[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
** Changed in: linux (Ubuntu) Status: New => Incomplete ** Changed in: linux (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765007 Title: Xenial update to 4.4.127 stable release Status in linux package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Released Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.127 upstream stable stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.127 stable release shall be applied: * Linux 4.4.127 * Revert "ip6_vti: adjust vti mtu according to mtu of lower device" * net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized ndata" * spi: davinci: fix up dma_mapping_error() incorrect patch * Revert "mtip32xx: use runtime tag to initialize command header" * Revert "cpufreq: Fix governor module removal race" * Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" * Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" * Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()" * nospec: Kill array_index_nospec_mask_check() * nospec: Move array_index_nospec() parameter checking into separate macro * net: hns: Fix ethtool private flags * md/raid10: reset the 'first' at the end of loop * ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property * ARM: dts: dra7: Add power hold and power controller properties to palmas * Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition * vt: change SGR 21 to follow the standards * Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad * Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list * staging: comedi: ni_mio_common: ack ai fifo error interrupts. * fs/proc: Stop trying to report thread stacks * crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one * crypto: ahash - Fix early termination in hash walk * parport_pc: Add support for WCH CH382L PCI-E single parallel port card. * media: usbtv: prevent double free in error case * mei: remove dev_err message on an unsupported ioctl * USB: serial: cp210x: add ELDAT Easywave RX09 id * USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator * USB: serial: ftdi_sio: add RT Systems VX-8 cable * usb: dwc2: Improve gadget state disconnection handling * scsi: virtio_scsi: always read VPD pages for multiqueue too * llist: clang: introduce member_address_is_nonnull() * Bluetooth: Fix missing encryption refresh on Security Request * netfilter: x_tables: add and use xt_check_proc_name * netfilter: bridge: ebt_among: add more missing match size checks * xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems * net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() * RDMA/ucma: Introduce safer rdma_addr_size() variants * RDMA/ucma: Don't allow join attempts for unsupported AF family * RDMA/ucma: Check that device exists prior to accessing it * RDMA/ucma: Check that device is connected prior to access it * RDMA/ucma: Ensure that CM_ID exists prior to access it * RDMA/ucma: Fix use-after-free access in ucma_close * RDMA/ucma: Check AF family prior resolving address * xfrm_user: uncoditionally validate esn replay attribute struct * arm64: avoid overflow in VA_START and PAGE_OFFSET * selinux: Remove redundant check for unknown labeling behavior * netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch * tty: provide tty_name() even without CONFIG_TTY * audit: add tty field to LOGIN event * frv: declare jiffies to be located in the .data section * jiffies.h: declare jiffies and jiffies_64 with cacheline_aligned_in_smp * fs: compat: Remove warning from COMPATIBLE_IOCTL * selinux: Remove unnecessary check of array base in selinux_set_mapping() * cpumask: Add helper cpumask_available() * genirq: Use cpumask_available() for check of cpumask variable * netfilter: nf_nat_h323: fix logical-not-parentheses warning * Input: mousedev - fix implicit conversion warning * dm ioctl: remove double parentheses * PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant * writeback: fix the wrong congested stat
[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
This bug was fixed in the package linux - 4.4.0-127.153 --- linux (4.4.0-127.153) xenial; urgency=medium * CVE-2018-3639 (powerpc) - powerpc/pseries: Support firmware disable of RFI flush - powerpc/powernv: Support firmware disable of RFI flush - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again - powerpc/rfi-flush: Always enable fallback flush on pseries - powerpc/rfi-flush: Differentiate enabled and patched flush types - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags - powerpc: Add security feature flags for Spectre/Meltdown - powerpc/pseries: Set or clear security feature flags - powerpc/powernv: Set or clear security feature flags - powerpc/64s: Move cpu_show_meltdown() - powerpc/64s: Enhance the information in cpu_show_meltdown() - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() - powerpc/64s: Wire up cpu_show_spectre_v1() - powerpc/64s: Wire up cpu_show_spectre_v2() - powerpc/pseries: Fix clearing of security feature flags - powerpc: Move default security feature flags - powerpc/pseries: Restore default security feature flags on setup - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit * CVE-2018-3639 (x86) - SAUCE: Clean up IBPB and IBRS control functions and macros - SAUCE: Fix up IBPB and IBRS kernel parameters documentation - SAUCE: Remove #define X86_FEATURE_PTI - x86/cpufeature: Move some of the scattered feature bits to x86_capability - x86/cpufeature: Cleanup get_cpu_cap() - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf - x86/cpufeatures: Add Intel feature bits for Speculation Control - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf - x86/cpufeatures: Add AMD feature bits for Speculation Control - x86/msr: Add definitions for new speculation control MSRs - SAUCE: x86/msr: Rename MSR spec control feature bits - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support - x86/speculation: Add dependency - x86/cpufeatures: Clean up Spectre v2 related CPUID flags - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code - SAUCE: x86: Add alternative_msr_write - SAUCE: x86/nospec: Simplify alternative_msr_write() - SAUCE: x86/bugs: Concentrate bug detection into a separate function - SAUCE: x86/bugs: Concentrate bug reporting into a separate function - arch: Introduce post-init read-only memory - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits - SAUCE: x86/bugs, KVM: Support the combination of guest and host IBRS - SAUCE: x86/bugs: Expose /sys/../spec_store_bypass - SAUCE: x86/cpufeatures: Add X86_FEATURE_RDS - SAUCE: x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation - SAUCE: x86/bugs/intel: Set proper CPU features and setup RDS - SAUCE: x86/bugs: Whitelist allowed SPEC_CTRL MSR values - SAUCE: x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested - SAUCE: x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest - SAUCE: x86/speculation: Create spec-ctrl.h to avoid include hell - SAUCE: prctl: Add speculation control prctls - x86/process: Optimize TIF checks in __switch_to_xtra() - SAUCE: x86/process: Allow runtime control of Speculative Store Bypass - SAUCE: x86/speculation: Add prctl for Speculative Store Bypass mitigation - SAUCE: nospec: Allow getting/setting on non-current task - SAUCE: proc: Provide details on speculation flaw mitigations - SAUCE: seccomp: Enable speculation flaw mitigations - SAUCE: x86/bugs: Honour SPEC_CTRL default - SAUCE: x86/bugs: Make boot modes __ro_after_init - SAUCE: prctl: Add force disable speculation - SAUCE: seccomp: Use PR_SPEC_FORCE_DISABLE - selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC - SAUCE: seccomp: Add filter flag to opt-out of SSB mitigation - SAUCE: seccomp: Move speculation migitation control to arch code - SAUCE: x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass - SAUCE: x86/bugs: Rename _RDS to _SSBD - SAUCE: proc: Use underscores for SSBD in 'status' - SAUCE: Documentation/spec_ctrl: Do some minor cleanups - SAUCE: x86/bugs: Fix __ssb_select_mitigation() return type - SAUCE: x86/bugs: Make cpu_show_common() static
[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765007 Title: Xenial update to 4.4.127 stable release Status in linux package in Ubuntu: New Status in linux source package in Xenial: Fix Committed Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.127 upstream stable stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.127 stable release shall be applied: * Linux 4.4.127 * Revert "ip6_vti: adjust vti mtu according to mtu of lower device" * net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized ndata" * spi: davinci: fix up dma_mapping_error() incorrect patch * Revert "mtip32xx: use runtime tag to initialize command header" * Revert "cpufreq: Fix governor module removal race" * Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" * Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" * Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()" * nospec: Kill array_index_nospec_mask_check() * nospec: Move array_index_nospec() parameter checking into separate macro * net: hns: Fix ethtool private flags * md/raid10: reset the 'first' at the end of loop * ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property * ARM: dts: dra7: Add power hold and power controller properties to palmas * Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition * vt: change SGR 21 to follow the standards * Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad * Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list * staging: comedi: ni_mio_common: ack ai fifo error interrupts. * fs/proc: Stop trying to report thread stacks * crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one * crypto: ahash - Fix early termination in hash walk * parport_pc: Add support for WCH CH382L PCI-E single parallel port card. * media: usbtv: prevent double free in error case * mei: remove dev_err message on an unsupported ioctl * USB: serial: cp210x: add ELDAT Easywave RX09 id * USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator * USB: serial: ftdi_sio: add RT Systems VX-8 cable * usb: dwc2: Improve gadget state disconnection handling * scsi: virtio_scsi: always read VPD pages for multiqueue too * llist: clang: introduce member_address_is_nonnull() * Bluetooth: Fix missing encryption refresh on Security Request * netfilter: x_tables: add and use xt_check_proc_name * netfilter: bridge: ebt_among: add more missing match size checks * xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems * net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() * RDMA/ucma: Introduce safer rdma_addr_size() variants * RDMA/ucma: Don't allow join attempts for unsupported AF family * RDMA/ucma: Check that device exists prior to accessing it * RDMA/ucma: Check that device is connected prior to access it * RDMA/ucma: Ensure that CM_ID exists prior to access it * RDMA/ucma: Fix use-after-free access in ucma_close * RDMA/ucma: Check AF family prior resolving address * xfrm_user: uncoditionally validate esn replay attribute struct * arm64: avoid overflow in VA_START and PAGE_OFFSET * selinux: Remove redundant check for unknown labeling behavior * netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch * tty: provide tty_name() even without CONFIG_TTY * audit: add tty field to LOGIN event * frv: declare jiffies to be located in the .data section * jiffies.h: declare jiffies and jiffies_64 with cacheline_aligned_in_smp * fs: compat: Remove warning from COMPATIBLE_IOCTL * selinux: Remove unnecessary check of array base in selinux_set_mapping() * cpumask: Add helper cpumask_available() * genirq: Use cpumask_available() for check of cpumask variable * netfilter: nf_nat_h323: fix logical-not-parentheses warning * Input: mousedev - fix implicit conversion warning * dm ioctl: remove double parentheses * PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant * writeback: fix the wrong congested state variable definition * ACPI, PCI, irq: remove r
[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765007 Title: Xenial update to 4.4.127 stable release Status in linux package in Ubuntu: New Status in linux source package in Xenial: In Progress Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.127 upstream stable stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.127 stable release shall be applied: * Linux 4.4.127 * Revert "ip6_vti: adjust vti mtu according to mtu of lower device" * net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized ndata" * spi: davinci: fix up dma_mapping_error() incorrect patch * Revert "mtip32xx: use runtime tag to initialize command header" * Revert "cpufreq: Fix governor module removal race" * Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" * Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" * Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()" * nospec: Kill array_index_nospec_mask_check() * nospec: Move array_index_nospec() parameter checking into separate macro * net: hns: Fix ethtool private flags * md/raid10: reset the 'first' at the end of loop * ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property * ARM: dts: dra7: Add power hold and power controller properties to palmas * Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition * vt: change SGR 21 to follow the standards * Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad * Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list * staging: comedi: ni_mio_common: ack ai fifo error interrupts. * fs/proc: Stop trying to report thread stacks * crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one * crypto: ahash - Fix early termination in hash walk * parport_pc: Add support for WCH CH382L PCI-E single parallel port card. * media: usbtv: prevent double free in error case * mei: remove dev_err message on an unsupported ioctl * USB: serial: cp210x: add ELDAT Easywave RX09 id * USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator * USB: serial: ftdi_sio: add RT Systems VX-8 cable * usb: dwc2: Improve gadget state disconnection handling * scsi: virtio_scsi: always read VPD pages for multiqueue too * llist: clang: introduce member_address_is_nonnull() * Bluetooth: Fix missing encryption refresh on Security Request * netfilter: x_tables: add and use xt_check_proc_name * netfilter: bridge: ebt_among: add more missing match size checks * xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems * net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() * RDMA/ucma: Introduce safer rdma_addr_size() variants * RDMA/ucma: Don't allow join attempts for unsupported AF family * RDMA/ucma: Check that device exists prior to accessing it * RDMA/ucma: Check that device is connected prior to access it * RDMA/ucma: Ensure that CM_ID exists prior to access it * RDMA/ucma: Fix use-after-free access in ucma_close * RDMA/ucma: Check AF family prior resolving address * xfrm_user: uncoditionally validate esn replay attribute struct * arm64: avoid overflow in VA_START and PAGE_OFFSET * selinux: Remove redundant check for unknown labeling behavior * netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch * tty: provide tty_name() even without CONFIG_TTY * audit: add tty field to LOGIN event * frv: declare jiffies to be located in the .data section * jiffies.h: declare jiffies and jiffies_64 with cacheline_aligned_in_smp * fs: compat: Remove warning from COMPATIBLE_IOCTL * selinux: Remove unnecessary check of array base in selinux_set_mapping() * cpumask: Add helper cpumask_available() * genirq: Use cpumask_available() for check of cpumask variable * netfilter: nf_nat_h323: fix logical-not-parentheses warning * Input: mousedev - fix implicit conversion warning * dm ioctl: remove double parentheses * PCI
[Kernel-packages] [Bug 1765007] Re: Xenial update to 4.4.127 stable release
Skipped the following commits because they modify upstream's Spectre v1 code which we haven't pulled in (yet) with the 4.4.118 stable update: * nospec: Kill array_index_nospec_mask_check() * nospec: Move array_index_nospec() parameter checking into separate macro -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1765007 Title: Xenial update to 4.4.127 stable release Status in linux package in Ubuntu: New Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The 4.4.127 upstream stable stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the 4.4.127 stable release shall be applied: * Linux 4.4.127 * Revert "ip6_vti: adjust vti mtu according to mtu of lower device" * net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized ndata" * spi: davinci: fix up dma_mapping_error() incorrect patch * Revert "mtip32xx: use runtime tag to initialize command header" * Revert "cpufreq: Fix governor module removal race" * Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" * Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" * Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()" * nospec: Kill array_index_nospec_mask_check() * nospec: Move array_index_nospec() parameter checking into separate macro * net: hns: Fix ethtool private flags * md/raid10: reset the 'first' at the end of loop * ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property * ARM: dts: dra7: Add power hold and power controller properties to palmas * Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition * vt: change SGR 21 to follow the standards * Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad * Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list * staging: comedi: ni_mio_common: ack ai fifo error interrupts. * fs/proc: Stop trying to report thread stacks * crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one * crypto: ahash - Fix early termination in hash walk * parport_pc: Add support for WCH CH382L PCI-E single parallel port card. * media: usbtv: prevent double free in error case * mei: remove dev_err message on an unsupported ioctl * USB: serial: cp210x: add ELDAT Easywave RX09 id * USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator * USB: serial: ftdi_sio: add RT Systems VX-8 cable * usb: dwc2: Improve gadget state disconnection handling * scsi: virtio_scsi: always read VPD pages for multiqueue too * llist: clang: introduce member_address_is_nonnull() * Bluetooth: Fix missing encryption refresh on Security Request * netfilter: x_tables: add and use xt_check_proc_name * netfilter: bridge: ebt_among: add more missing match size checks * xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems * net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() * RDMA/ucma: Introduce safer rdma_addr_size() variants * RDMA/ucma: Don't allow join attempts for unsupported AF family * RDMA/ucma: Check that device exists prior to accessing it * RDMA/ucma: Check that device is connected prior to access it * RDMA/ucma: Ensure that CM_ID exists prior to access it * RDMA/ucma: Fix use-after-free access in ucma_close * RDMA/ucma: Check AF family prior resolving address * xfrm_user: uncoditionally validate esn replay attribute struct * arm64: avoid overflow in VA_START and PAGE_OFFSET * selinux: Remove redundant check for unknown labeling behavior * netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch * tty: provide tty_name() even without CONFIG_TTY * audit: add tty field to LOGIN event * frv: declare jiffies to be located in the .data section * jiffies.h: declare jiffies and jiffies_64 with cacheline_aligned_in_smp * fs: compat: Remove warning from COMPATIBLE_IOCTL * selinux: Remove unnecessary check of array base in selinux_set_mapping() * cpumask: Add helper cpumask_available() * genirq: Use cpumask_available() for check of cpumask variable * netfilter: nf_nat_h323: fix logical-not-parentheses warning * Input: mousedev - fix implicit conversion warning * dm ioctl: remove double parentheses * PCI: Make PCI_R
