[Kernel-packages] [Bug 1772575] [NEW] Kernel 4.4 NBD size overflow with image size exceeding 1TB
Public bug reported: Release 16.04, kernel 4.4.0-124-generic There's an issue in kernel's NBD module which prevents some larger images to be correctly "connected" , largely described here: https://github.com/NetworkBlockDevice/nbd/issues/44 There is a small patch here that was accepted into mainline 4.10: https://www.spinics.net/lists/linux-block/msg07060.html This is a regression from the previous LTS 3.13 kernel. Here is a small example of the faulty behaviour: # qemu-img create -f qcow2 test.img 1100G Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 lazy_refcounts=off refcount_bits=16 # qemu-nbd -c /dev/nbd0 test.img # blockdev --getsize64 /dev/nbd0 18446743055802302464 The correct response would be 1181116006400; this breaks most tools and makes the image unusable, e.g. # fdisk -l /dev/nbd0 fdisk: cannot open /dev/nbd0: Invalid argument ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB Status in linux package in Ubuntu: New Bug description: Release 16.04, kernel 4.4.0-124-generic There's an issue in kernel's NBD module which prevents some larger images to be correctly "connected" , largely described here: https://github.com/NetworkBlockDevice/nbd/issues/44 There is a small patch here that was accepted into mainline 4.10: https://www.spinics.net/lists/linux-block/msg07060.html This is a regression from the previous LTS 3.13 kernel. Here is a small example of the faulty behaviour: # qemu-img create -f qcow2 test.img 1100G Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 lazy_refcounts=off refcount_bits=16 # qemu-nbd -c /dev/nbd0 test.img # blockdev --getsize64 /dev/nbd0 18446743055802302464 The correct response would be 1181116006400; this breaks most tools and makes the image unusable, e.g. # fdisk -l /dev/nbd0 fdisk: cannot open /dev/nbd0: Invalid argument To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1728244] Re: Touchpad stops working after reboot on Apollo Lake
I finally managed to have a working 4.16.10 kernel (touchpad, gesture, buttons, sdcard, sound, etc...). I reverted this patch 0759e80b84e34a84e7e46e2b1adb528c83d84a47 (applied cleanly) and applied manually 0cc2b4e5a020fc7f4d1795741c116c983e9467d7. I'll attach a full diff later. So that's the proof that's the "PM / QoS: Fix device resume latency PM QoS" patch doesn't work on Thomson X6 (https://www.mythomson.com/fr_fr/ordinateurs-155-fr-fr/ultrabook-158-fr- fr/ultrabook-13-3-32-go-2452). @Hans, I'll contact you by email. Regards, Olivier -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1728244 Title: Touchpad stops working after reboot on Apollo Lake Status in Linux: Unknown Status in linux package in Ubuntu: Triaged Bug description: On the Jumper EZBook 3 Pro (V4) laptop, using an Apollo Lake N3450 processor, if you install Ubuntu 17.10 (or less) with isorespin and use rEFInd as bootloader (this is the only way to get linux booting on this laptop) everything works out of the box, but after a reboot or two the touchpad stops working. Both in Ubuntu and Windows 10. The only way to restore functionality is to boot from usb key ubuntu 17.10 respined, or disassemble laptop and detach-reattach battery cable. This is mesg | grep i2c_hid: [ 2056.460636] i2c_hid i2c-SYNA3602:00: i2c_hid_get_input: incomplete report (27/34) [ 3077.604699] i2c_hid i2c-SYNA3602:00: failed to reset device. [ 3077.605473] dpm_run_callback(): i2c_hid_resume+0x0/0xe0 [i2c_hid] returns -61 [ 3080.468156] i2c_hid i2c-SYNA3602:00: i2c_hid_get_input: incomplete report (27/34) uname -rvps Linux 4.10.0-32-generic #36~16.04.1-Ubuntu SMP Wed Aug 9 09:19:02 UTC 2017 x86_64 There has to be a bug in the kernel. Any way to avoid this? To manage notifications about this bug go to: https://bugs.launchpad.net/linux/+bug/1728244/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772573] Re: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned
** Tags removed: need-duplicate-check -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-signed in Ubuntu. https://bugs.launchpad.net/bugs/1772573 Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre- removal script subprocess returned error exit status 1 Status in linux-signed package in Ubuntu: New Bug description: Upgrade to newer kernel failed via command line, I used Synaptic and there were 2 broken packages according to it. I removed/unmarked all but the current kernel "linux-image" files and that seems to have resolved the broken packages. I'm submitting this BEFORE I reboot just in case ProblemType: Package DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-20-generic 4.15.0-20.21 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 wmi ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 Date: Tue May 22 06:18:12 2018 DpkgTerminalLog: Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ... Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running kernel dpkg: error processing package linux-image-4.15.0-20-generic (--remove): installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 DuplicateSignature: package:linux-image-4.15.0-20-generic:4.15.0-20.21 Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running kernel dpkg: error processing package linux-image-4.15.0-20-generic (--remove): installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 ErrorMessage: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 InstallationDate: Installed on 2015-03-07 (1171 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3 PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2 apt 1.6.1 SourcePackage: linux-signed Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 UpgradeStatus: Upgraded to bionic on 2018-05-08 (13 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-signed/+bug/1772573/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772573] [NEW] package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess return
Public bug reported: Upgrade to newer kernel failed via command line, I used Synaptic and there were 2 broken packages according to it. I removed/unmarked all but the current kernel "linux-image" files and that seems to have resolved the broken packages. I'm submitting this BEFORE I reboot just in case ProblemType: Package DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-20-generic 4.15.0-20.21 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 wmi ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 Date: Tue May 22 06:18:12 2018 DpkgTerminalLog: Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ... Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running kernel dpkg: error processing package linux-image-4.15.0-20-generic (--remove): installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 DuplicateSignature: package:linux-image-4.15.0-20-generic:4.15.0-20.21 Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running kernel dpkg: error processing package linux-image-4.15.0-20-generic (--remove): installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 ErrorMessage: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 InstallationDate: Installed on 2015-03-07 (1171 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3 PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2 apt 1.6.1 SourcePackage: linux-signed Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 UpgradeStatus: Upgraded to bionic on 2018-05-08 (13 days ago) ** Affects: linux-signed (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-signed in Ubuntu. https://bugs.launchpad.net/bugs/1772573 Title: package linux-image-4.15.0-20-generic 4.15.0-20.21 failed to install/upgrade: installed linux-image-4.15.0-20-generic package pre- removal script subprocess returned error exit status 1 Status in linux-signed package in Ubuntu: New Bug description: Upgrade to newer kernel failed via command line, I used Synaptic and there were 2 broken packages according to it. I removed/unmarked all but the current kernel "linux-image" files and that seems to have resolved the broken packages. I'm submitting this BEFORE I reboot just in case ProblemType: Package DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-20-generic 4.15.0-20.21 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs rfcomm pci_stub bnep uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_core videodev media rtsx_usb_ms memstick btusb btrtl btbcm btintel bluetooth rtl8723be btcoexist rtl8723_common rtl_pci rtlwifi mac80211 intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp cfg80211 snd_hda_codec_hdmi snd_hda_codec_conexant snd_hda_codec_generic snd_hda_intel snd_hda_codec intel_cstate intel_rapl_perf snd_hda_core mei_me mei lpc_ich ideapad_laptop sparse_keymap shpchp mac_hid rtsx_usb_sdmmc rtsx_usb nouveau i915 mxm_wmi r8169 wmi ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 Date: Tue May 22 06:18:12 2018 DpkgTerminalLog: Removing linux-modules-extra-4.15.0-20-generic (4.15.0-20.21) ... Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running kernel dpkg: error processing package linux-image-4.15.0-20-generic (--remove): installed linux-image-4.15.0-20-generic package pre-removal script subprocess returned error exit status 1 DuplicateSignature: package:linux-image-4.15.0-20-generic:4.15.0-20.21 Removing linux-image-4.15.0-20-generic (4.15.0-20.21) ... E: Aborting removal of the running
[Kernel-packages] [Bug 1636382] Re: [Ubuntu 16.10] Host BT couldn't send file to device on platform with Intel BT card like 8260/3168/8265
[Expired for bluez (Ubuntu) because there has been no activity for 60 days.] ** Changed in: bluez (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/1636382 Title: [Ubuntu 16.10] Host BT couldn't send file to device on platform with Intel BT card like 8260/3168/8265 Status in bluez package in Ubuntu: Expired Bug description: Platform information: BT Card: intel 3168/8265/8260 OS: Ubuntu 16.10 release Kernel: 4.8.0-27-generic Details: 1. Open Bluetooth Setting UI: set Bluetooth and Visble ON 2. Open Bluetooth on Phone and Pair with Host 3. On Bluetooth Setting UI, send a file from the host to the paired Phone and there is no response on the two devices. 4. Ubuntu 16.04 doesn't have such issue To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1636382/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771844] Comment bridged from LTC Bugzilla
--- Comment From kamale...@in.ibm.com 2018-05-22 00:13 EDT--- (In reply to comment #5) > I built a test kernel with commit df78d3f6148092d33a9a24c7a9cfac3d0220b484. > The test kernel can be downloaded from: > http://kernel.ubuntu.com/~jsalisbury/lp1771844 > > Can you test this kernel and see if it resolves this bug? > > Note about installing test kernels: > ? If the test kernel is prior to 4.15(Bionic) you need to install the > linux-image and linux-image-extra .deb packages. > ? If the test kernel is 4.15(Bionic) or newer, you need to install the > linux-image-unsigned, linux-modules and linux-modules-extra .deb packages. > > Thanks in advance! Thanks for building the kernel with the patch. Can you share the kernel sources, so that can I build the livepatch modules based on the sources. Standard .config, does not build the samples/livepatch to do the basic testing. cat /boot/config-4.15.0-20-generic |grep -i livepatch CONFIG_HAVE_LIVEPATCH=y CONFIG_LIVEPATCH=y I would also try to build livepatch modules other than the sample modules in the kernel sources to verify save_stack_trace functionality. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1771844 Title: powerpc/livepatch: Implement reliable stack tracing for the consistency model Status in The Ubuntu-power-systems project: Triaged Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Status in linux source package in Cosmic: In Progress Bug description: == Comment: #0 - Kamalesh Babulal - 2018-05-15 09:37:52 == Livepatch has a consistency model which is a hybrid of kGraft and kpatch: it uses kGraft's per-task consistency and syscall barrier switching combined with kpatch's stack trace switching. The current approach is stack checking of sleeping tasks. If no affected functions are on the stack of a given task, the task is patched. In most cases this will patch most or all of the tasks on the first try. Otherwise, it'll keep trying periodically. This patch implements the reliable stack tracing for consistency model a.k.a HAVE_RELIABLE_STACKTRACE. This will help in switching livepatching implementation to basic per- task consistency model. It is the foundation, which will help us enable security patches changing function or data semantics. This is the biggest remaining piece needed on ppc64le to make livepatch more generally useful. https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=df78d3f6148092d33a9a24c7a9cfac To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1771844/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1751213] Re: kernel security test report that the lttng_probe_writeback module is tainted on Bionic s390x
Hi Colin, did you successfully have this issue reproduced on your side? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1751213 Title: kernel security test report that the lttng_probe_writeback module is tainted on Bionic s390x Status in lttng-modules: New Status in linux package in Ubuntu: In Progress Bug description: This issue was only spotted on Bionic s390x instances. FAIL: test_140_kernel_modules_not_tainted (__main__.KernelSecurityTest) kernel modules are not marked with a taint flag (especially 'E' for TAINT_UNSIGNED_MODULE) -- Traceback (most recent call last): File "./test-kernel-security.py", line 1727, in test_140_kernel_modules_not_tainted self.fail('Module \'%s\' is tainted: %s' % (fields[0], last_field)) AssertionError: Module 'lttng_probe_writeback' is tainted: (OE) ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-10-generic 4.15.0-10.11 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic s390x NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 2: ls: cannot access '/dev/snd/': No such file or directory AplayDevices: Error: [Errno 2] No such file or directory: 'aplay': 'aplay' ApportVersion: 2.20.8-0ubuntu10 Architecture: s390x ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord': 'arecord' CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. CurrentDmesg: Date: Fri Feb 23 07:43:00 2018 HibernationDevice: RESUME=UUID=caaee9b2-6bc1-4c8e-b26c-69038c092091 IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig': 'iwconfig' Lspci: Lsusb: Error: command ['lsusb'] failed with exit code 1: PciMultimedia: ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=C SHELL=/bin/bash ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb' ProcKernelCmdLine: root=UUID=c7d7bbcb-a039-4ead-abfe-7672dea0add4 crashkernel=196M RelatedPackageVersions: linux-restricted-modules-4.15.0-10-generic N/A linux-backports-modules-4.15.0-10-generic N/A linux-firmware 1.171 RfKill: Error: [Errno 2] No such file or directory: 'rfkill': 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/lttng-modules/+bug/1751213/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1762385] Re: dell_wmi: Unknown key codes
** Changed in: oem-priority Status: New => Confirmed ** Changed in: oem-priority Importance: Undecided => Critical -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1762385 Title: dell_wmi: Unknown key codes Status in OEM Priority Project: Confirmed Status in linux package in Ubuntu: Confirmed Status in systemd package in Ubuntu: Fix Committed Status in systemd source package in Xenial: New Status in systemd source package in Bionic: New Status in systemd source package in Cosmic: Fix Committed Bug description: [Impact] * Bogus keycode messages produced by the kernel / user annoyance * rfkill keyboard shortcuts not working as intended on some Dell machines [Test Case] * check that there are no spurious kernel messages about unknown keys in journalctl upon RFKill key presses * check that RFKill key presses work correctly and kill/restore RF capabilities [Regression Potential] * The change is scoped to particular SKUs and thus should only affect them * It is related to matching gsd support, which is in-place on xenial and up [Solution] Cherrypick upstream commit https://github.com/systemd/systemd/commit/cab01e9ecf1c69656785e64f5fc94cd4ed09e57f [Original Bug report] RFKill key produces these messages in kernel log: dell_wmi: Unknown key with type 0x0010 and code 0xe008 pressed This key code is a notification and should be added as KEY_IGNORE here: https://github.com/torvalds/linux/blob/master/drivers/platform/x86 /dell-wmi.c#L263 ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-15-generic 4.15.0-15.16 ProcVersionSignature: Ubuntu 4.15.0-15.16-generic 4.15.15 Uname: Linux 4.15.0-15-generic x86_64 ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: dmig 2737 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 18:09:03 2018 InstallationDate: Installed on 2018-03-27 (12 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180327) MachineType: Dell Inc. Inspiron 5379 ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/@/boot/vmlinuz-4.15.0-15-generic root=UUID=9745e22b-0b19-4a7d-98a0-1a4bc5b19d99 ro rootflags=subvol=@ quiet splash vt.handoff=1 RelatedPackageVersions: linux-restricted-modules-4.15.0-15-generic N/A linux-backports-modules-4.15.0-15-generic N/A linux-firmware 1.173 SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/31/2018 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.6.0 dmi.board.name: 0C6J64 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.6.0:bd01/31/2018:svnDellInc.:pnInspiron5379:pvr:rvnDellInc.:rn0C6J64:rvrA00:cvnDellInc.:ct10:cvr: dmi.product.family: Inspiron dmi.product.name: Inspiron 5379 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1762385/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772508] Re: [18.04] [regression testing] ubuntu_qrt_kernel_security tests failing on s390x
*** This bug is a duplicate of bug 1751213 *** https://bugs.launchpad.net/bugs/1751213 ** This bug has been marked a duplicate of bug 1751213 kernel security test report that the lttng_probe_writeback module is tainted on Bionic s390x -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772508 Title: [18.04] [regression testing] ubuntu_qrt_kernel_security tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: see logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772508/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772515] Re: [18.04] [regression testing] ubuntu_unionmount_overlayfs_suite tests failing on s390x
*** This bug is a duplicate of bug 1751243 *** https://bugs.launchpad.net/bugs/1751243 ** This bug has been marked a duplicate of bug 1751243 ubuntu_unionmount_overlayfs_suite failed with Bionic kernel -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772515 Title: [18.04] [regression testing] ubuntu_unionmount_overlayfs_suite tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: see logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772515/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772499] Re: [18.04] [regression testing] scrashme tests failing on s390x
*** This bug is a duplicate of bug 1689240 *** https://bugs.launchpad.net/bugs/1689240 ** This bug has been marked a duplicate of bug 1689240 scrashme failed to build on s390x -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772499 Title: [18.04] [regression testing] scrashme tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: need to review the logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772499/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772501] Re: [18.04] [regression testing] ubuntu_bpf tests failing on s390x
*** This bug is a duplicate of bug 1711299 *** https://bugs.launchpad.net/bugs/1711299 ** This bug has been marked a duplicate of bug 1711299 ubuntu_bpf test failed to build on s390x system -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772501 Title: [18.04] [regression testing] ubuntu_bpf tests failing on s390x Status in linux package in Ubuntu: Incomplete Bug description: see logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772501/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1689240] Re: scrashme failed to build on s390x
** Summary changed: - scrashme failed to build on LPAR Ubuntu + scrashme failed to build on s390x ** Tags added: artful boinic xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1689240 Title: scrashme failed to build on s390x Status in linux package in Ubuntu: Confirmed Bug description: This test case failed to build on LPAR Ubuntu (s2lp4) Maybe we should disable it from the test suite. cc -Wall -W -Wshadow -g -O2 -o scrashme.o -c scrashme.c Makefile:13: recipe for target 'scrashme.o' failed stderr: scrashme.c: In function 'mkcall': scrashme.c:150:13: error: 'NR_SYSCALLS' undeclared (first use in this function) if (call > NR_SYSCALLS) ^~~ scrashme.c:150:13: note: each undeclared identifier is reported only once for each function it appears in scrashme.c: In function 'do_syscall': scrashme.c:258:27: error: 'NR_SYSCALLS' undeclared (first use in this function) cl = rand() / (RAND_MAX/NR_SYSCALLS); ^~~ scrashme.c: In function 'syscall_list': scrashme.c:293:15: error: 'NR_SYSCALLS' undeclared (first use in this function) for (i=0; i<=NR_SYSCALLS; i++) { ^~~ scrashme.c: In function 'parse_args': scrashme.c:337:18: error: 'NR_SYSCALLS' undeclared (first use in this function) for (i=0; i<=NR_SYSCALLS; i++) { ^~~ scrashme.c:371:13: error: 'KERNEL_ADDR' undeclared (first use in this function) regval = KERNEL_ADDR; ^~~ scrashme.c: In function 'run_mode': scrashme.c:522:15: error: 'NR_SYSCALLS' undeclared (first use in this function) if (rep > NR_SYSCALLS) { ^~~ scrashme.c: In function 'main': scrashme.c:588:13: error: 'syscalls_i386' undeclared (first use in this function) syscalls = syscalls_i386; ^ scrashme.c: In function 'run_setup': scrashme.c:467:2: warning: ignoring return value of 'seteuid', declared with attribute warn_unused_result [-Wunused-result] seteuid(65536); ^~ scrashme.c:468:2: warning: ignoring return value of 'seteuid', declared with attribute warn_unused_result [-Wunused-result] seteuid(65536); ^~ scrashme.c:469:2: warning: ignoring return value of 'setgid', declared with attribute warn_unused_result [-Wunused-result] (void)setgid(65536); ^~~ scrashme.c:470:2: warning: ignoring return value of 'seteuid', declared with attribute warn_unused_result [-Wunused-result] seteuid(65536); ^~ scrashme.c:486:2: warning: ignoring return value of 'chroot', declared with attribute warn_unused_result [-Wunused-result] chroot("tmp"); ^ make: *** [scrashme.o] Error 1 ProblemType: Bug DistroRelease: Ubuntu 16.10 Package: linux-image-4.8.0-52-generic 4.8.0-52.55 ProcVersionSignature: Ubuntu 4.8.0-52.55-generic 4.8.17 Uname: Linux 4.8.0-52-generic s390x NonfreeKernelModules: zfs zunicode zcommon znvpair zavl AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 2: ls: cannot access '/dev/snd/': No such file or directory AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.3-0ubuntu8.2 Architecture: s390x ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. Date: Mon May 8 03:25:31 2017 HibernationDevice: RESUME=UUID=46fcf640-03e2-4fd5-b7d6-321d6a11ff8d IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Error: command ['lsusb'] failed with exit code 1: PciMultimedia: ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb' ProcKernelCmdLine: root=UUID=4a1de891-d624-42df-be09-50199aec3d11 crashkernel=196M debug BOOT_IMAGE=0 RelatedPackageVersions: linux-restricted-modules-4.8.0-52-generic N/A linux-backports-modules-4.8.0-52-generic N/A linux-firmware1.161.1 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1689240/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772504] Re: [18.04] [regression testing] ubuntu_bpf_jit test failing on s390x
*** This bug is a duplicate of bug 1753941 *** https://bugs.launchpad.net/bugs/1753941 ** This bug has been marked a duplicate of bug 1753941 ubuntu_bpf_jit test failed on Bionic s390x systems -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772504 Title: [18.04] [regression testing] ubuntu_bpf_jit test failing on s390x Status in linux package in Ubuntu: Triaged Bug description: see logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1768435] Re: aio-dio-extend-stat test in aio_dio_bugs failed on s390x
** Tags added: artful bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1768435 Title: aio-dio-extend-stat test in aio_dio_bugs failed on s390x Status in linux package in Ubuntu: Triaged Status in linux source package in Xenial: Triaged Bug description: It can be reproduced on zVM, zKVM and Ubuntu on LPAR This should not be considered as a regression, the test suite stopped on the first test in this test suite before. Steps: 1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git 2. make -C autotest-client-tests/aio_dio_bugs/src 3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-extend-stat file Running 'apt-get install --yes --force-yes build-essential gcc' Reading package lists... Building dependency tree... Reading state information... build-essential is already the newest version (12.1ubuntu2). gcc is already the newest version (4:5.3.1-1ubuntu1). The following packages were automatically installed and are no longer required: linux-headers-4.4.0-121 linux-headers-4.4.0-121-generic linux-image-4.4.0-121-generic linux-image-extra-4.4.0-121-generic Use 'sudo apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Running 'which gcc' /usr/bin/gcc Dependency libaio successfully built Running 'LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-extend-stat file' write of 1024 bytes @0 finished, expected filesize at least 1024, but got 0 Exception escaping from test: Traceback (most recent call last): File "/home/ubuntu/autotest/client/shared/test.py", line 411, in _exec _call_test_function(self.execute, *p_args, **p_dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 823, in _call_test_function return func(*args, **dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 291, in execute postprocess_profiled_run, args, dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 212, in _call_run_once self.run_once(*args, **dargs) File "/home/ubuntu/autotest/client/tests/aio_dio_bugs/aio_dio_bugs.py", line 42, in run_once utils.system(var_ld_path + ' ' + cmd) File "/home/ubuntu/autotest/client/shared/utils.py", line 1232, in system verbose=verbose).exit_status File "/home/ubuntu/autotest/client/shared/utils.py", line 918, in run "Command returned non-zero exit status") CmdError: Command failed, rc=1, Command returned non-zero exit status * Command: LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-extend-stat file Exit status: 1 Duration: 0.10453414917 stdout: write of 1024 bytes @0 finished, expected filesize at least 1024, but got 0 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-123-generic 4.4.0-123.147 ProcVersionSignature: Ubuntu 4.4.0-123.147-generic 4.4.128 Uname: Linux 4.4.0-123-generic s390x NonfreeKernelModules: zfs zunicode zcommon znvpair zavl AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 2: ls: cannot access '/dev/snd/': No such file or directory AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.1-0ubuntu2.16 Architecture: s390x ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. CurrentDmesg: Date: Wed May 2 02:24:25 2018 HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345 IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Error: command ['lsusb'] failed with exit code 1: PciMultimedia: ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb' ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 crashkernel=196M BOOT_IMAGE=0 RelatedPackageVersions: linux-restricted-modules-4.4.0-123-generic N/A linux-backports-modules-4.4.0-123-generic N/A linux-firmware 1.157.17 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1768435/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1768430] Re: aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x
** Tags added: bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1768430 Title: aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x Status in linux package in Ubuntu: Triaged Status in linux source package in Xenial: Triaged Bug description: It can be reproduced on zVM, zKVM and Ubuntu on LPAR This should not be considered as a regression, the test suite stopped on the first test in this test suite before. Steps: 1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git 2. make -C autotest-client-tests/aio_dio_bugs/src 3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-subblock-eof-read eoftest Running 'apt-get install --yes --force-yes build-essential gcc' Reading package lists... Building dependency tree... Reading state information... build-essential is already the newest version (12.1ubuntu2). gcc is already the newest version (4:5.3.1-1ubuntu1). The following packages were automatically installed and are no longer required: linux-headers-4.4.0-121 linux-headers-4.4.0-121-generic linux-image-4.4.0-121-generic linux-image-extra-4.4.0-121-generic Use 'sudo apt autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Running 'which gcc' /usr/bin/gcc Dependency libaio successfully built Running 'LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-subblock-eof-read eoftest' buffered read returned -1, should be 300 Exception escaping from test: Traceback (most recent call last): File "/home/ubuntu/autotest/client/shared/test.py", line 411, in _exec _call_test_function(self.execute, *p_args, **p_dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 823, in _call_test_function return func(*args, **dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 291, in execute postprocess_profiled_run, args, dargs) File "/home/ubuntu/autotest/client/shared/test.py", line 212, in _call_run_once self.run_once(*args, **dargs) File "/home/ubuntu/autotest/client/tests/aio_dio_bugs/aio_dio_bugs.py", line 42, in run_once utils.system(var_ld_path + ' ' + cmd) File "/home/ubuntu/autotest/client/shared/utils.py", line 1232, in system verbose=verbose).exit_status File "/home/ubuntu/autotest/client/shared/utils.py", line 918, in run "Command returned non-zero exit status") CmdError: Command failed, rc=1, Command returned non-zero exit status * Command: LD_LIBRARY_PATH=/home/ubuntu/autotest/client/deps/libaio/lib/ /home/ubuntu/autotest/client/tmp/aio_dio_bugs/src/aio-dio-subblock-eof- read eoftest Exit status: 1 Duration: 0.00215792655945 stdout: buffered read returned -1, should be 300 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-123-generic 4.4.0-123.147 ProcVersionSignature: Ubuntu 4.4.0-123.147-generic 4.4.128 Uname: Linux 4.4.0-123-generic s390x NonfreeKernelModules: zfs zunicode zcommon znvpair zavl AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 2: ls: cannot access '/dev/snd/': No such file or directory AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.1-0ubuntu2.16 Architecture: s390x ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. CurrentDmesg: Date: Wed May 2 02:21:12 2018 HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345 IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Error: command ['lsusb'] failed with exit code 1: PciMultimedia: ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb' ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 crashkernel=196M BOOT_IMAGE=0 RelatedPackageVersions: linux-restricted-modules-4.4.0-123-generic N/A linux-backports-modules-4.4.0-123-generic N/A linux-firmware 1.157.17 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1768430/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1730895] Re: aio-dio-invalidate-failure test failed with event res -22 on s390x
** Tags added: bionix ** Tags removed: bionix ** Tags added: bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1730895 Title: aio-dio-invalidate-failure test failed with event res -22 on s390x Status in linux package in Ubuntu: Triaged Bug description: This bug is for tracking purpose, this is not a regression for current cycle as this issue exists for a long time. It can be reproduced on zVM, zKVM and Ubuntu on LPAR Steps: 1. git clone --depth=1 https://github.com/autotest/autotest-client-tests.git 2. make -C autotest-client-tests/aio_dio_bugs/src 3. sudo ./autotest-client-tests/aio_dio_bugs/src/aio-dio-invalidate-failure poo Result: event res -22 From the code itself, it's expecting a -EIO return value: if (event.res == -EIO) { printf("invalidation returned -EIO, OK\n"); exit(0); } The actual return value is -22, which I think is -EINVAL ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-100-generic 4.4.0-100.123 ProcVersionSignature: Ubuntu 4.4.0-100.123-generic 4.4.95 Uname: Linux 4.4.0-100-generic s390x NonfreeKernelModules: zfs zunicode zcommon znvpair zavl AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code 2: ls: cannot access '/dev/snd/': No such file or directory AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.1-0ubuntu2.10 Architecture: s390x ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' CRDA: Error: command ['iw', 'reg', 'get'] failed with exit code 1: nl80211 not found. CurrentDmesg: Date: Wed Nov 8 01:57:40 2017 HibernationDevice: RESUME=UUID=f578fa27-1d57-41c9-bb1d-7ff64c1c9345 IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Error: command ['lsusb'] failed with exit code 1: PciMultimedia: ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: Error: [Errno 2] No such file or directory: '/proc/fb' ProcKernelCmdLine: root=UUID=f26894a2-496d-4891-aa9a-f66344c9 crashkernel=196M BOOT_IMAGE=0 RelatedPackageVersions: linux-restricted-modules-4.4.0-100-generic N/A linux-backports-modules-4.4.0-100-generic N/A linux-firmware 1.157.13 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1730895/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772495] Re: [18.04] [regression testing] aio_dio_bugs tests failing on s390x
*** This bug is a duplicate of bug 1768430 *** https://bugs.launchpad.net/bugs/1768430 Duplicate of bug 1730895 bug 1768430 bug 1768435 ** This bug has been marked a duplicate of bug 1730895 aio-dio-invalidate-failure test failed with event res -22 on s390x ** This bug is no longer a duplicate of bug 1730895 aio-dio-invalidate-failure test failed with event res -22 on s390x ** This bug has been marked a duplicate of bug 1768430 aio-dio-subblock-eof-read test in aio_dio_bugs failed on s390x -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772495 Title: [18.04] [regression testing] aio_dio_bugs tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: need to examine the logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772495/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic
** Tags added: s390x ** Summary changed: - Unable to build libghugetlbfs test on 4.15 Bionic + Unable to build libhugetlbfs test on 4.15 Bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765279 Title: Unable to build libhugetlbfs test on 4.15 Bionic Status in linux package in Ubuntu: Incomplete Status in linux-kvm package in Ubuntu: Confirmed Bug description: When trying to build the libhugetlbfs test Bionic, it will fail with: CC32 obj32/linkhuge_nofd.o LD32 (hugelink test) obj32/linkhuge_nofd CC32 obj32/linkshare.o LD32 (hugelink test) obj32/linkshare LD32 (xB test) obj32/xB.linkhuge /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B' /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information collect2: error: ld returned 1 exit status Makefile:227: recipe for target 'obj32/xB.linkhuge' failed make[1]: *** [obj32/xB.linkhuge] Error 1 Makefile:242: recipe for target 'tests/all' failed make: *** [tests/all] Error 2 Steps: 1. git clone --depth=1 -b next https://github.com/libhugetlbfs/libhugetlbfs.git 2. cd libhugetlbfs 3. make ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3 ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10 Uname: Linux 4.15.0-1003-kvm x86_64 ApportVersion: 2.20.9-0ubuntu5 Architecture: amd64 Date: Thu Apr 19 04:44:08 2018 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: linux-kvm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux-kvm (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765279 Title: Unable to build libhugetlbfs test on 4.15 Bionic Status in linux package in Ubuntu: Incomplete Status in linux-kvm package in Ubuntu: Confirmed Bug description: When trying to build the libhugetlbfs test Bionic, it will fail with: CC32 obj32/linkhuge_nofd.o LD32 (hugelink test) obj32/linkhuge_nofd CC32 obj32/linkshare.o LD32 (hugelink test) obj32/linkshare LD32 (xB test) obj32/xB.linkhuge /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B' /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information collect2: error: ld returned 1 exit status Makefile:227: recipe for target 'obj32/xB.linkhuge' failed make[1]: *** [obj32/xB.linkhuge] Error 1 Makefile:242: recipe for target 'tests/all' failed make: *** [tests/all] Error 2 Steps: 1. git clone --depth=1 -b next https://github.com/libhugetlbfs/libhugetlbfs.git 2. cd libhugetlbfs 3. make ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3 ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10 Uname: Linux 4.15.0-1003-kvm x86_64 ApportVersion: 2.20.9-0ubuntu5 Architecture: amd64 Date: Thu Apr 19 04:44:08 2018 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: linux-kvm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1765279] Re: Unable to build libghugetlbfs test on 4.15 Bionic
** Changed in: linux (Ubuntu) Assignee: (unassigned) => Ubuntu Kernel Team (ubuntu-kernel-team) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765279 Title: Unable to build libhugetlbfs test on 4.15 Bionic Status in linux package in Ubuntu: Incomplete Status in linux-kvm package in Ubuntu: Confirmed Bug description: When trying to build the libhugetlbfs test Bionic, it will fail with: CC32 obj32/linkhuge_nofd.o LD32 (hugelink test) obj32/linkhuge_nofd CC32 obj32/linkshare.o LD32 (hugelink test) obj32/linkshare LD32 (xB test) obj32/xB.linkhuge /usr/bin/x86_64-linux-gnu-ld: unrecognized option '--hugetlbfs-link=B' /usr/bin/x86_64-linux-gnu-ld: use the --help option for usage information collect2: error: ld returned 1 exit status Makefile:227: recipe for target 'obj32/xB.linkhuge' failed make[1]: *** [obj32/xB.linkhuge] Error 1 Makefile:242: recipe for target 'tests/all' failed make: *** [tests/all] Error 2 Steps: 1. git clone --depth=1 -b next https://github.com/libhugetlbfs/libhugetlbfs.git 2. cd libhugetlbfs 3. make ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-1003-kvm 4.15.0-1003.3 ProcVersionSignature: User Name 4.15.0-1003.3-kvm 4.15.10 Uname: Linux 4.15.0-1003-kvm x86_64 ApportVersion: 2.20.9-0ubuntu5 Architecture: amd64 Date: Thu Apr 19 04:44:08 2018 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: linux-kvm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1765279/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772496] Re: [18.04] [regression testing] libhugetlbfs tests failing on s390x
*** This bug is a duplicate of bug 1765279 *** https://bugs.launchpad.net/bugs/1765279 ** This bug has been marked a duplicate of bug 1765279 Unable to build libghugetlbfs test on 4.15 Bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772496 Title: [18.04] [regression testing] libhugetlbfs tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: need to review the logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772496/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1730804] Re: [Bug] Crystal Ridge - verify error clearing on writes for per inode fs-dax
** Description changed: Description: A dax mounted filesystem redirects the read/write system calls through the dax paths as an optimization, but the dax path is unable to clear media errors. With per inode fs-dax, userspace can turn off dax using an ioctl, and clear errors using writes. Write a unit test to do that, and inform nvml of this reference way to do it. - Target Kernel: 4.16 + Target Kernel: 4.19 Target Release: 18.10 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1730804 Title: [Bug] Crystal Ridge - verify error clearing on writes for per inode fs-dax Status in intel: Incomplete Status in linux package in Ubuntu: Expired Bug description: Description: A dax mounted filesystem redirects the read/write system calls through the dax paths as an optimization, but the dax path is unable to clear media errors. With per inode fs-dax, userspace can turn off dax using an ioctl, and clear errors using writes. Write a unit test to do that, and inform nvml of this reference way to do it. Target Kernel: 4.19 Target Release: 18.10 To manage notifications about this bug go to: https://bugs.launchpad.net/intel/+bug/1730804/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: linux (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1758255 Title: lxc-tests package is not available in Bionic Status in linux package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Invalid Bug description: This lxc-tests required by the ubuntu_lxc test is not available on Bionic https://packages.ubuntu.com/search?keywords=lxc-tests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic
** Also affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1758255 Title: lxc-tests package is not available in Bionic Status in linux package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Invalid Bug description: This lxc-tests required by the ubuntu_lxc test is not available on Bionic https://packages.ubuntu.com/search?keywords=lxc-tests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1758255] Re: lxc-tests package is not available in Bionic
** Changed in: linux (Ubuntu) Assignee: (unassigned) => Ubuntu Kernel Team (ubuntu-kernel-team) ** Tags added: bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1758255 Title: lxc-tests package is not available in Bionic Status in linux package in Ubuntu: Confirmed Status in lxc package in Ubuntu: Invalid Bug description: This lxc-tests required by the ubuntu_lxc test is not available on Bionic https://packages.ubuntu.com/search?keywords=lxc-tests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758255/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1772507] Re: [18.04] [regression testing] ubuntu_lxc tests failing on s390x
*** This bug is a duplicate of bug 1758255 *** https://bugs.launchpad.net/bugs/1758255 ** This bug has been marked a duplicate of bug 1758255 lxc-tests package is not available in Bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772507 Title: [18.04] [regression testing] ubuntu_lxc tests failing on s390x Status in linux package in Ubuntu: Triaged Bug description: see logs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772507/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1723127] Re: Intel i40e PF reset due to incorrect MDD detection (continues...)
Hi, we still encounter this error in the latest 4.4.0 kernel. Our kernel version is ``` $ uname -r 4.4.0-122 $ dpkg -l|grep linux-image-4.4.0-122-generic ii linux-image-4.4.0-122-generic 4.4.0-122.146 amd64Linux kernel image for version 4.4.0 on 64 bit x86 SMP ``` -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1723127 Title: Intel i40e PF reset due to incorrect MDD detection (continues...) Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Won't Fix Status in linux source package in Xenial: Fix Released Status in linux source package in Artful: Fix Released Status in linux source package in Bionic: Fix Released Bug description: [impact] The i40e driver sometimes causes a "malicious device" event that the firmware detects, which causes the firmware to reset the nic, causing an interruption in the network connection - which can cause further problems, e.g. if the interface is in a bond; the reset will at least cause a temporary interruption in network traffic. [fix] The upstream patch to fix this adjusts how the driver fragments TX data; the "malicious driver" detected by the firmware is a result of incorrectly crafted TX fragment descriptors (the firmware has specific complicated restrictions on this). The patch is from Intel, and they suggested this specific patch to address the problem; additionally I have checked with someone who reported this to me and provided a test kernel with the patch to them, and they have been able to run ~6 weeks so far without reproducing the issue; previously they could reproduce it as quickly as a day, but usually within 2-3 weeks. [test case] the bug is unfortunately very difficult to reproduce, but as shown in this (and previous) bug comments, some users of the i40e have traffic that can consistently reproduce the problem (although usually on the order of days, or longer, to reproduce). Reproducing is easily detected, as the nw traffic will be interrupted and the system logs will contain a message like: i40e :02:00.1: TX driver issue detected, PF reset issued [regression potential] the patch for this alters how tx is fragmented by the driver, so a possible regression would likely cause problems in TX traffic and/or additional "malicious device detection" events. [original description] This is a continuation from bug 1713553; a patch was added in that bug to attempt to fix this, and it may have helped reduce the issue but appears not to have fixed it, based on more reports. The issue is the i40e driver, when TSO is enabled, sometimes sees the NIC firmware issue a "MDD event" where MDD is "Malicious Driver Detection". This is vaguely defined in the i40e spec, but with no way to tell what the NIC actually saw that it didn't like. So, the driver can do nothing but print an error message and reset the PF (or VF). Unfortunately, this resets the interface, which causes an interruption in network traffic flow while the PF is resetting. See bug 1713553 for more details. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1723127/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1087010] Re: kworker uses 70-90% of a CPU core (hyperthreaded)
** Tags removed: kernel-bug-exists-upstream-4.17-rc4 needs-filing-upstream ** Tags added: kernel-bug-exists-upstream-4.17-rc6 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1087010 Title: kworker uses 70-90% of a CPU core (hyperthreaded) Status in linux package in Ubuntu: Triaged Bug description: I see high (70-90%) cpu usage from a kworker thread. Usually kworker/0:1 or kworker/0:2. This does not always happen. On some boots all is fine but once it shows, rebooting does not make it go away. WORKAROUND: Execute: echo "disable" > /sys/firmware/acpi/interrupts/gpe13 ProblemType: Bug DistroRelease: Ubuntu 12.10 Package: linux-image-3.5.0-19-generic 3.5.0-19.30 ProcVersionSignature: Ubuntu 3.5.0-19.30-generic 3.5.7 Uname: Linux 3.5.0-19-generic x86_64 ApportVersion: 2.6.1-0ubuntu6 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: mio1965 F pulseaudio /dev/snd/pcmC0D0p: mio1965 F...m pulseaudio Date: Wed Dec 5 22:37:00 2012 HibernationDevice: RESUME=UUID=a371882c-0fe7-45e5-9adb-83da8374bc11 InstallationDate: Installed on 2012-10-10 (55 days ago) InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1) MachineType: SAMSUNG ELECTRONICS CO., LTD. 700Z7C MarkForUpload: True ProcEnviron: TERM=xterm PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.5.0-19-generic root=UUID=79674508-93de-43e0-b313-f6a9b480c606 ro crashkernel=384M-2G:64M,2G-:128M acpi_osi=Linux pcie_aspm=force i915.modeset=1 i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.semaphores=1 i915.powersave=1 snd_hda_intel.power_save_controller=1 snd_hda_intel.power_save=1 quiet splash vt.handoff=7 PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: Home directory /home/mio not ours. No PulseAudio daemon running, or not running as session daemon. RelatedPackageVersions: linux-restricted-modules-3.5.0-19-generic N/A linux-backports-modules-3.5.0-19-generic N/A linux-firmware1.95 SourcePackage: linux UpgradeStatus: Upgraded to quantal on 2012-10-11 (55 days ago) dmi.bios.date: 08/02/2012 dmi.bios.vendor: Phoenix Technologies Ltd. dmi.bios.version: P04AAE dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: SAMSUNG_NP1234567890 dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.board.version: FAB1 dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 9 dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.chassis.version: 0.1 dmi.modalias: dmi:bvnPhoenixTechnologiesLtd.:bvrP04AAE:bd08/02/2012:svnSAMSUNGELECTRONICSCO.,LTD.:pn700Z7C:pvr0.1:rvnSAMSUNGELECTRONICSCO.,LTD.:rnSAMSUNG_NP1234567890:rvrFAB1:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvr0.1: dmi.product.name: 700Z7C dmi.product.version: 0.1 dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD. --- ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: mio1568 F pulseaudio CurrentDesktop: Unity:Unity7:ubuntu DistroRelease: Ubuntu 18.04 HibernationDevice: RESUME=UUID=3f9af81f-77f0-4438-9a4b-6722de269cbb InstallationDate: Installed on 2018-05-09 (9 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) MachineType: SAMSUNG ELECTRONICS CO., LTD. 700Z7C Package: linux (not installed) ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic root=UUID=7c436149-ab84-40d0-919f-032364393f9b ro quiet splash video=VGA1:d nouveau.runpm=0 vt.handoff=1 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 RelatedPackageVersions: linux-restricted-modules-4.15.0-20-generic N/A linux-backports-modules-4.15.0-20-generic N/A linux-firmware 1.173 Tags: bionic Uname: Linux 4.15.0-20-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lp lpadmin plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 08/02/2012 dmi.bios.vendor: Phoenix Technologies Ltd. dmi.bios.version: P04AAE dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: SAMSUNG_NP1234567890 dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.board.version: FAB1 dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 9 dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.chassis.version: 0.1 dmi.modalias: dmi:bvnPhoenixTechnologiesLtd.:bvrP04AAE:bd08/02/2012:svnSAMSUNGELECTRONICSCO.,LTD.:pn700Z7C:pvr0.1:rvnSAMSUNGELECTRONICSCO.,LTD.:rnSAMSUNG_NP1234567890:rvrFAB1:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvr0.1: dmi.product.family: ChiefRiver System dmi.product.name: 700Z7C dmi.product.version: 0.1 dmi.sys.vendor: SAMSUNG
[Kernel-packages] [Bug 1769236] Re: CPU frequency stuck at minimum value
** Attachment added: "grep-thermal.txt" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769236/+attachment/5142653/+files/grep-thermal.txt -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1769236 Title: CPU frequency stuck at minimum value Status in linux package in Ubuntu: Confirmed Status in thermald package in Ubuntu: New Bug description: I installed the Kubuntu variant of Ubuntu 18.04 on a new HP Spectre 13 laptop. Performance is poor. The CPU (an i7-8550U) is running at 400MHz, and never speeds up, even when running some of the Phoronix Test Suite benchmarks. I can use cpupower to switch to the "performance" cpufreq governor, but cannot change the frequency with either governor. Here is the output of some experiments I ran while Phoronix's c-ray test was running. __ gjditchf@copperplate:/var/log$ cat /proc/cpuinfo | grep MHz cpu MHz : 400.008 cpu MHz : 400.002 cpu MHz : 400.002 cpu MHz : 400.003 cpu MHz : 400.005 cpu MHz : 400.003 cpu MHz : 400.001 cpu MHz : 400.004 gjditchf@copperplate:/var/log$ cpupower frequency-info analyzing CPU 0: driver: intel_pstate CPUs which run at the same hardware frequency: 0 CPUs which need to have their frequency coordinated by software: 0 maximum transition latency: Cannot determine or is not supported. hardware limits: 400 MHz - 4.00 GHz available cpufreq governors: performance powersave current policy: frequency should be within 400 MHz and 1.60 GHz. The governor "powersave" may decide which speed to use within this range. current CPU frequency: Unable to call hardware current CPU frequency: 400 MHz (asserted by call to kernel) boost state support: Supported: yes Active: yes gjditchf@copperplate:/var/log$ sudo cpupower frequency-set -f 1.60GHz Setting cpu: 0 Error setting new values. Common errors: - Do you have proper administration rights? (super-user?) - Is the governor you requested available and modprobed? - Trying to set an invalid policy? - Trying to set a specific frequency, but userspace governor is not available, for example because of hardware which cannot be set to a specific frequency or because the userspace governor isn't loaded? ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-20-generic 4.15.0-20.21 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 CurrentDesktop: KDE Date: Fri May 4 12:57:25 2018 InstallationDate: Installed on 2018-04-28 (6 days ago) InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) SourcePackage: linux-signed UpgradeStatus: No upgrade log present (probably fresh install) --- ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: gjditchf 1190 F pulseaudio CurrentDesktop: KDE DistroRelease: Ubuntu 18.04 InstallationDate: Installed on 2018-04-28 (10 days ago) InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0a2b Intel Corp. Bus 001 Device 003: ID 0bda:564e Realtek Semiconductor Corp. Bus 001 Device 002: ID 0bda:564f Realtek Semiconductor Corp. Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre Laptop 13-af0xx Package: linux (not installed) ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic root=UUID=ab54f00a-7dd6-4d75-a664-682f777c841c ro quiet splash vt.handoff=1 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 RelatedPackageVersions: linux-restricted-modules-4.15.0-20-generic N/A linux-backports-modules-4.15.0-20-generic N/A linux-firmware 1.173 Tags: bionic Uname: Linux 4.15.0-20-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin monotone plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 10/13/2017 dmi.bios.vendor: Insyde dmi.bios.version: F.06 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: 83A2 dmi.board.vendor: HP dmi.board.version: 55.24 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsyde:bvrF.06:bd10/13/2017:svnHP:pnHPSpectreLaptop13-af0xx:pvrType1ProductConfigId:rvnHP:rn83A2:rvr55.24:cvnHP:ct10:cvrChassisVersion: dmi.product.family: 103C_5335KV HP Spectre dmi.product.name: HP Spectre Laptop 13-af0xx
[Kernel-packages] [Bug 1769236] Re: CPU frequency stuck at minimum value
I will attach acpi.out, and also the output of "grep -r . /sys/class/thermal/*" in grep-thermal.txt. As for editing /var/run/thermald/thermal-conf.xml.auto ... that file is regenerated at boot. How do I make persistent changes? I tried copying the edited file to /etc/thermald/thermal-conf.xml, but didn't see any improvement, and the contents of the thermald debug log suggest that thermald doesn't read the /etc/ file. ** Attachment added: "acpi.out" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769236/+attachment/5142652/+files/acpi.out -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1769236 Title: CPU frequency stuck at minimum value Status in linux package in Ubuntu: Confirmed Status in thermald package in Ubuntu: New Bug description: I installed the Kubuntu variant of Ubuntu 18.04 on a new HP Spectre 13 laptop. Performance is poor. The CPU (an i7-8550U) is running at 400MHz, and never speeds up, even when running some of the Phoronix Test Suite benchmarks. I can use cpupower to switch to the "performance" cpufreq governor, but cannot change the frequency with either governor. Here is the output of some experiments I ran while Phoronix's c-ray test was running. __ gjditchf@copperplate:/var/log$ cat /proc/cpuinfo | grep MHz cpu MHz : 400.008 cpu MHz : 400.002 cpu MHz : 400.002 cpu MHz : 400.003 cpu MHz : 400.005 cpu MHz : 400.003 cpu MHz : 400.001 cpu MHz : 400.004 gjditchf@copperplate:/var/log$ cpupower frequency-info analyzing CPU 0: driver: intel_pstate CPUs which run at the same hardware frequency: 0 CPUs which need to have their frequency coordinated by software: 0 maximum transition latency: Cannot determine or is not supported. hardware limits: 400 MHz - 4.00 GHz available cpufreq governors: performance powersave current policy: frequency should be within 400 MHz and 1.60 GHz. The governor "powersave" may decide which speed to use within this range. current CPU frequency: Unable to call hardware current CPU frequency: 400 MHz (asserted by call to kernel) boost state support: Supported: yes Active: yes gjditchf@copperplate:/var/log$ sudo cpupower frequency-set -f 1.60GHz Setting cpu: 0 Error setting new values. Common errors: - Do you have proper administration rights? (super-user?) - Is the governor you requested available and modprobed? - Trying to set an invalid policy? - Trying to set a specific frequency, but userspace governor is not available, for example because of hardware which cannot be set to a specific frequency or because the userspace governor isn't loaded? ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: linux-image-4.15.0-20-generic 4.15.0-20.21 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 CurrentDesktop: KDE Date: Fri May 4 12:57:25 2018 InstallationDate: Installed on 2018-04-28 (6 days ago) InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) SourcePackage: linux-signed UpgradeStatus: No upgrade log present (probably fresh install) --- ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: gjditchf 1190 F pulseaudio CurrentDesktop: KDE DistroRelease: Ubuntu 18.04 InstallationDate: Installed on 2018-04-28 (10 days ago) InstallationMedia: Kubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0a2b Intel Corp. Bus 001 Device 003: ID 0bda:564e Realtek Semiconductor Corp. Bus 001 Device 002: ID 0bda:564f Realtek Semiconductor Corp. Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre Laptop 13-af0xx Package: linux (not installed) ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-20-generic root=UUID=ab54f00a-7dd6-4d75-a664-682f777c841c ro quiet splash vt.handoff=1 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 RelatedPackageVersions: linux-restricted-modules-4.15.0-20-generic N/A linux-backports-modules-4.15.0-20-generic N/A linux-firmware 1.173 Tags: bionic Uname: Linux 4.15.0-20-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin monotone plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 10/13/2017 dmi.bios.vendor: Insyde dmi.bios.version: F.06 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: 83A2 dmi.board.vendor: HP
[Kernel-packages] [Bug 1771467] Re: Reboot/shutdown kernel panic on HP DL360 Gen9 w/ bionic 4.15.0
I tracked it down to https://patchwork.kernel.org/patch/10027157/ just before 4.15-rc1. This appears to affect all DL360/DL380 Gen9 I've encountered so far. Opened https://bugzilla.kernel.org/show_bug.cgi?id=199779 and currently working with Sinan Kaya to disagnose. ** Tags added: kernel-bug-exists-upstream ** Bug watch added: Linux Kernel Bug Tracker #199779 https://bugzilla.kernel.org/show_bug.cgi?id=199779 ** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed ** Changed in: linux (Ubuntu Bionic) Status: Incomplete => Confirmed ** Summary changed: - Reboot/shutdown kernel panic on HP DL360 Gen9 w/ bionic 4.15.0 + Reboot/shutdown kernel panic on HP DL360/DL380 Gen9 w/ bionic 4.15.0 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1771467 Title: Reboot/shutdown kernel panic on HP DL360/DL380 Gen9 w/ bionic 4.15.0 Status in linux package in Ubuntu: Confirmed Status in linux source package in Bionic: Confirmed Bug description: Verified on multiple DL360 Gen9 servers with up to date firmware. Just before reboot or shutdown, there is the following panic: [ 289.093083] {1}[Hardware Error]: Hardware error from APEI Generic Hardware Error Source: 1 [ 289.093085] {1}[Hardware Error]: event severity: fatal [ 289.093087] {1}[Hardware Error]: Error 0, type: fatal [ 289.093088] {1}[Hardware Error]: section_type: PCIe error [ 289.093090] {1}[Hardware Error]: port_type: 4, root port [ 289.093091] {1}[Hardware Error]: version: 1.16 [ 289.093093] {1}[Hardware Error]: command: 0x6010, status: 0x0143 [ 289.093094] {1}[Hardware Error]: device_id: :00:01.0 [ 289.093095] {1}[Hardware Error]: slot: 0 [ 289.093096] {1}[Hardware Error]: secondary_bus: 0x03 [ 289.093097] {1}[Hardware Error]: vendor_id: 0x8086, device_id: 0x2f02 [ 289.093098] {1}[Hardware Error]: class_code: 040600 [ 289.093378] {1}[Hardware Error]: bridge: secondary_status: 0x2000, control: 0x0003 [ 289.093380] {1}[Hardware Error]: Error 1, type: fatal [ 289.093381] {1}[Hardware Error]: section_type: PCIe error [ 289.093382] {1}[Hardware Error]: port_type: 4, root port [ 289.093383] {1}[Hardware Error]: version: 1.16 [ 289.093384] {1}[Hardware Error]: command: 0x6010, status: 0x0143 [ 289.093386] {1}[Hardware Error]: device_id: :00:01.0 [ 289.093386] {1}[Hardware Error]: slot: 0 [ 289.093387] {1}[Hardware Error]: secondary_bus: 0x03 [ 289.093388] {1}[Hardware Error]: vendor_id: 0x8086, device_id: 0x2f02 [ 289.093674] {1}[Hardware Error]: class_code: 040600 [ 289.093676] {1}[Hardware Error]: bridge: secondary_status: 0x2000, control: 0x0003 [ 289.093678] Kernel panic - not syncing: Fatal hardware error! [ 289.093745] Kernel Offset: 0x1cc0 from 0x8100 (relocation range: 0x8000-0xbfff) [ 289.105835] ERST: [Firmware Warn]: Firmware does not respond in time. It does eventually restart after this. Then during the subsequent POST, the following warning appears: Embedded RAID 1 : Smart Array P440ar Controller - (2048 MB, V6.30) 7 Logical Drive(s) - Operation Failed - 1719-Slot 0 Drive Array - A controller failure event occurred prior to this power-up. (Previous lock up code = 0x13) Action: Install the latest controller firmware. If the problem persists, replace the controller. The latter's symptoms are described in https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c04805565 but the running storage controller firmware is much newer than the doc's resolution. Neither of these problems occur during shutdown/reboot on the xenial kernel. FWIW, when running on old P89 (1.50 (07/20/2015) vs 2.56 (01/22/2018)), the shutdown failure mode was a loop like so: [529151.035267] NMI: IOCK error (debug interrupt?) for reason 75 on CPU 0. [529153.222883] Uhhuh. NMI received for unknown reason 25 on CPU 0. [529153.222884] Do you have a strange power saving mode enabled? [529153.222884] Dazed and confused, but trying to continue [529153.554447] Uhhuh. NMI received for unknown reason 25 on CPU 0. [529153.554448] Do you have a strange power saving mode enabled? [529153.554449] Dazed and confused, but trying to continue [529153.554450] Uhhuh. NMI received for unknown reason 25 on CPU 0. [529153.554451] Do you have a strange power saving mode enabled? [529153.554452] Dazed and confused, but trying to continue [529153.554452] Uhhuh. NMI received for unknown reason 25 on CPU 0. [529153.554453] Do you have a strange power saving mode enabled? [529153.554454] Dazed and confused, but trying to continue [529153.554454] Uhhuh. NMI received for unknown reason 35 on CPU 0. [529153.554455] Do you have a strange power saving mode enabled? [529153.554456] Dazed and confused, but trying to
[Kernel-packages] [Bug 1764316] Re: Xenial update to 4.4.120 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1759303] Re: Update Aquantia driver to fix various issues
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver
This bug was fixed in the package linux-oem - 4.15.0-1006.9 --- linux-oem (4.15.0-1006.9) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.15.0-1005.8) bionic; urgency=medium * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398) - source built with a clean tree * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843) - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads * hts221 sensor stops working after resume from S3/S4 (LP: #1769658) - SAUCE: iio: humidity: hts221: Fix sensor reads after resume * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty (LP: #1769610) - serdev: ttyport: release tty lock sooner on open - serdev: ttyport: ignore carrier detect to avoid hangups - serdev: ttyport: do not used keyed wakeup in write_wakeup - serdev: Make .remove in struct serdev_device_driver optional - serdev: Introduce devm_serdev_device_open() - serdev: do not generate modaliases for controllers - serdev: only match serdev devices - serdev: add method to set parity - SAUCE: (no-up) Support HS-UART serdev slaves over tty - [Config] CONFIG_HSUART_SERIAL_DEVICE=y * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) - SAUCE: rsi: add rx control block to handle rx packets in USB - SAUCE: rsi: add bluetooth rx endpoint - SAUCE: rsi: add header file rsi_91x - SAUCE: rsi: add coex support - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver - SAUCE: rsi: handle BT traffic in driver - SAUCE: rsi: add module parameter operating mode - SAUCE: rsi: sdio changes to support BT - SAUCE: rsi: improve RX handling in SDIO interface - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB - SAUCE: rsi: improve RX packet handling in USB interface - SAUCE: rsi: add support for hardware scan offload - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h - SAUCE: rsi: move descriptor preparation to core - SAUCE: rsi: enable 80MHz clock by default - SAUCE: rsi: roaming enhancements - SAUCE: rsi: add module parameter rsi_reg - SAUCE: rsi: regulatory modifications for 'dlcar' mode - SAUCE: rsi: device disconnect changes - SAUCE: rsi: tx improvements - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit - SAUCE: rsi: Remove stack VLA usage - SAUCE: rsi: fix nommu_map_sg overflow kernel panic - SAUCE: rsi: Fix 'invalid vdd' warning in mmc - SAUCE: Redpine: Fix wowlan issue with S4 - SAUCE: Redpine: rsi: Add deep sleep enable
[Kernel-packages] [Bug 1657682] Re: Support latest Redpine WLAN/BT RS9113 driver
This bug was fixed in the package linux-oem - 4.15.0-1006.9 --- linux-oem (4.15.0-1006.9) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.15.0-1005.8) bionic; urgency=medium * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398) - source built with a clean tree * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843) - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads * hts221 sensor stops working after resume from S3/S4 (LP: #1769658) - SAUCE: iio: humidity: hts221: Fix sensor reads after resume * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty (LP: #1769610) - serdev: ttyport: release tty lock sooner on open - serdev: ttyport: ignore carrier detect to avoid hangups - serdev: ttyport: do not used keyed wakeup in write_wakeup - serdev: Make .remove in struct serdev_device_driver optional - serdev: Introduce devm_serdev_device_open() - serdev: do not generate modaliases for controllers - serdev: only match serdev devices - serdev: add method to set parity - SAUCE: (no-up) Support HS-UART serdev slaves over tty - [Config] CONFIG_HSUART_SERIAL_DEVICE=y * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) - SAUCE: rsi: add rx control block to handle rx packets in USB - SAUCE: rsi: add bluetooth rx endpoint - SAUCE: rsi: add header file rsi_91x - SAUCE: rsi: add coex support - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver - SAUCE: rsi: handle BT traffic in driver - SAUCE: rsi: add module parameter operating mode - SAUCE: rsi: sdio changes to support BT - SAUCE: rsi: improve RX handling in SDIO interface - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB - SAUCE: rsi: improve RX packet handling in USB interface - SAUCE: rsi: add support for hardware scan offload - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h - SAUCE: rsi: move descriptor preparation to core - SAUCE: rsi: enable 80MHz clock by default - SAUCE: rsi: roaming enhancements - SAUCE: rsi: add module parameter rsi_reg - SAUCE: rsi: regulatory modifications for 'dlcar' mode - SAUCE: rsi: device disconnect changes - SAUCE: rsi: tx improvements - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit - SAUCE: rsi: Remove stack VLA usage - SAUCE: rsi: fix nommu_map_sg overflow kernel panic - SAUCE: rsi: Fix 'invalid vdd' warning in mmc - SAUCE: Redpine: Fix wowlan issue with S4 - SAUCE: Redpine: rsi: Add deep sleep enable
[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race
This bug was fixed in the package linux-azure - 4.13.0-1018.21 --- linux-azure (4.13.0-1018.21) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.13.0-42.47 ] * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON
[Kernel-packages] [Bug 1769077] Re: linux: 3.13.0-148.197 -proposed tracker
This bug was fixed in the package linux - 3.13.0-149.199 --- linux (3.13.0-149.199) trusty; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - SAUCE: powerpc/64s: Move the data access exception out-of-line * CVE-2018-3639 (x86) - arch: Introduce post-init read-only memory - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static linux (3.13.0-148.197) trusty; urgency=medium * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077) * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18221 - mlock: fix mlock count can not decrease in race condition * CVE-2017-12134 - xen: fix bio vec merging * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-13220 - Bluetooth: hidp_connection_add() unsafe use of l2cap_pi() * CVE-2017-18204 - ocfs2: should wait dio before inode lock in ocfs2_setattr() * CVE-2017-13305 - KEYS: encrypted: fix buffer overread in valid_master_desc() * CVE-2017-18079 - Input: i8042 - fix crash at boot time * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534) - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) - SAUCE: remove ibrs_dump sysctl interface -- Stefan BaderMon, 14 May 2018 16:58:50 +0200 ** Changed in: linux (Ubuntu Trusty) Status: Confirmed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220 **
[Kernel-packages] [Bug 1764999] Re: Xenial update to 4.4.126 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1760712] Re: perf vendor events arm64: Enable JSON events for ThunderX2 B0
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1758507] Re: sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1762812] Re: /dev/ipmi enumeration flaky on Cavium Sabre nodes
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1765850] Re: arm64: fix CONFIG_DEBUG_WX address reporting
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1726930] Re: System fails to start (boot) on battery due to read-only root file-system
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764985] Re: linux-kvm 4.15 needs CONFIG_VMAP_STACK set
This bug was fixed in the package linux-kvm - 4.15.0-1010.10 --- linux-kvm (4.15.0-1010.10) bionic; urgency=medium [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-kvm (4.15.0-1009.9) bionic; urgency=medium * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * Unable to start docker application with B-KVM kernel (LP: #1763630) - kvm: [config] enable NF_NAT, NF_CONNTRACK - kvm: [config] enable IP_NF_TABLES * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel (LP: #1764975) - kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM} * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985) - kvm: [config] enable CONFIG_VMAP_STACK * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel (LP: #1766832) - kvm: [config] enable CONFIG_MODULE_UNLOAD [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderThu, 17 May 2018 10:30:53 +0200 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1764985 Title: linux-kvm 4.15 needs CONFIG_VMAP_STACK set Status in QA Regression Testing: Fix Released Status in linux package in Ubuntu: Invalid Status in linux-kvm package in Ubuntu: Fix Committed Status in linux source package in Bionic: Invalid Status in linux-kvm source package in Bionic: Fix Released Bug description: test_181_config_vmap_stack in ubuntu_qrt_kernel_security_test has failed with 4.15.0-1004-kvm FAIL: test_181_config_vmap_stack (__main__.KernelSecurityTest) Ensure kernel stack isolation is set -- Traceback (most recent call last): File "./test-kernel-security.py", line 2149, in test_181_config_vmap_stack self.assertEqual(self._get_config('VMAP_STACK'), expected) AssertionError: None != 'y'
[Kernel-packages] [Bug 1763271] Re: [8086:3e92] display becomes blank after S3
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1769843] Re: [i915 CNL-Y] system hangs soon after bootup
This bug was fixed in the package linux-oem - 4.15.0-1006.9 --- linux-oem (4.15.0-1006.9) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.15.0-1005.8) bionic; urgency=medium * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398) - source built with a clean tree * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843) - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads * hts221 sensor stops working after resume from S3/S4 (LP: #1769658) - SAUCE: iio: humidity: hts221: Fix sensor reads after resume * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty (LP: #1769610) - serdev: ttyport: release tty lock sooner on open - serdev: ttyport: ignore carrier detect to avoid hangups - serdev: ttyport: do not used keyed wakeup in write_wakeup - serdev: Make .remove in struct serdev_device_driver optional - serdev: Introduce devm_serdev_device_open() - serdev: do not generate modaliases for controllers - serdev: only match serdev devices - serdev: add method to set parity - SAUCE: (no-up) Support HS-UART serdev slaves over tty - [Config] CONFIG_HSUART_SERIAL_DEVICE=y * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) - SAUCE: rsi: add rx control block to handle rx packets in USB - SAUCE: rsi: add bluetooth rx endpoint - SAUCE: rsi: add header file rsi_91x - SAUCE: rsi: add coex support - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver - SAUCE: rsi: handle BT traffic in driver - SAUCE: rsi: add module parameter operating mode - SAUCE: rsi: sdio changes to support BT - SAUCE: rsi: improve RX handling in SDIO interface - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB - SAUCE: rsi: improve RX packet handling in USB interface - SAUCE: rsi: add support for hardware scan offload - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h - SAUCE: rsi: move descriptor preparation to core - SAUCE: rsi: enable 80MHz clock by default - SAUCE: rsi: roaming enhancements - SAUCE: rsi: add module parameter rsi_reg - SAUCE: rsi: regulatory modifications for 'dlcar' mode - SAUCE: rsi: device disconnect changes - SAUCE: rsi: tx improvements - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit - SAUCE: rsi: Remove stack VLA usage - SAUCE: rsi: fix nommu_map_sg overflow kernel panic - SAUCE: rsi: Fix 'invalid vdd' warning in mmc - SAUCE: Redpine: Fix wowlan issue with S4 - SAUCE: Redpine: rsi: Add deep sleep enable
[Kernel-packages] [Bug 1767409] Re: linux-kvm: 4.15.0-1009.9 -proposed tracker
This bug was fixed in the package linux-kvm - 4.15.0-1010.10 --- linux-kvm (4.15.0-1010.10) bionic; urgency=medium [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-kvm (4.15.0-1009.9) bionic; urgency=medium * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * Unable to start docker application with B-KVM kernel (LP: #1763630) - kvm: [config] enable NF_NAT, NF_CONNTRACK - kvm: [config] enable IP_NF_TABLES * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel (LP: #1764975) - kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM} * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985) - kvm: [config] enable CONFIG_VMAP_STACK * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel (LP: #1766832) - kvm: [config] enable CONFIG_MODULE_UNLOAD [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderThu, 17 May 2018 10:30:53 +0200 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Confirmed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1767409 Title: linux-kvm: 4.15.0-1009.9 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Fix Released Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: Invalid Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Fix Released Status in Kernel SRU Workflow security-signoff series: Invalid Status in Kernel SRU Workflow upload-to-ppa series: New Status in Kernel SRU Workflow verification-testing series: Fix
[Kernel-packages] [Bug 1765977] Re: HiSilicon HNS NIC names are truncated in /proc/interrupts
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race
This bug was fixed in the package linux-azure - 4.13.0-1018.21 --- linux-azure (4.13.0-1018.21) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.13.0-42.47 ] * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON
[Kernel-packages] [Bug 1763454] Re: bpf_map_lookup_elem: BUG: unable to handle kernel paging request
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1756866] Re: Xenial update to 4.4.118 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status
This bug was fixed in the package linux - 3.13.0-149.199 --- linux (3.13.0-149.199) trusty; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - SAUCE: powerpc/64s: Move the data access exception out-of-line * CVE-2018-3639 (x86) - arch: Introduce post-init read-only memory - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static linux (3.13.0-148.197) trusty; urgency=medium * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077) * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18221 - mlock: fix mlock count can not decrease in race condition * CVE-2017-12134 - xen: fix bio vec merging * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-13220 - Bluetooth: hidp_connection_add() unsafe use of l2cap_pi() * CVE-2017-18204 - ocfs2: should wait dio before inode lock in ocfs2_setattr() * CVE-2017-13305 - KEYS: encrypted: fix buffer overread in valid_master_desc() * CVE-2017-18079 - Input: i8042 - fix crash at boot time * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534) - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) - SAUCE: remove ibrs_dump sysctl interface -- Stefan BaderMon, 14 May 2018 16:58:50 +0200 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220
[Kernel-packages] [Bug 1769263] Re: LSM Stacking prctl values should be redefined as to not collide with upstream prctls
This bug was fixed in the package linux - 4.15.0-22.24 --- linux (4.15.0-22.24) bionic; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.15.0-21.22) bionic; urgency=medium * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderTue, 15 May 2018 07:41:28 +0200 ** Changed in: linux (Ubuntu) Status: Triaged => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1769263 Title: LSM Stacking prctl values should be redefined as to not collide with upstream prctls Status in linux package in Ubuntu: Fix Released Bug description: The prctl values selected for LSM Stacking made some amount of sense at the time of Bionic's release but there may be future upstream changes that we want to be backport which would collide with the values selected. Since LSM stacking is provided as an early preview in the Ubuntu kernels, we should use unusually high numbers to reduce the chances of colliding with an upstream feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1769263/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1761104] Re: fix regression in mm/hotplug, allows NVIDIA driver to work
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1769610] Re: Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty
This bug was fixed in the package linux-oem - 4.15.0-1006.9 --- linux-oem (4.15.0-1006.9) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.15.0-1005.8) bionic; urgency=medium * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398) - source built with a clean tree * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843) - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads * hts221 sensor stops working after resume from S3/S4 (LP: #1769658) - SAUCE: iio: humidity: hts221: Fix sensor reads after resume * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty (LP: #1769610) - serdev: ttyport: release tty lock sooner on open - serdev: ttyport: ignore carrier detect to avoid hangups - serdev: ttyport: do not used keyed wakeup in write_wakeup - serdev: Make .remove in struct serdev_device_driver optional - serdev: Introduce devm_serdev_device_open() - serdev: do not generate modaliases for controllers - serdev: only match serdev devices - serdev: add method to set parity - SAUCE: (no-up) Support HS-UART serdev slaves over tty - [Config] CONFIG_HSUART_SERIAL_DEVICE=y * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) - SAUCE: rsi: add rx control block to handle rx packets in USB - SAUCE: rsi: add bluetooth rx endpoint - SAUCE: rsi: add header file rsi_91x - SAUCE: rsi: add coex support - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver - SAUCE: rsi: handle BT traffic in driver - SAUCE: rsi: add module parameter operating mode - SAUCE: rsi: sdio changes to support BT - SAUCE: rsi: improve RX handling in SDIO interface - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB - SAUCE: rsi: improve RX packet handling in USB interface - SAUCE: rsi: add support for hardware scan offload - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h - SAUCE: rsi: move descriptor preparation to core - SAUCE: rsi: enable 80MHz clock by default - SAUCE: rsi: roaming enhancements - SAUCE: rsi: add module parameter rsi_reg - SAUCE: rsi: regulatory modifications for 'dlcar' mode - SAUCE: rsi: device disconnect changes - SAUCE: rsi: tx improvements - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit - SAUCE: rsi: Remove stack VLA usage - SAUCE: rsi: fix nommu_map_sg overflow kernel panic - SAUCE: rsi: Fix 'invalid vdd' warning in mmc - SAUCE: Redpine: Fix wowlan issue with S4 - SAUCE: Redpine: rsi: Add deep sleep enable
[Kernel-packages] [Bug 1759303] Re: Update Aquantia driver to fix various issues
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1769996] Re: linux-oem: 4.13.0-1027.30 -proposed tracker
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1763494] Re: linux-azure-edge should follow bionic/linux-azure in a similar way to linux-hwe
This bug was fixed in the package linux-azure-edge - 4.15.0-1012.12~16.04.2 --- linux-azure-edge (4.15.0-1012.12~16.04.2) xenial; urgency=medium * linux-azure-edge headers are broken after change to support scripted rebases (LP: #1772058) - [Packaging]: azure-edge: Fix headers packages after switching to scripted rebase linux-azure-edge (4.15.0-1012.12~16.04.1) xenial; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Add versioned dependency for linux-base [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) linux-azure (4.15.0-1011.11) bionic; urgency=medium * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294) * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564) - fsnotify: Fix fsnotify_mark_connector race linux-azure (4.15.0-1009.9) bionic; urgency=medium * linux-azure: 4.15.0-1009.9 -proposed tracker (LP: #1766467) [ Ubuntu: 4.15.0-20.21 ] * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452) * package shim-signed (not installed) failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 5 (LP: #1766391) - [Packaging] fix invocation of header postinst hooks linux-azure (4.15.0-1008.8) bionic; urgency=medium * linux-azure: 4.15.0-1008.8 -proposed tracker (LP: #1766025) [ Ubuntu: 4.15.0-19.20 ] * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021) * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232) - Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU" - Revert "genirq/affinity: assign vectors to all possible CPUs" linux-azure (4.15.0-1007.7) bionic; urgency=medium * linux-azure: 4.15.0-1007.7 -proposed tracker (LP: #1765495) * Miscellaneous Ubuntu changes - [Config] updateconfigs after rebase to Ubuntu-4.15.0-18.19 - [Packaging] update flavour-control.stub for signing changes [ Ubuntu: 4.15.0-18.19 ] * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490) * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel: meltdown: rfi/fallback displacement flush not enabled bydefault (kvm) (LP: #1765429) - powerpc/pseries: Fix clearing of
[Kernel-packages] [Bug 1763494] Re: linux-azure-edge should follow bionic/linux-azure in a similar way to linux-hwe
This bug was fixed in the package linux-azure-edge - 4.15.0-1012.12~16.04.2 --- linux-azure-edge (4.15.0-1012.12~16.04.2) xenial; urgency=medium * linux-azure-edge headers are broken after change to support scripted rebases (LP: #1772058) - [Packaging]: azure-edge: Fix headers packages after switching to scripted rebase linux-azure-edge (4.15.0-1012.12~16.04.1) xenial; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Add versioned dependency for linux-base [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) linux-azure (4.15.0-1011.11) bionic; urgency=medium * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294) * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564) - fsnotify: Fix fsnotify_mark_connector race linux-azure (4.15.0-1009.9) bionic; urgency=medium * linux-azure: 4.15.0-1009.9 -proposed tracker (LP: #1766467) [ Ubuntu: 4.15.0-20.21 ] * linux: 4.15.0-20.21 -proposed tracker (LP: #1766452) * package shim-signed (not installed) failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 5 (LP: #1766391) - [Packaging] fix invocation of header postinst hooks linux-azure (4.15.0-1008.8) bionic; urgency=medium * linux-azure: 4.15.0-1008.8 -proposed tracker (LP: #1766025) [ Ubuntu: 4.15.0-19.20 ] * linux: 4.15.0-19.20 -proposed tracker (LP: #1766021) * Kernel 4.15.0-15 breaks Dell PowerEdge 12th Gen servers (LP: #1765232) - Revert "blk-mq: simplify queue mapping & schedule with each possisble CPU" - Revert "genirq/affinity: assign vectors to all possible CPUs" linux-azure (4.15.0-1007.7) bionic; urgency=medium * linux-azure: 4.15.0-1007.7 -proposed tracker (LP: #1765495) * Miscellaneous Ubuntu changes - [Config] updateconfigs after rebase to Ubuntu-4.15.0-18.19 - [Packaging] update flavour-control.stub for signing changes [ Ubuntu: 4.15.0-18.19 ] * linux: 4.15.0-18.19 -proposed tracker (LP: #1765490) * [regression] Ubuntu 18.04:[4.15.0-17-generic #18] KVM Guest Kernel: meltdown: rfi/fallback displacement flush not enabled bydefault (kvm) (LP: #1765429) - powerpc/pseries: Fix clearing of
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1766197] Re: Update btusb reset-resume quirk to decrease power usage
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race
This bug was fixed in the package linux-azure - 4.15.0-1012.12 --- linux-azure (4.15.0-1012.12) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Add versioned dependency for linux-base [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) linux-azure (4.15.0-1011.11) bionic; urgency=medium * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294) * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564) - fsnotify: Fix fsnotify_mark_connector race -- Stefan BaderWed, 16 May 2018 18:31:36 +0200 ** Changed in: linux-azure (Ubuntu Xenial) Status: In Progress => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17449 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17975 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-18203 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-18208 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-8822 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-azure in Ubuntu. https://bugs.launchpad.net/bugs/1765564 Title: fsnotify: Fix fsnotify_mark_connector race Status in Linux: New Status in linux-azure package in Ubuntu: In Progress Status in linux-azure source package in Xenial: Fix Released Status in linux-azure source package in Bionic: Fix Released Bug description: On Azure we have had sporadic cases of soft lockups in fsnotify that may very well be mitigated by the following fix. The LKML thread is "kernel panics with 4.14.X". This should be applied to 4.13 and 4.15 versions of the linux-azure kernel, and possibly the 4.15 generic kernel in bionic as well. - fsnotify() acquires a reference to a fsnotify_mark_connector through the SRCU-protected pointer to_tell->i_fsnotify_marks. However, it appears that no precautions are taken in fsnotify_put_mark() to ensure that fsnotify() drops its reference to this fsnotify_mark_connector before assigning a value to its 'destroy_next' field. This can result in fsnotify_put_mark() assigning a value to a connector's 'destroy_next'
[Kernel-packages] [Bug 1762693] Re: No network with e1000e driver on 4.13.0-38-generic
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1765241] Re: virtio_scsi race can corrupt memory, panic kernel
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1726930] Re: System fails to start (boot) on battery due to read-only root file-system
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1769997] Re: linux-azure: 4.13.0-1017.20 -proposed tracker
This bug was fixed in the package linux-azure - 4.13.0-1018.21 --- linux-azure (4.13.0-1018.21) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.13.0-42.47 ] * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON
[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1758507] Re: sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055)
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1749420] Re: [regression] Colour banding and artefacts appear system-wide on an Asus Zenbook UX303LA with Intel HD 4400 graphics
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1765698] Re: Unable to insert test_bpf module on Xenial
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1769658] Re: hts221 sensor stops working after resume from S3/S4
This bug was fixed in the package linux-oem - 4.15.0-1006.9 --- linux-oem (4.15.0-1006.9) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.15.0-1005.8) bionic; urgency=medium * linux-oem: 4.15.0-1005.8 -proposed tracker (LP: #1767398) - source built with a clean tree * [i915 CNL-Y] system hangs soon after bootup (LP: #1769843) - SAUCE: drm/i915/execlists: Use rmb() to order CSB reads * hts221 sensor stops working after resume from S3/S4 (LP: #1769658) - SAUCE: iio: humidity: hts221: Fix sensor reads after resume * Support Intel Atom (Baytrail-I) HS-UART serdev slaves over tty (LP: #1769610) - serdev: ttyport: release tty lock sooner on open - serdev: ttyport: ignore carrier detect to avoid hangups - serdev: ttyport: do not used keyed wakeup in write_wakeup - serdev: Make .remove in struct serdev_device_driver optional - serdev: Introduce devm_serdev_device_open() - serdev: do not generate modaliases for controllers - serdev: only match serdev devices - serdev: add method to set parity - SAUCE: (no-up) Support HS-UART serdev slaves over tty - [Config] CONFIG_HSUART_SERIAL_DEVICE=y * Support latest Redpine WLAN/BT RS9113 driver (LP: #1657682) - SAUCE: rsi: add rx control block to handle rx packets in USB - SAUCE: rsi: add bluetooth rx endpoint - SAUCE: rsi: add header file rsi_91x - SAUCE: rsi: add coex support - SAUCE: Bluetooth: bt: rsi: add new rsi bluetooth driver - SAUCE: rsi: handle BT traffic in driver - SAUCE: rsi: add module parameter operating mode - SAUCE: rsi: sdio changes to support BT - SAUCE: rsi: improve RX handling in SDIO interface - SAUCE: rsi: use dynamic RX control blocks instead of MAX_RX_URB - SAUCE: rsi: improve RX packet handling in USB interface - SAUCE: rsi: add support for hardware scan offload - SAUCE: rsi: move xtend_desc structure from rsi_main.h to rsi_mgmt.h - SAUCE: rsi: move descriptor preparation to core - SAUCE: rsi: enable 80MHz clock by default - SAUCE: rsi: roaming enhancements - SAUCE: rsi: add module parameter rsi_reg - SAUCE: rsi: regulatory modifications for 'dlcar' mode - SAUCE: rsi: device disconnect changes - SAUCE: rsi: tx improvements - SAUCE: rsi: drop RX broadcast/multicast packets with invalid PN - SAUCE: rsi: fix for incorrect data pointer alignment in 64-bit - SAUCE: rsi: Remove stack VLA usage - SAUCE: rsi: fix nommu_map_sg overflow kernel panic - SAUCE: rsi: Fix 'invalid vdd' warning in mmc - SAUCE: Redpine: Fix wowlan issue with S4 - SAUCE: Redpine: rsi: Add deep sleep enable
[Kernel-packages] [Bug 1769993] Re: linux: 4.13.0-42.47 -proposed tracker
This bug was fixed in the package linux - 4.13.0-43.48 --- linux (4.13.0-43.48) artful; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.13.0-42.47) artful; urgency=medium * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993) * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850) - arm64: fix CONFIG_DEBUG_WX address reporting * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977) - net: hns: Avoid action name truncation * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-17975 - media: usbtv: prevent double free in error case * [8086:3e92] display becomes blank after S3 (LP: #1763271) - drm/i915/edp: Allow alternate fixed mode for eDP if available. - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp - drm/i915/edp: Do not do link training fallback or prune modes on EDP * sky2 gigabit ethernet driver sometimes stops working after lid-open resume from sleep (88E8055) (LP: #1758507) - sky2: Increase D3 delay to sky2 stops working after suspend * perf vendor events arm64: Enable JSON events for
[Kernel-packages] [Bug 1762453] Re: Xenial update to 4.4.119 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
This bug was fixed in the package linux - 3.13.0-149.199 --- linux (3.13.0-149.199) trusty; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - SAUCE: powerpc/64s: Move the data access exception out-of-line * CVE-2018-3639 (x86) - arch: Introduce post-init read-only memory - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static linux (3.13.0-148.197) trusty; urgency=medium * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077) * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18221 - mlock: fix mlock count can not decrease in race condition * CVE-2017-12134 - xen: fix bio vec merging * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-13220 - Bluetooth: hidp_connection_add() unsafe use of l2cap_pi() * CVE-2017-18204 - ocfs2: should wait dio before inode lock in ocfs2_setattr() * CVE-2017-13305 - KEYS: encrypted: fix buffer overread in valid_master_desc() * CVE-2017-18079 - Input: i8042 - fix crash at boot time * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534) - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) - SAUCE: remove ibrs_dump sysctl interface -- Stefan BaderMon, 14 May 2018 16:58:50 +0200 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12134 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13220
[Kernel-packages] [Bug 1772128] Re: [REGRESSION] linux 4.4.0-126.152 disables speculation control when running under a hypervisor
This bug was fixed before the affected kernel was released and, therefore, it never affected a publicly released kernel. ** Changed in: linux (Ubuntu) Status: Triaged => Fix Released ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772128 Title: [REGRESSION] linux 4.4.0-126.152 disables speculation control when running under a hypervisor Status in linux package in Ubuntu: Fix Released Bug description: The Xenial kernel 4.4.0-126.152, which is to be released on 5/21, introduced a regression that disables speculation control when running under a hypervisor such as QEMU. The problem is caused by pulling in the following upstream commit: a5b296636453 ("x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes") The following upstream commit is needed to fix the bug: 36268223c1e9 ("x86/spectre_v2: Don't check microcode versions when running under hypervisors") However, the following fixes are also likely needed: e3b3121fa8da ("x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist") d37fc6d360a4 ("x86/speculation: Correct Speculation Control microcode blacklist again") 1751342095f0 ("x86/speculation: Update Speculation Control microcode blacklist") With the required accuracy in maintaining such a list and considering that we don't have the blacklist in the artful or trusty backports, I wonder if it is better to just remove the original offending commit so that we don't have a blacklist. To reproduce, you need to configure libvirt to use CPU passthrough and your CPU needs to be one that matches the family and stepping in the blacklist from commit a5b296636453. See the attached domain xml for an example libvirt xml file. The host can be any Ubuntu release running one of the kernels to be released on 5/21. The guest needs to be running 4.4.0-126.152. Boot the guest and run the following command: $ dmesg | grep -i specul [0.00] Intel Spectre v2 broken microcode detected; disabling Speculation Control [0.024568] Spectre V2 : Speculation control IBPB not-supported IBRS not-supported [0.024570] Speculative Store Bypass: Vulnerable The first line is the problem. Broken microcode is detected because the guest kernel always sees 0x1 as the microcode revision (you can see this by running 'grep ^microcode /proc/cpuinfo' in the guest). Here's the desired output, which is seen when booting the guest with 4.4.0-124.148 (it is missing the Speculative Store Bypass message because it doesn't contain SSB mitigation): $ dmesg | grep -i specul [0.066675] Spectre V2 mitigation: Speculation control IBPB supported IBRS supported To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772128/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
This bug was fixed in the package linux - 3.13.0-149.199 --- linux (3.13.0-149.199) trusty; urgency=medium * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - SAUCE: powerpc/64s: Move the data access exception out-of-line * CVE-2018-3639 (x86) - arch: Introduce post-init read-only memory - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static linux (3.13.0-148.197) trusty; urgency=medium * linux: 3.13.0-148.197 -proposed tracker (LP: #1769077) * CVE-2017-18208 - mm/madvise.c: fix madvise() infinite loop under special circumstances * CVE-2018-8822 - staging: ncpfs: memory corruption in ncp_read_kernel() * CVE-2017-18221 - mlock: fix mlock count can not decrease in race condition * CVE-2017-12134 - xen: fix bio vec merging * CVE-2017-18203 - dm: fix race between dm_get_from_kobject() and __dm_destroy() * CVE-2017-17449 - netlink: Add netns check on taps * CVE-2017-13220 - Bluetooth: hidp_connection_add() unsafe use of l2cap_pi() * CVE-2017-18204 - ocfs2: should wait dio before inode lock in ocfs2_setattr() * CVE-2017-13305 - KEYS: encrypted: fix buffer overread in valid_master_desc() * CVE-2017-18079 - Input: i8042 - fix crash at boot time * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534) - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS * ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627) - SAUCE: remove ibrs_dump sysctl interface -- Stefan BaderMon, 14 May 2018 16:58:50 +0200 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-16995 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-17862
[Kernel-packages] [Bug 1772146] Re: Xenial 4.4.0-126.152 does not properly virtualize cpuid, resulting in disabled SSBD
This bug was fixed before the affected kernel was released and, therefore, it never affected a publicly released kernel. ** Changed in: linux (Ubuntu) Status: Confirmed => Fix Released ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1772146 Title: Xenial 4.4.0-126.152 does not properly virtualize cpuid, resulting in disabled SSBD Status in linux package in Ubuntu: Fix Released Bug description: The Xenial (4.4.0-126.152) kernel, which is to be released on 5/21, does not properly handle the cpuid opcode for KVM guests. This causes the guest kernel to incorrectly assume that the Speculative Storage Bypass Disable (SSBD) feature (needed for CVE-2018-3639) is not supported and, therefore, causes it to be unusable in a KVM guest. From the host environment (running 4.4.0-126.152): $ cpuid -1r | grep '^ 0x0007' 0x0007 0x00: eax=0x ebx=0x37ab ecx=0x edx=0x9c00 When the most significant bit (bit 31) of edx is set, that indicates that SSBD is available. Running the same command in the guest shows that the bit is not set: $ cpuid -1r | grep '^ 0x0007' 0x0007 0x00: eax=0x ebx=0x07ab ecx=0x edx=0x Therefore, we see this message in the guest's dmesg output: $ dmesg | grep Speculative [0.008000] Speculative Store Bypass: Vulnerable We also see this in the guest: $ cat /sys/devices/system/cpu/vulnerabilities/spec_store_bypass Vulnerable I don't yet see what's causing this bug when the Xenial 4.4 kernel is used in the host. It does not occur when the Trusty 3.13, Artful 4.13, Bionic 4.15 kernels are used in the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772146/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1738259] Re: need to ensure microcode updates are available to all bare-metal installs of Ubuntu
This bug was fixed in the package linux-meta-oem - 4.13.0.1028.33 --- linux-meta-oem (4.13.0.1028.33) xenial; urgency=medium * Bump ABI 4.13.0-1028 linux-meta-oem (4.13.0.1027.32) xenial; urgency=medium * need to ensure microcode updates are available to all bare-metal installs of Ubuntu (LP: #1738259) - Make kernel image packages depend on cpu microcode updates linux-meta-oem (4.13.0.1027.31) xenial; urgency=medium * Bump ABI 4.13.0-1027 -- Stefan BaderFri, 18 May 2018 10:17:58 +0200 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-meta in Ubuntu. https://bugs.launchpad.net/bugs/1738259 Title: need to ensure microcode updates are available to all bare-metal installs of Ubuntu Status in linux-meta package in Ubuntu: Triaged Status in linux-meta-hwe package in Ubuntu: New Status in linux-meta-hwe-edge package in Ubuntu: New Status in linux-meta-lts-xenial package in Ubuntu: Fix Released Status in linux-meta-oem package in Ubuntu: Fix Released Status in linux-meta source package in Precise: New Status in linux-meta source package in Trusty: Fix Released Status in linux-meta source package in Xenial: Fix Released Status in linux-meta-hwe source package in Xenial: Fix Released Status in linux-meta-hwe-edge source package in Xenial: Fix Released Status in linux-meta-lts-xenial source package in Xenial: Fix Committed Status in linux-meta-oem source package in Xenial: Fix Released Status in linux-meta source package in Zesty: Invalid Status in linux-meta source package in Artful: Fix Released Status in linux-meta source package in Bionic: Triaged Bug description: From time to time, CPU vendors release updates to microcode that can be loaded into the CPU from the OS. For x86, we have these updates available in the archive as amd64-microcode and intel-microcode. Sometimes, these microcode updates have addressed security issues with the CPU. They almost certainly will again in the future. We should ensure that all users of Ubuntu on baremetal x86 receive these security updates, and have them applied to the CPU in early boot where at all feasible. Because these are hardware-dependent packages which we don't want to install except on baremetal (so: not in VMs or containers), the logical place to pull them into the system is via the kernel, so that only the kernel baremetal flavors pull them in. This is analogous to linux-firmware, which is already a dependency of the linux- image-{lowlatency,generic} metapackages, and whose contents are applied to the hardware by the kernel similar to microcode. So, please update the linux-image-{lowlatency,generic} metapackages to add a dependency on amd64-microcode [amd64], intel-microcode [amd64], and the corresponding hwe metapackages also. Please time this change to coincide with the next updates of the microcode packages in the archive. I believe we will also need to promote the *-microcode packages to main from restricted as part of this (again, by analogy with linux- firmware). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1738259/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1738259] Re: need to ensure microcode updates are available to all bare-metal installs of Ubuntu
This bug was fixed in the package linux-meta-oem - 4.15.0.1006.8 --- linux-meta-oem (4.15.0.1006.8) bionic; urgency=medium * Bump ABI 4.15.0-1006 linux-meta-oem (4.15.0.1005.7) bionic; urgency=medium * need to ensure microcode updates are available to all bare-metal installs of Ubuntu (LP: #1738259) - Make kernel image packages depend on cpu microcode updates linux-meta-oem (4.15.0.1005.6) bionic; urgency=medium * Bump ABI 4.15.0-1005 -- Stefan BaderFri, 18 May 2018 09:13:24 +0200 ** Changed in: linux-meta-oem (Ubuntu) Status: Invalid => Fix Released ** Changed in: linux-meta-oem (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-meta in Ubuntu. https://bugs.launchpad.net/bugs/1738259 Title: need to ensure microcode updates are available to all bare-metal installs of Ubuntu Status in linux-meta package in Ubuntu: Triaged Status in linux-meta-hwe package in Ubuntu: New Status in linux-meta-hwe-edge package in Ubuntu: New Status in linux-meta-lts-xenial package in Ubuntu: Fix Released Status in linux-meta-oem package in Ubuntu: Fix Released Status in linux-meta source package in Precise: New Status in linux-meta source package in Trusty: Fix Released Status in linux-meta source package in Xenial: Fix Released Status in linux-meta-hwe source package in Xenial: Fix Released Status in linux-meta-hwe-edge source package in Xenial: Fix Released Status in linux-meta-lts-xenial source package in Xenial: Fix Committed Status in linux-meta-oem source package in Xenial: Fix Released Status in linux-meta source package in Zesty: Invalid Status in linux-meta source package in Artful: Fix Released Status in linux-meta source package in Bionic: Triaged Bug description: From time to time, CPU vendors release updates to microcode that can be loaded into the CPU from the OS. For x86, we have these updates available in the archive as amd64-microcode and intel-microcode. Sometimes, these microcode updates have addressed security issues with the CPU. They almost certainly will again in the future. We should ensure that all users of Ubuntu on baremetal x86 receive these security updates, and have them applied to the CPU in early boot where at all feasible. Because these are hardware-dependent packages which we don't want to install except on baremetal (so: not in VMs or containers), the logical place to pull them into the system is via the kernel, so that only the kernel baremetal flavors pull them in. This is analogous to linux-firmware, which is already a dependency of the linux- image-{lowlatency,generic} metapackages, and whose contents are applied to the hardware by the kernel similar to microcode. So, please update the linux-image-{lowlatency,generic} metapackages to add a dependency on amd64-microcode [amd64], intel-microcode [amd64], and the corresponding hwe metapackages also. Please time this change to coincide with the next updates of the microcode packages in the archive. I believe we will also need to promote the *-microcode packages to main from restricted as part of this (again, by analogy with linux- firmware). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1738259/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1765564] Re: fsnotify: Fix fsnotify_mark_connector race
This bug was fixed in the package linux-azure - 4.15.0-1012.12 --- linux-azure (4.15.0-1012.12) bionic; urgency=medium * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Add versioned dependency for linux-base [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) linux-azure (4.15.0-1011.11) bionic; urgency=medium * linux-azure: 4.15.0-1011.11 -proposed tracker (LP: #1770294) * fsnotify: Fix fsnotify_mark_connector race (LP: #1765564) - fsnotify: Fix fsnotify_mark_connector race -- Stefan BaderWed, 16 May 2018 18:31:36 +0200 ** Changed in: linux-azure (Ubuntu Bionic) Status: In Progress => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 ** Changed in: linux-azure (Ubuntu Bionic) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-azure in Ubuntu. https://bugs.launchpad.net/bugs/1765564 Title: fsnotify: Fix fsnotify_mark_connector race Status in Linux: New Status in linux-azure package in Ubuntu: In Progress Status in linux-azure source package in Xenial: Fix Released Status in linux-azure source package in Bionic: Fix Released Bug description: On Azure we have had sporadic cases of soft lockups in fsnotify that may very well be mitigated by the following fix. The LKML thread is "kernel panics with 4.14.X". This should be applied to 4.13 and 4.15 versions of the linux-azure kernel, and possibly the 4.15 generic kernel in bionic as well. - fsnotify() acquires a reference to a fsnotify_mark_connector through the SRCU-protected pointer to_tell->i_fsnotify_marks. However, it appears that no precautions are taken in fsnotify_put_mark() to ensure that fsnotify() drops its reference to this fsnotify_mark_connector before assigning a value to its 'destroy_next' field. This can result in fsnotify_put_mark() assigning a value to a connector's 'destroy_next' field right before fsnotify() tries to traverse the linked list referenced by the connector's 'list' field. Since these two fields are members of the same union, this behavior results in a kernel
[Kernel-packages] [Bug 1765010] Re: Xenial update to 4.4.128 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1763630] Re: Unable to start docker application with B-KVM kernel
This bug was fixed in the package linux-kvm - 4.15.0-1010.10 --- linux-kvm (4.15.0-1010.10) bionic; urgency=medium [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-kvm (4.15.0-1009.9) bionic; urgency=medium * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * Unable to start docker application with B-KVM kernel (LP: #1763630) - kvm: [config] enable NF_NAT, NF_CONNTRACK - kvm: [config] enable IP_NF_TABLES * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel (LP: #1764975) - kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM} * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985) - kvm: [config] enable CONFIG_VMAP_STACK * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel (LP: #1766832) - kvm: [config] enable CONFIG_MODULE_UNLOAD [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderThu, 17 May 2018 10:30:53 +0200 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1763630 Title: Unable to start docker application with B-KVM kernel Status in linux-kvm package in Ubuntu: Fix Committed Status in linux-kvm source package in Bionic: Fix Released Bug description: Similar to bug 1760660, docker.io package installation on B-KVM will fail with: Setting up docker.io (17.03.2-0ubuntu5) ... Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details. invoke-rc.d: initscript docker, action "start" failed. ● docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2018-04-13
[Kernel-packages] [Bug 1764810] Re: Xenial: rfkill: fix missing return on rfkill_init
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764367] Re: Xenial update to 4.4.121 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764762] Re: Xenial update to 4.4.124 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764973] Re: Xenial update to 4.4.125 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764627] Re: Xenial update to 4.4.122 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1763630] Re: Unable to start docker application with B-KVM kernel
This bug was fixed in the package linux-kvm - 4.15.0-1010.10 --- linux-kvm (4.15.0-1010.10) bionic; urgency=medium [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-kvm (4.15.0-1009.9) bionic; urgency=medium * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * Unable to start docker application with B-KVM kernel (LP: #1763630) - kvm: [config] enable NF_NAT, NF_CONNTRACK - kvm: [config] enable IP_NF_TABLES * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel (LP: #1764975) - kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM} * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985) - kvm: [config] enable CONFIG_VMAP_STACK * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel (LP: #1766832) - kvm: [config] enable CONFIG_MODULE_UNLOAD [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderThu, 17 May 2018 10:30:53 +0200 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1763630 Title: Unable to start docker application with B-KVM kernel Status in linux-kvm package in Ubuntu: Fix Committed Status in linux-kvm source package in Bionic: Fix Released Bug description: Similar to bug 1760660, docker.io package installation on B-KVM will fail with: Setting up docker.io (17.03.2-0ubuntu5) ... Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details. invoke-rc.d: initscript docker, action "start" failed. ● docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2018-04-13 08:42:36 UTC; 10ms ago Docs: https://docs.docker.com Process: 1265 ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_OPTS (code=exited, status=1/FAILURE) Main PID: 1265 (code=exited, status=1/FAILURE) Apr 13 08:42:36 gummo dockerd[1265]:
[Kernel-packages] [Bug 1764666] Re: Xenial update to 4.4.123 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1764975] Re: test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel
This bug was fixed in the package linux-kvm - 4.15.0-1010.10 --- linux-kvm (4.15.0-1010.10) bionic; urgency=medium [ Ubuntu: 4.15.0-22.24 ] * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-kvm (4.15.0-1009.9) bionic; urgency=medium * linux-kvm: 4.15.0-1009.9 -proposed tracker (LP: #1767409) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * Unable to start docker application with B-KVM kernel (LP: #1763630) - kvm: [config] enable NF_NAT, NF_CONNTRACK - kvm: [config] enable IP_NF_TABLES * test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel (LP: #1764975) - kvm: [config] enable CONFIG_SLAB_FREELIST_{HARDENED,RANDOM} * linux-kvm 4.15 needs CONFIG_VMAP_STACK set (LP: #1764985) - kvm: [config] enable CONFIG_VMAP_STACK * test_140_kernel_modules_not_tainted in kernel security test failed with 4.15 kvm kernel (LP: #1766832) - kvm: [config] enable CONFIG_MODULE_UNLOAD [ Ubuntu: 4.15.0-21.22 ] * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderThu, 17 May 2018 10:30:53 +0200 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1764975 Title: test_078_SLAB_freelist_randomization failed on 4.15 KVM kernel Status in QA Regression Testing: Invalid Status in linux package in Ubuntu: Invalid Status in linux-kvm package in Ubuntu: Fix Committed Status in linux source package in Bionic: Invalid Status in linux-kvm source package in Bionic: Fix Released Bug description: test_078_SLAB_freelist_randomization from ubuntu_qrt_kernel_security_test has failed with 4.15.0-1004-kvm FAIL: test_078_SLAB_freelist_randomization (__main__.KernelSecurityTest) Ensure CONFIG_SLAB_FREELIST_RANDOM is set -- Traceback (most recent call last): File "./test-kernel-security.py", line 936, in test_078_SLAB_freelist_randomization
[Kernel-packages] [Bug 1764684] Re: Fix an issue that some PCI devices get incorrectly suspended
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1766398] Re: set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1766477] Re: Change the location for one of two front mics on a lenovo thinkcentre machine
This bug was fixed in the package linux-oem - 4.13.0-1028.31 --- linux-oem (4.13.0-1028.31) xenial; urgency=medium [ Ubuntu: 4.13.0-43.48 ] * CVE-2018-3639 (powerpc) - SAUCE: rfi-flush: update H_CPU_* macro names to upstream - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to upstream - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/64s: Allow control of RFI flush via debugfs - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/powernv: Set or clear security feature flags - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES - SAUCE: x86: Add alternative_msr_write - x86/nospec: Simplify alternative_msr_write() - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/msr: Add definitions for new speculation control MSRs - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux-oem (4.13.0-1027.30) xenial; urgency=medium * linux-oem: 4.13.0-1027.30 -proposed tracker (LP: #1769996) * set PINCFG_HEADSET_MIC to parse_flags for Dell precision 3630 (LP: #1766398) - ALSA: hda/realtek - set PINCFG_HEADSET_MIC to parse_flags * Change the location for one of two front mics on a lenovo thinkcentre machine (LP: #1766477) - ALSA: hda/realtek - adjust the location of one mic * Update btusb reset-resume quirk to decrease power usage (LP: #1766197) - SAUCE: Revert "usb: quirks: Add reset-resume quirk for Dell DW1820 QCA Rome Bluetooth" - Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking - Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table - Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table * Update Aquantia driver to fix various issues (LP: #1759303) - SAUCE: Revert "net: aquantia: Reset nic statistics on interface up/down" - SAUCE: Revert "net: aquantia: Add queue restarts stats counter" - SAUCE: Revert "net: aquantia: Fixed transient link up/down/up notification" - SAUCE: Revert "net: aquantia: Limit number of MSIX irqs to the number of cpus" - SAUCE: Revert "net: aquantia: mmio unmap was not performed on driver
[Kernel-packages] [Bug 1767133] Re: linux-image-4.15.0-20-generic install after upgrade from xenial breaks
This bug was fixed in the package linux-hwe-edge - 4.15.0-22.24~16.04.1 --- linux-hwe-edge (4.15.0-22.24~16.04.1) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.15.0-21.22) bionic; urgency=medium * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderTue, 15 May 2018 07:41:28 +0200 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1767133 Title: linux-image-4.15.0-20-generic install after upgrade from xenial breaks Status in linux package in Ubuntu: Fix Committed Status in linux-hwe-edge package in Ubuntu: Invalid Status in linux source package in Xenial: Invalid Status in linux-hwe-edge source package in Xenial: Fix Released Status in linux source package in Bionic: Fix Released Status in linux-hwe-edge source package in Bionic: Invalid Bug description: [Impact] Some upgrades from xenial to bionic break. [Test Case] Change sources.list from xenial to bionic, then apt install linux-image-4.15.0-20-generic. [Regression Potential] The kernel may be uninstallable if there is no linux-base with the appropriate version in the archive. When installing the linux-image-4.15.0-20-generic kernel from bionic on xenial breaks because of the unversioned Depends on linux-base. /var/lib/dpkg/info/linux-image-4.15.0-20-generic.postinst: 50: /var/lib/dpkg/info/linux-image-4.15.0-20-generic.postinst: linux-update-symlinks: not found dpkg: error processing package linux-image-4.15.0-20-generic (--configure): subprocess installed post-installation script returned error exit status 127 Errors were encountered while processing: linux-image-4.15.0-20-generic E: Sub-process /usr/bin/dpkg returned an error code (1) If the trigger is called, when some meta packages are installed, it won't happen. If all packages are upgraded, it's possible linux-base is going to be upgraded first, so the problem won't happen either. So, not all upgrades will be affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1767133/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe :
[Kernel-packages] [Bug 1766727] Re: initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04
This bug was fixed in the package linux - 4.15.0-22.24 --- linux (4.15.0-22.24) bionic; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit - stf-barrier: set eieio instruction bit 6 for future optimisations * CVE-2018-3639 (x86) - x86/nospec: Simplify alternative_msr_write() - x86/bugs: Concentrate bug detection into a separate function - x86/bugs: Concentrate bug reporting into a separate function - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - x86/bugs, KVM: Support the combination of guest and host IBRS - x86/bugs: Expose /sys/../spec_store_bypass - x86/cpufeatures: Add X86_FEATURE_RDS - x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - x86/bugs/intel: Set proper CPU features and setup RDS - x86/bugs: Whitelist allowed SPEC_CTRL MSR values - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - x86/speculation: Create spec-ctrl.h to avoid include hell - prctl: Add speculation control prctls - x86/process: Allow runtime control of Speculative Store Bypass - x86/speculation: Add prctl for Speculative Store Bypass mitigation - nospec: Allow getting/setting on non-current task - proc: Provide details on speculation flaw mitigations - seccomp: Enable speculation flaw mitigations - x86/bugs: Make boot modes __ro_after_init - prctl: Add force disable speculation - seccomp: Use PR_SPEC_FORCE_DISABLE - seccomp: Add filter flag to opt-out of SSB mitigation - seccomp: Move speculation migitation control to arch code - x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - x86/bugs: Rename _RDS to _SSBD - proc: Use underscores for SSBD in 'status' - Documentation/spec_ctrl: Do some minor cleanups - x86/bugs: Fix __ssb_select_mitigation() return type - x86/bugs: Make cpu_show_common() static * LSM Stacking prctl values should be redefined as to not collide with upstream prctls (LP: #1769263) // CVE-2018-3639 - SAUCE: LSM stacking: adjust prctl values linux (4.15.0-21.22) bionic; urgency=medium * linux: 4.15.0-21.22 -proposed tracker (LP: #1767397) * initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 (LP: #1766727) - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3) * linux-image-4.15.0-20-generic install after upgrade from xenial breaks (LP: #1767133) - Packaging: Depends on linux-base that provides the necessary tools * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2 (LP: #1766629) - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2) -- Stefan BaderTue, 15 May 2018 07:41:28 +0200 ** Changed in: linux (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-3639 ** Changed in: linux-hwe-edge (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1766727 Title: initramfs-tools exception during pm.DoInstall with do-release-upgrade from 16.04 to 18.04 Status in Ubuntu on IBM z Systems: Fix Released Status in initramfs-tools package in Ubuntu: Invalid Status in linux package in Ubuntu: Fix Committed Status in linux-hwe-edge package in Ubuntu: Fix Committed Status in s390-tools package in Ubuntu: Fix Released Status in ubuntu-release-upgrader package in Ubuntu: Invalid Status in initramfs-tools source package in Xenial: Invalid Status in linux source package in Xenial: New Status in linux-hwe-edge source package in Xenial: Fix Released Status in s390-tools source package in Xenial: Fix Released Status in ubuntu-release-upgrader source package in Xenial: Invalid Status in initramfs-tools source package in Bionic: Invalid Status in linux source package in Bionic: Fix Released Status in linux-hwe-edge source package in Bionic: Invalid Status in s390-tools source package in Bionic: Fix Released Status in ubuntu-release-upgrader source package in Bionic: Invalid Bug description: [Impact] Upgrades of linux-image-generic-hwe-16.04-edge will fail to configure because the post-update script for zipl will fail. [Test Case] Upgrade linux-image-generic-hwe-16.04-edge from xenial to xenial-proposed on s390x. [Regression] zipl update on s390x might fail, causing the system to be unbootable. Upgrading from 16.04 to 18.04 using 'do-release-upgrade -d' results in: Errors were encountered while processing: initramfs-tools Exception during pm.DoInstall(): E:Sub-process /usr/bin/dpkg