[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Tags added: cscc -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Released Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Released Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
That already in the current cosmic kernel: $ git log --oneline | grep "Check if IOMMU page is contained in the pinned physical page" 76fa497 KVM: PPC: Check if IOMMU page is contained in the pinned physical page $ git tag --contains 76fa497 Ubuntu-4.18.0-7.8 Ubuntu-4.18.0-8.9 Ubuntu-4.18.0-9.10 v4.18 So can be marked as Fix Released for cosmic. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Released Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Released Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: linux (Ubuntu) Status: Fix Committed => Fix Released ** Changed in: ubuntu-power-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Released Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Released Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
This bug was fixed in the package linux - 4.15.0-36.39 --- linux (4.15.0-36.39) bionic; urgency=medium * CVE-2018-14633 - iscsi target: Use hex2bin instead of a re-implementation * CVE-2018-17182 - mm: get rid of vmacache_flush_all() entirely linux (4.15.0-35.38) bionic; urgency=medium * linux: 4.15.0-35.38 -proposed tracker (LP: #1791719) * device hotplug of vfio devices can lead to deadlock in vfio_pci_release (LP: #1792099) - SAUCE: vfio -- release device lock before userspace requests * L1TF mitigation not effective in some CPU and RAM combinations (LP: #1788563) - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit - x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ * CVE-2018-15594 - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests * CVE-2017-5715 (Spectre v2 s390x) - KVM: s390: implement CPU model only facilities - s390: detect etoken facility - KVM: s390: add etoken support for guests - s390/lib: use expoline for all bcr instructions - s390: fix br_r1_trampoline for machines without exrl - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state disabled (performance) (LP: #1790602) - cpuidle: powernv: Fix promotion from snooze if next state disabled * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636) - powerpc: hard disable irqs in smp_send_stop loop - powerpc: Fix deadlock with multiple calls to smp_send_stop - powerpc: smp_send_stop do not offline stopped CPUs - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled * Security fix: check if IOMMU page is contained in the pinned physical page (LP: #1785675) - vfio/spapr: Use IOMMU pageshift rather than pagesize - KVM: PPC: Check if IOMMU page is contained in the pinned physical page * Missing Intel GPU pci-id's (LP: #1789924) - drm/i915/kbl: Add KBL GT2 sku - drm/i915/whl: Introducing Whiskey Lake platform - drm/i915/aml: Introducing Amber Lake platform - drm/i915/cfl: Add a new CFL PCI ID. * CVE-2018-15572 - x86/speculation: Protect against userspace-userspace spectreRSB * Support Power Management for Thunderbolt Controller (LP: #1789358) - thunderbolt: Handle NULL boot ACL entries properly - thunderbolt: Notify userspace when boot_acl is changed - thunderbolt: Use 64-bit DMA mask if supported by the platform - thunderbolt: Do not unnecessarily call ICM get route - thunderbolt: No need to take tb->lock in domain suspend/complete - thunderbolt: Use correct ICM commands in system suspend - thunderbolt: Add support for runtime PM * random oopses on s390 systems using NVMe devices (LP: #1790480) - s390/pci: fix out of bounds access during irq setup * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support for arm64 using SMC firmware call to set a hardware chicken bit (LP: #1787993) // CVE-2018-3639 (arm64) - arm64: alternatives: Add dynamic patching feature - KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state - KVM: arm64: Avoid storing the vcpu pointer on the stack - arm/arm64: smccc: Add SMCCC-specific return codes - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 - arm64: Add ARCH_WORKAROUND_2 probing - arm64: Add 'ssbd' command-line option - arm64: ssbd: Add global mitigation state accessor - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation - arm64: ssbd: Restore mitigation status on CPU resume - arm64: ssbd: Introduce thread flag to control userspace mitigation - arm64: ssbd: Add prctl interface for per-thread mitigation - arm64: KVM: Add HYP per-cpu accessors - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID - [Config] ARM64_SSBD=y * Reconcile hns3 SAUCE patches with upstream (LP: #1787477) - Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching process" - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown message" - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF response" - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for hclge_get_ring_chain_from_mbx" - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx" - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default assignment probelm" - Revert "UBUNTU: SAUCE: {topost} net: hns3:
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
--- Comment From gwal...@br.ibm.com 2018-09-19 22:01 EDT--- Hi Canonical, I tested the latest kernel 4.15.0-35 and 4.15.0-34 for comparison and both got similar results with a full stress-ng test by stress-ng in the GUEST and the HOST running the 4.15.0-35 kernel. eg. command for stress: $ stress-ng --all $(nproc) --vm-bytes 80% --aggressive --maximize --oomable --timeout 300 --verify --syslog --metrics --times ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Committed Status in linux package in Ubuntu: Fix Committed Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed- bionic'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Committed Status in linux package in Ubuntu: Fix Committed Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: linux (Ubuntu) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Committed Status in linux package in Ubuntu: Fix Committed Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: ubuntu-power-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Fix Committed Status in linux package in Ubuntu: Fix Committed Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: linux (Ubuntu Bionic) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
https://lists.ubuntu.com/archives/kernel-team/2018-August/095103.html ** Description changed: + + == SRU Justification == + IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. + This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires + mainline commit 1463edca6734 as a prereq. + + Both these commits have already been cc'd to upstream stable, but they + have not landed in Bionic as of yet. + + == Fixes == + 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") + 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") + + == Regression Potential == + Low. These commits have also been sent to upstream stable, so have had + additional upstream review. + + == Test Case == + A test kernel was built with these patches and tested by the original bug reporter. + The bug reporter states the test kernel resolved the bug. + + + + == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == SRU Justification == IBM is requesting commit 76fa4975f3ed in powerpc as a security fix. This commit Fixes: 121f80ba68f1. Commit 76fa4975f3ed also requires mainline commit 1463edca6734 as a prereq. Both these commits have already been cc'd to upstream stable, but they have not landed in Bionic as of yet. == Fixes == 1463edca6734 ("vfio/spapr: Use IOMMU pageshift rather than pagesize") 76fa4975f3ed ("KVM: PPC: Check if IOMMU page is contained in the pinned physical page") == Regression Potential == Low. These commits have also been sent to upstream stable, so have had additional upstream review. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
Thanks for testing. I'll submit an SRU request. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: linux (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => Canonical Kernel Team (canonical-kernel-team) ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: ubuntu-power-systems Status: Triaged => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
I built a test kernel with commit 76fa4975f3ed. It required commit 1463edca6734d as a prereq. The test kernel can be downloaded from: http://kernel.ubuntu.com/~jsalisbury/lp1785675 Can you test this kernel and see if it resolves this bug? Note about installing test kernels: * If the test kernel is prior to 4.15(Bionic) you need to install the linux-image and linux-image-extra .deb packages. * If the test kernel is 4.15(Bionic) or newer, you need to install the linux-modules, linux-modules-extra and linux-image-unsigned .deb packages. Thanks in advance! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Triaged Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: ubuntu-power-systems Status: New => Triaged -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: Triaged Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Bionic) Importance: Undecided => Critical ** Changed in: linux (Ubuntu Bionic) Status: New => Triaged ** Changed in: linux (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Changed in: linux (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: Triaged Status in linux source package in Bionic: Triaged Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1785675] Re: Security fix: check if IOMMU page is contained in the pinned physical page
** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team) ** Changed in: ubuntu-power-systems Importance: Undecided => Critical ** Tags added: triage-g -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1785675 Title: Security fix: check if IOMMU page is contained in the pinned physical page Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: New Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-08-06 12:27:59 == Please, add the following security fix to the distro kernel: 76fa4975f3ed KVM: PPC: Check if IOMMU page is contained in the pinned physical page Also already available in the 4.14 stable tree: 58113603a4ea KVM: PPC: Check if IOMMU page is contained in the pinned physical page And in the 4.17 stable tree: 970e28cb2c7a KVM: PPC: Check if IOMMU page is contained in the pinned physical page To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1785675/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp