 
This bug was fixed before the affected kernel was released and,
therefore, it never affected a publicly released kernel.

** Changed in: linux (Ubuntu)
   Status: Confirmed => Fix Released

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1772146

Title:
  Xenial 4.4.0-126.152 does not properly virtualize cpuid, resulting in
  disabled SSBD

Status in linux package in Ubuntu:
  Fix Released

Bug description:
  The Xenial (4.4.0-126.152) kernel, which is to be released on 5/21,
  does not properly handle the cpuid opcode for KVM guests. This causes
  the guest kernel to incorrectly assume that the Speculative Storage
  Bypass Disable (SSBD) feature (needed for CVE-2018-3639) is not
  supported and, therefore, causes it to be unusable in a KVM guest.

  From the host environment (running 4.4.0-126.152):

   $ cpuid -1r | grep '^   0x0007'
  0x0007 0x00: eax=0x ebx=0x37ab ecx=0x 
edx=0x9c00

  When the most significant bit (bit 31) of edx is set, that indicates
  that SSBD is available.

  Running the same command in the guest shows that the bit is not set:

   $ cpuid -1r | grep '^   0x0007'
  0x0007 0x00: eax=0x ebx=0x07ab ecx=0x 
edx=0x

  Therefore, we see this message in the guest's dmesg output:

   $ dmesg | grep Speculative
   [0.008000] Speculative Store Bypass: Vulnerable

  We also see this in the guest:

   $ cat /sys/devices/system/cpu/vulnerabilities/spec_store_bypass
   Vulnerable

  I don't yet see what's causing this bug when the Xenial 4.4 kernel is
  used in the host. It does not occur when the Trusty 3.13, Artful 4.13,
  Bionic 4.15 kernels are used in the host.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772146/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1738259] Re: need to ensure microcode updates are available to all bare-metal installs of Ubuntu

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-meta-oem - 4.13.0.1028.33

---
linux-meta-oem (4.13.0.1028.33) xenial; urgency=medium

  * Bump ABI 4.13.0-1028

linux-meta-oem (4.13.0.1027.32) xenial; urgency=medium

  * need to ensure microcode updates are available to all bare-metal installs of
Ubuntu (LP: #1738259)
- Make kernel image packages depend on cpu microcode updates

linux-meta-oem (4.13.0.1027.31) xenial; urgency=medium

  * Bump ABI 4.13.0-1027

 -- Stefan Bader   Fri, 18 May 2018 10:17:58
+0200

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1738259

Title:
  need to ensure microcode updates are available to all bare-metal
  installs of Ubuntu

Status in linux-meta package in Ubuntu:
  Triaged
Status in linux-meta-hwe package in Ubuntu:
  New
Status in linux-meta-hwe-edge package in Ubuntu:
  New
Status in linux-meta-lts-xenial package in Ubuntu:
  Fix Released
Status in linux-meta-oem package in Ubuntu:
  Fix Released
Status in linux-meta source package in Precise:
  New
Status in linux-meta source package in Trusty:
  Fix Released
Status in linux-meta source package in Xenial:
  Fix Released
Status in linux-meta-hwe source package in Xenial:
  Fix Released
Status in linux-meta-hwe-edge source package in Xenial:
  Fix Released
Status in linux-meta-lts-xenial source package in Xenial:
  Fix Committed
Status in linux-meta-oem source package in Xenial:
  Fix Released
Status in linux-meta source package in Zesty:
  Invalid
Status in linux-meta source package in Artful:
  Fix Released
Status in linux-meta source package in Bionic:
  Triaged

Bug description:
  From time to time, CPU vendors release updates to microcode that can
  be loaded into the CPU from the OS.  For x86, we have these updates
  available in the archive as amd64-microcode and intel-microcode.

  Sometimes, these microcode updates have addressed security issues with
  the CPU.  They almost certainly will again in the future.

  We should ensure that all users of Ubuntu on baremetal x86 receive
  these security updates, and have them applied to the CPU in early boot
  where at all feasible.

  Because these are hardware-dependent packages which we don't want to
  install except on baremetal (so: not in VMs or containers), the
  logical place to pull them into the system is via the kernel, so that
  only the kernel baremetal flavors pull them in.  This is analogous to
  linux-firmware, which is already a dependency of the linux-
  image-{lowlatency,generic} metapackages, and whose contents are
  applied to the hardware by the kernel similar to microcode.

  So, please update the linux-image-{lowlatency,generic} metapackages to
  add a dependency on amd64-microcode [amd64], intel-microcode [amd64],
  and the corresponding hwe metapackages also.

  Please time this change to coincide with the next updates of the
  microcode packages in the archive.

  I believe we will also need to promote the *-microcode packages to
  main from restricted as part of this (again, by analogy with linux-
  firmware).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1738259/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1738259] Re: need to ensure microcode updates are available to all bare-metal installs of Ubuntu

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-meta-oem - 4.15.0.1006.8

---
linux-meta-oem (4.15.0.1006.8) bionic; urgency=medium

  * Bump ABI 4.15.0-1006

linux-meta-oem (4.15.0.1005.7) bionic; urgency=medium

  * need to ensure microcode updates are available to all bare-metal installs of
Ubuntu (LP: #1738259)
- Make kernel image packages depend on cpu microcode updates

linux-meta-oem (4.15.0.1005.6) bionic; urgency=medium

  * Bump ABI 4.15.0-1005

 -- Stefan Bader   Fri, 18 May 2018 09:13:24
+0200

** Changed in: linux-meta-oem (Ubuntu)
   Status: Invalid => Fix Released

** Changed in: linux-meta-oem (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1738259

Title:
  need to ensure microcode updates are available to all bare-metal
  installs of Ubuntu

Status in linux-meta package in Ubuntu:
  Triaged
Status in linux-meta-hwe package in Ubuntu:
  New
Status in linux-meta-hwe-edge package in Ubuntu:
  New
Status in linux-meta-lts-xenial package in Ubuntu:
  Fix Released
Status in linux-meta-oem package in Ubuntu:
  Fix Released
Status in linux-meta source package in Precise:
  New
Status in linux-meta source package in Trusty:
  Fix Released
Status in linux-meta source package in Xenial:
  Fix Released
Status in linux-meta-hwe source package in Xenial:
  Fix Released
Status in linux-meta-hwe-edge source package in Xenial:
  Fix Released
Status in linux-meta-lts-xenial source package in Xenial:
  Fix Committed
Status in linux-meta-oem source package in Xenial:
  Fix Released
Status in linux-meta source package in Zesty:
  Invalid
Status in linux-meta source package in Artful:
  Fix Released
Status in linux-meta source package in Bionic:
  Triaged

Bug description:
  From time to time, CPU vendors release updates to microcode that can
  be loaded into the CPU from the OS.  For x86, we have these updates
  available in the archive as amd64-microcode and intel-microcode.

  Sometimes, these microcode updates have addressed security issues with
  the CPU.  They almost certainly will again in the future.

  We should ensure that all users of Ubuntu on baremetal x86 receive
  these security updates, and have them applied to the CPU in early boot
  where at all feasible.

  Because these are hardware-dependent packages which we don't want to
  install except on baremetal (so: not in VMs or containers), the
  logical place to pull them into the system is via the kernel, so that
  only the kernel baremetal flavors pull them in.  This is analogous to
  linux-firmware, which is already a dependency of the linux-
  image-{lowlatency,generic} metapackages, and whose contents are
  applied to the hardware by the kernel similar to microcode.

  So, please update the linux-image-{lowlatency,generic} metapackages to
  add a dependency on amd64-microcode [amd64], intel-microcode [amd64],
  and the corresponding hwe metapackages also.

  Please time this change to coincide with the next updates of the
  microcode packages in the archive.

  I believe we will also need to promote the *-microcode packages to
  main from restricted as part of this (again, by analogy with linux-
  firmware).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1738259/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-azure - 4.15.0-1012.12

---
linux-azure (4.15.0-1012.12) bionic; urgency=medium

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Add versioned dependency for linux-base

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

linux-azure (4.15.0-1011.11) bionic; urgency=medium

  * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294)

  * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564)
- fsnotify: Fix fsnotify_mark_connector race

 -- Stefan Bader   Wed, 16 May 2018 18:31:36
+0200

** Changed in: linux-azure (Ubuntu Bionic)
   Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

** Changed in: linux-azure (Ubuntu Bionic)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure in Ubuntu.
https://bugs.launchpad.net/bugs/1765564

Title:
  fsnotify: Fix fsnotify_mark_connector race

Status in Linux:
  New
Status in linux-azure package in Ubuntu:
  In Progress
Status in linux-azure source package in Xenial:
  Fix Released
Status in linux-azure source package in Bionic:
  Fix Released

Bug description:
  On Azure we have had sporadic cases of soft lockups in fsnotify that
  may very well be mitigated by the following fix. The LKML thread is
  "kernel panics with 4.14.X".

  This should be applied to 4.13 and 4.15 versions of the linux-azure
  kernel, and possibly the 4.15 generic kernel in bionic as well.

  -

  fsnotify() acquires a reference to a fsnotify_mark_connector through
  the SRCU-protected pointer to_tell->i_fsnotify_marks. However, it
  appears that no precautions are taken in fsnotify_put_mark() to
  ensure that fsnotify() drops its reference to this
  fsnotify_mark_connector before assigning a value to its 'destroy_next'
  field. This can result in fsnotify_put_mark() assigning a value
  to a connector's 'destroy_next' field right before fsnotify() tries to
  traverse the linked list referenced by the connector's 'list' field.
  Since these two fields are members of the same union, this behavior
  results in a kernel

[Kernel-packages] [Bug 1765010] Re: Xenial update to 4.4.128 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1763630] Re: Unable to start docker application with B-KVM kernel

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-kvm - 4.15.0-1010.10

---
linux-kvm (4.15.0-1010.10) bionic; urgency=medium

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-kvm (4.15.0-1009.9) bionic; urgency=medium

  * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * Unable to start docker application with B-KVM kernel (LP: #1763630)
- kvm: [config] enable NF_NAT, NF_CONNTRACK
- kvm: [config] enable IP_NF_TABLES

  * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
(LP: #1764975)
- kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM}

  * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985)
- kvm: [config] enable CONFIG_VMAP_STACK

  * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
kvm kernel (LP: #1766832)
- kvm: [config] enable CONFIG_MODULE_UNLOAD

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Thu, 17 May 2018 10:30:53
+0200

** Changed in: linux-kvm (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

** Changed in: linux-kvm (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1763630

Title:
  Unable to start docker application with B-KVM kernel

Status in linux-kvm package in Ubuntu:
  Fix Committed
Status in linux-kvm source package in Bionic:
  Fix Released

Bug description:
  Similar to bug 1760660, docker.io package installation on B-KVM will
  fail with:

  Setting up docker.io (17.03.2-0ubuntu5) ...
  Job for docker.service failed because the control process exited with error 
code.
  See "systemctl status docker.service" and "journalctl -xe" for details.
  invoke-rc.d: initscript docker, action "start" failed.
  ● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor 
preset: enabled)
     Active: failed (Result: exit-code) since Fri 2018-04-13

[Kernel-packages] [Bug 1764810] Re: Xenial: rfkill: fix missing return on rfkill_init

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764367] Re: Xenial update to 4.4.121 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764762] Re: Xenial update to 4.4.124 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764973] Re: Xenial update to 4.4.125 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764627] Re: Xenial update to 4.4.122 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1763630] Re: Unable to start docker application with B-KVM kernel

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-kvm - 4.15.0-1010.10

---
linux-kvm (4.15.0-1010.10) bionic; urgency=medium

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-kvm (4.15.0-1009.9) bionic; urgency=medium

  * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * Unable to start docker application with B-KVM kernel (LP: #1763630)
- kvm: [config] enable NF_NAT, NF_CONNTRACK
- kvm: [config] enable IP_NF_TABLES

  * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
(LP: #1764975)
- kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM}

  * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985)
- kvm: [config] enable CONFIG_VMAP_STACK

  * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
kvm kernel (LP: #1766832)
- kvm: [config] enable CONFIG_MODULE_UNLOAD

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Thu, 17 May 2018 10:30:53
+0200

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1763630

Title:
  Unable to start docker application with B-KVM kernel

Status in linux-kvm package in Ubuntu:
  Fix Committed
Status in linux-kvm source package in Bionic:
  Fix Released

Bug description:
  Similar to bug 1760660, docker.io package installation on B-KVM will
  fail with:

  Setting up docker.io (17.03.2-0ubuntu5) ...
  Job for docker.service failed because the control process exited with error 
code.
  See "systemctl status docker.service" and "journalctl -xe" for details.
  invoke-rc.d: initscript docker, action "start" failed.
  ● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor 
preset: enabled)
     Active: failed (Result: exit-code) since Fri 2018-04-13 08:42:36 UTC; 10ms 
ago
   Docs: https://docs.docker.com
    Process: 1265 ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_OPTS 
(code=exited, status=1/FAILURE)
   Main PID: 1265 (code=exited, status=1/FAILURE)

  Apr 13 08:42:36 gummo dockerd[1265]:

[Kernel-packages] [Bug 1764666] Re: Xenial update to 4.4.123 stable release

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.4.0-127.153

---
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Set or clear security feature flags
- powerpc/64s: Move cpu_show_meltdown()
- powerpc/64s: Enhance the information in cpu_show_meltdown()
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/64s: Wire up cpu_show_spectre_v1()
- powerpc/64s: Wire up cpu_show_spectre_v2()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
  entry/exit

  * CVE-2018-3639 (x86)
- SAUCE: Clean up IBPB and IBRS control functions and macros
- SAUCE: Fix up IBPB and IBRS kernel parameters documentation
- SAUCE: Remove #define X86_FEATURE_PTI
- x86/cpufeature: Move some of the scattered feature bits to x86_capability
- x86/cpufeature: Cleanup get_cpu_cap()
- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
- x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
- x86/cpufeatures: Add Intel feature bits for Speculation Control
- SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
- x86/cpufeatures: Add AMD feature bits for Speculation Control
- x86/msr: Add definitions for new speculation control MSRs
- SAUCE: x86/msr: Rename MSR spec control feature bits
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 
microcodes
- x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) 
support
- x86/speculation: Add  dependency
- x86/cpufeatures: Clean up Spectre v2 related CPUID flags
- x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
- SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
- SAUCE: x86: Add alternative_msr_write
- SAUCE: x86/nospec: Simplify alternative_msr_write()
- SAUCE: x86/bugs: Concentrate bug detection into a separate function
- SAUCE: x86/bugs: Concentrate bug reporting into a separate function
- arch: Introduce post-init read-only memory
- SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS
- SAUCE: x86/bugs: Expose /sys/../spec_store_bypass
- SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS
- SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS
- SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if
  requested
- SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell
- SAUCE: prctl: Add speculation control prctls
- x86/process: Optimize TIF checks in __switch_to_xtra()
- SAUCE: x86/process: Allow runtime control of Speculative Store Bypass
- SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation
- SAUCE: nospec: Allow getting/setting on non-current task
- SAUCE: proc: Provide details on speculation flaw mitigations
- SAUCE: seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- SAUCE: x86/bugs: Make boot modes __ro_after_init
- SAUCE: prctl: Add force disable speculation
- SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE
- selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
- SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation
- SAUCE: seccomp: Move speculation migitation control to arch code
- SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative
  Store Bypass
- SAUCE: x86/bugs: Rename _RDS to _SSBD
- SAUCE: proc: Use underscores for SSBD in 'status'
- SAUCE: Documentation/spec_ctrl: Do some minor cleanups
- SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type
- SAUCE: x86/bugs: Make cpu_show_common() static

[Kernel-packages] [Bug 1764975] Re: test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-kvm - 4.15.0-1010.10

---
linux-kvm (4.15.0-1010.10) bionic; urgency=medium

  [ Ubuntu: 4.15.0-22.24 ]

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations
  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-kvm (4.15.0-1009.9) bionic; urgency=medium

  * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * Unable to start docker application with B-KVM kernel (LP: #1763630)
- kvm: [config] enable NF_NAT, NF_CONNTRACK
- kvm: [config] enable IP_NF_TABLES

  * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
(LP: #1764975)
- kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM}

  * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985)
- kvm: [config] enable CONFIG_VMAP_STACK

  * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15
kvm kernel (LP: #1766832)
- kvm: [config] enable CONFIG_MODULE_UNLOAD

  [ Ubuntu: 4.15.0-21.22 ]

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)
  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)
  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools
  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Thu, 17 May 2018 10:30:53
+0200

** Changed in: linux-kvm (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1764975

Title:
  test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel

Status in QA Regression Testing:
  Invalid
Status in linux package in Ubuntu:
  Invalid
Status in linux-kvm package in Ubuntu:
  Fix Committed
Status in linux source package in Bionic:
  Invalid
Status in linux-kvm source package in Bionic:
  Fix Released

Bug description:
  test_078_SLAB_freelist_randomization from ubuntu_qrt_kernel_security_test has 
failed with 4.15.0-1004-kvm
   
FAIL: test_078_SLAB_freelist_randomization (__main__.KernelSecurityTest)
Ensure CONFIG_SLAB_FREELIST_RANDOM is set
--
Traceback (most recent call last):
  File "./test-kernel-security.py", line 936, in 
test_078_SLAB_freelist_randomization

[Kernel-packages] [Bug 1764684] Re: Fix an issue that some PCI devices get incorrectly suspended

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1766398] Re: set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1766477] Re: Change the location for one of two front mics on a lenovo thinkcentre machine

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-oem - 4.13.0-1028.31

---
linux-oem (4.13.0-1028.31) xenial; urgency=medium

  [ Ubuntu: 4.13.0-43.48 ]

  * CVE-2018-3639 (powerpc)
- SAUCE: rfi-flush: update H_CPU_* macro names to upstream
- SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
  upstream
- SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/64s: Allow control of RFI flush via debugfs
- powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
- powerpc/rfi-flush: Always enable fallback flush on pseries
- powerpc/rfi-flush: Differentiate enabled and patched flush types
- powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
- powerpc: Add security feature flags for Spectre/Meltdown
- powerpc/powernv: Set or clear security feature flags
- powerpc/pseries: Set or clear security feature flags
- powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
- powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
- powerpc/pseries: Fix clearing of security feature flags
- powerpc: Move default security feature flags
- powerpc/pseries: Restore default security feature flags on setup
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
  * CVE-2018-3639 (x86)
- SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
- SAUCE: x86: Add alternative_msr_write
- x86/nospec: Simplify alternative_msr_write()
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/msr: Add definitions for new speculation control MSRs
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- SAUCE: x86/bugs: Honour SPEC_CTRL default
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static
  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux-oem (4.13.0-1027.30) xenial; urgency=medium

  * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996)

  * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398)
- ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags

  * Change the location for one of two front mics on a lenovo thinkcentre
machine (LP: #1766477)
- ALSA: hda/realtek - adjust the location of one mic

  * Update btusb reset-resume quirk to decrease power usage (LP: #1766197)
- SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA 
Rome
  Bluetooth"
- Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
- Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
- Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table

  * Update Aquantia driver to fix various issues (LP: #1759303)
- SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down"
- SAUCE: Revert "net: aquantia: Add queue restarts stats counter"
- SAUCE: Revert "net: aquantia: Fixed transient link up/down/up 
notification"
- SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of
  cpus"
- SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver

[Kernel-packages] [Bug 1767133] Re: linux-image-4.15.0-20-generic install after upgrade from xenial breaks

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux-hwe-edge - 4.15.0-22.24~16.04.1

---
linux-hwe-edge (4.15.0-22.24~16.04.1) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations

  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.15.0-21.22) bionic; urgency=medium

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)

  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Tue, 15 May 2018 07:41:28
+0200

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1767133

Title:
  linux-image-4.15.0-20-generic install after upgrade from xenial breaks

Status in linux package in Ubuntu:
  Fix Committed
Status in linux-hwe-edge package in Ubuntu:
  Invalid
Status in linux source package in Xenial:
  Invalid
Status in linux-hwe-edge source package in Xenial:
  Fix Released
Status in linux source package in Bionic:
  Fix Released
Status in linux-hwe-edge source package in Bionic:
  Invalid

Bug description:
  [Impact]
  Some upgrades from xenial to bionic break.

  [Test Case]
  Change sources.list from xenial to bionic, then apt install 
linux-image-4.15.0-20-generic.

  [Regression Potential]
  The kernel may be uninstallable if there is no linux-base with the 
appropriate version in the archive.

  

  When installing the linux-image-4.15.0-20-generic kernel from bionic
  on xenial breaks because of the unversioned Depends on linux-base.

  /var/lib/dpkg/info/linux-image-4.15.0-20-generic.postinst: 50: 
/var/lib/dpkg/info/linux-image-4.15.0-20-generic.postinst: 
linux-update-symlinks: not found
  dpkg: error processing package linux-image-4.15.0-20-generic (--configure):
   subprocess installed post-installation script returned error exit status 127
  Errors were encountered while processing:
   linux-image-4.15.0-20-generic
  E: Sub-process /usr/bin/dpkg returned an error code (1)

  If the trigger is called, when some meta packages are installed, it
  won't happen. If all packages are upgraded, it's possible linux-base
  is going to be upgraded first, so the problem won't happen either.

  So, not all upgrades will be affected.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1767133/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe :

[Kernel-packages] [Bug 1766727] Re: initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04

2018-05-21 Thread Launchpad Bug Tracker 
This bug was fixed in the package linux - 4.15.0-22.24

---
linux (4.15.0-22.24) bionic; urgency=medium

  * CVE-2018-3639 (powerpc)
- powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit
- stf-barrier: set eieio instruction bit 6 for future optimisations

  * CVE-2018-3639 (x86)
- x86/nospec: Simplify alternative_msr_write()
- x86/bugs: Concentrate bug detection into a separate function
- x86/bugs: Concentrate bug reporting into a separate function
- x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
- x86/bugs, KVM: Support the combination of guest and host IBRS
- x86/bugs: Expose /sys/../spec_store_bypass
- x86/cpufeatures: Add X86_FEATURE_RDS
- x86/bugs: Provide boot parameters for the spec_store_bypass_disable
  mitigation
- x86/bugs/intel: Set proper CPU features and setup RDS
- x86/bugs: Whitelist allowed SPEC_CTRL MSR values
- x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
- x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
- x86/speculation: Create spec-ctrl.h to avoid include hell
- prctl: Add speculation control prctls
- x86/process: Allow runtime control of Speculative Store Bypass
- x86/speculation: Add prctl for Speculative Store Bypass mitigation
- nospec: Allow getting/setting on non-current task
- proc: Provide details on speculation flaw mitigations
- seccomp: Enable speculation flaw mitigations
- x86/bugs: Make boot modes __ro_after_init
- prctl: Add force disable speculation
- seccomp: Use PR_SPEC_FORCE_DISABLE
- seccomp: Add filter flag to opt-out of SSB mitigation
- seccomp: Move speculation migitation control to arch code
- x86/speculation: Make "seccomp" the default mode for Speculative Store
  Bypass
- x86/bugs: Rename _RDS to _SSBD
- proc: Use underscores for SSBD in 'status'
- Documentation/spec_ctrl: Do some minor cleanups
- x86/bugs: Fix __ssb_select_mitigation() return type
- x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
upstream prctls (LP: #1769263) // CVE-2018-3639
- SAUCE: LSM stacking: adjust prctl values

linux (4.15.0-21.22) bionic; urgency=medium

  * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)

  * initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
16.04 to 18.04  (LP: #1766727)
- Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
(LP: #1767133)
- Packaging: Depends on linux-base that provides the necessary tools

  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
(LP: #1766629)
- linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

 -- Stefan Bader   Tue, 15 May 2018 07:41:28
+0200

** Changed in: linux (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639

** Changed in: linux-hwe-edge (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1766727

Title:
  initramfs-tools exception during pm.DoInstall with  do-release-upgrade
  from 16.04 to 18.04

Status in Ubuntu on IBM z Systems:
  Fix Released
Status in initramfs-tools package in Ubuntu:
  Invalid
Status in linux package in Ubuntu:
  Fix Committed
Status in linux-hwe-edge package in Ubuntu:
  Fix Committed
Status in s390-tools package in Ubuntu:
  Fix Released
Status in ubuntu-release-upgrader package in Ubuntu:
  Invalid
Status in initramfs-tools source package in Xenial:
  Invalid
Status in linux source package in Xenial:
  New
Status in linux-hwe-edge source package in Xenial:
  Fix Released
Status in s390-tools source package in Xenial:
  Fix Released
Status in ubuntu-release-upgrader source package in Xenial:
  Invalid
Status in initramfs-tools source package in Bionic:
  Invalid
Status in linux source package in Bionic:
  Fix Released
Status in linux-hwe-edge source package in Bionic:
  Invalid
Status in s390-tools source package in Bionic:
  Fix Released
Status in ubuntu-release-upgrader source package in Bionic:
  Invalid

Bug description:
  [Impact]
  Upgrades of linux-image-generic-hwe-16.04-edge will fail to configure because 
the post-update script for zipl will fail.

  [Test Case]
  Upgrade linux-image-generic-hwe-16.04-edge from xenial to xenial-proposed on 
s390x.

  [Regression]
  zipl update on s390x might fail, causing the system to be unbootable.

  
  

  Upgrading from 16.04 to 18.04 using 'do-release-upgrade -d' results
  in:

  Errors were encountered while processing:
   initramfs-tools
  Exception during pm.DoInstall():  E:Sub-process /usr/bin/dpkg

  1   2   3   >