Public bug reported: SRU Justification
Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The v4.14.18 upstream stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the v4.14.18 stable release shall be applied: scripts/faddr2line: fix CROSS_COMPILE unset error powerpc/64s: Wire up cpu_show_meltdown() powerpc/64s: Allow control of RFI flush via debugfs x86/retpoline: Remove the esp/rsp thunk KVM: x86: Make indirect calls in emulator speculation safe KVM: VMX: Make indirect call speculation safe module/retpoline: Warn about missing retpoline in module x86/cpufeatures: Add CPUID_7_EDX CPUID leaf x86/cpufeatures: Add Intel feature bits for Speculation Control x86/cpufeatures: Add AMD feature bits for Speculation Control x86/msr: Add definitions for new speculation control MSRs x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support x86/alternative: Print unadorned pointers x86/nospec: Fix header guards names x86/bugs: Drop one "mitigation" from dmesg x86/cpu/bugs: Make retpoline module warning conditional x86/cpufeatures: Clean up Spectre v2 related CPUID flags x86/retpoline: Simplify vmexit_fill_RSB() x86/speculation: Simplify indirect_branch_prediction_barrier() auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE iio: adc/accel: Fix up module licenses pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE KVM: nVMX: Eliminate vmcs02 pool KVM: VMX: introduce alloc_loaded_vmcs objtool: Improve retpoline alternative handling objtool: Add support for alternatives at the end of a section objtool: Warn on stripped section symbol x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP x86/spectre: Check CONFIG_RETPOLINE in command line parser x86/entry/64: Remove the SYSCALL64 fast path x86/entry/64: Push extra regs right away x86/asm: Move 'status' from thread_struct to thread_info Documentation: Document array_index_nospec array_index_nospec: Sanitize speculative array de-references x86: Implement array_index_mask_nospec x86: Introduce barrier_nospec x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec x86/get_user: Use pointer masking to limit speculation x86/syscall: Sanitize syscall table de-references under speculation vfs, fdtable: Prevent bounds-check bypass via speculative execution nl80211: Sanitize array index in parse_txq_params x86/spectre: Report get_user mitigation for spectre_v1 x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel x86/speculation: Use Indirect Branch Prediction Barrier in context switch x86/paravirt: Remove 'noreplace-paravirt' cmdline option KVM: VMX: make MSR bitmaps per-VCPU x86/kvm: Update spectre-v1 mitigation x86/retpoline: Avoid retpolines for built-in __init functions x86/spectre: Simplify spectre_v2 command line parsing x86/pti: Mark constant arrays as __initconst x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM/x86: Add IBPB support KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL serial: core: mark port as initialized after successful IRQ change fpga: region: release of_parse_phandle nodes after use Linux 4.14.18 ** Affects: linux (Ubuntu) Importance: Medium Assignee: Seth Forshee (sforshee) Status: In Progress ** Tags: kernel-stable-tracking-bug ** Tags added: kernel-stable-tracking-bug ** Description changed: + SRU Justification - SRU Justification + Impact: + The upstream process for stable tree updates is quite similar + in scope to the Ubuntu SRU process, e.g., each patch has to + demonstrably fix a bug, and each patch is vetted by upstream + by originating either directly from a mainline/stable Linux tree or + a minimally backported form of that patch. The v4.14.18 upstream stable + patch set is now available. It should be included in the Ubuntu + kernel as well. - Impact: - The upstream process for stable tree updates is quite similar - in scope to the Ubuntu SRU process, e.g., each patch has to - demonstrably fix a bug, and each patch is vetted by upstream - by originating either directly from a mainline/stable Linux tree or - a minimally backported form of that patch. The v4.14.18 upstream stable - patch set is now available. It should be included in the Ubuntu - kernel as well. + git://git.kernel.org/ - git://git.kernel.org/ + TEST CASE: TBD - TEST CASE: TBD + The following patches from the v4.14.18 stable release shall be + applied: - The following patches from the v4.14.18 stable release shall be - applied: + scripts/faddr2line: fix CROSS_COMPILE unset error + powerpc/64s: Wire up cpu_show_meltdown() + powerpc/64s: Allow control of RFI flush via debugfs + x86/retpoline: Remove the esp/rsp thunk + KVM: x86: Make indirect calls in emulator speculation safe + KVM: VMX: Make indirect call speculation safe + module/retpoline: Warn about missing retpoline in module + x86/cpufeatures: Add CPUID_7_EDX CPUID leaf + x86/cpufeatures: Add Intel feature bits for Speculation Control + x86/cpufeatures: Add AMD feature bits for Speculation Control + x86/msr: Add definitions for new speculation control MSRs + x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown + x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes + x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support + x86/alternative: Print unadorned pointers + x86/nospec: Fix header guards names + x86/bugs: Drop one "mitigation" from dmesg + x86/cpu/bugs: Make retpoline module warning conditional + x86/cpufeatures: Clean up Spectre v2 related CPUID flags + x86/retpoline: Simplify vmexit_fill_RSB() + x86/speculation: Simplify indirect_branch_prediction_barrier() + auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + iio: adc/accel: Fix up module licenses + pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE + KVM: nVMX: Eliminate vmcs02 pool + KVM: VMX: introduce alloc_loaded_vmcs + objtool: Improve retpoline alternative handling + objtool: Add support for alternatives at the end of a section + objtool: Warn on stripped section symbol + x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP + x86/spectre: Check CONFIG_RETPOLINE in command line parser + x86/entry/64: Remove the SYSCALL64 fast path + x86/entry/64: Push extra regs right away + x86/asm: Move 'status' from thread_struct to thread_info + Documentation: Document array_index_nospec + array_index_nospec: Sanitize speculative array de-references + x86: Implement array_index_mask_nospec + x86: Introduce barrier_nospec + x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec + x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} + x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec + x86/get_user: Use pointer masking to limit speculation + x86/syscall: Sanitize syscall table de-references under speculation + vfs, fdtable: Prevent bounds-check bypass via speculative execution + nl80211: Sanitize array index in parse_txq_params + x86/spectre: Report get_user mitigation for spectre_v1 + x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" + x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel + x86/speculation: Use Indirect Branch Prediction Barrier in context switch + x86/paravirt: Remove 'noreplace-paravirt' cmdline option + KVM: VMX: make MSR bitmaps per-VCPU + x86/kvm: Update spectre-v1 mitigation + x86/retpoline: Avoid retpolines for built-in __init functions + x86/spectre: Simplify spectre_v2 command line parsing + x86/pti: Mark constant arrays as __initconst + x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL + KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX + KVM/x86: Add IBPB support + KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES + KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL + KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL + serial: core: mark port as initialized after successful IRQ change + fpga: region: release of_parse_phandle nodes after use + Linux 4.14.18 ** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => Seth Forshee (sforshee) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1748070 Title: Bionic update to v4.14.18 stable release Status in linux package in Ubuntu: In Progress Bug description: SRU Justification Impact: The upstream process for stable tree updates is quite similar in scope to the Ubuntu SRU process, e.g., each patch has to demonstrably fix a bug, and each patch is vetted by upstream by originating either directly from a mainline/stable Linux tree or a minimally backported form of that patch. The v4.14.18 upstream stable patch set is now available. It should be included in the Ubuntu kernel as well. git://git.kernel.org/ TEST CASE: TBD The following patches from the v4.14.18 stable release shall be applied: scripts/faddr2line: fix CROSS_COMPILE unset error powerpc/64s: Wire up cpu_show_meltdown() powerpc/64s: Allow control of RFI flush via debugfs x86/retpoline: Remove the esp/rsp thunk KVM: x86: Make indirect calls in emulator speculation safe KVM: VMX: Make indirect call speculation safe module/retpoline: Warn about missing retpoline in module x86/cpufeatures: Add CPUID_7_EDX CPUID leaf x86/cpufeatures: Add Intel feature bits for Speculation Control x86/cpufeatures: Add AMD feature bits for Speculation Control x86/msr: Add definitions for new speculation control MSRs x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support x86/alternative: Print unadorned pointers x86/nospec: Fix header guards names x86/bugs: Drop one "mitigation" from dmesg x86/cpu/bugs: Make retpoline module warning conditional x86/cpufeatures: Clean up Spectre v2 related CPUID flags x86/retpoline: Simplify vmexit_fill_RSB() x86/speculation: Simplify indirect_branch_prediction_barrier() auxdisplay: img-ascii-lcd: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE iio: adc/accel: Fix up module licenses pinctrl: pxa: pxa2xx: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE KVM: nVMX: Eliminate vmcs02 pool KVM: VMX: introduce alloc_loaded_vmcs objtool: Improve retpoline alternative handling objtool: Add support for alternatives at the end of a section objtool: Warn on stripped section symbol x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP x86/spectre: Check CONFIG_RETPOLINE in command line parser x86/entry/64: Remove the SYSCALL64 fast path x86/entry/64: Push extra regs right away x86/asm: Move 'status' from thread_struct to thread_info Documentation: Document array_index_nospec array_index_nospec: Sanitize speculative array de-references x86: Implement array_index_mask_nospec x86: Introduce barrier_nospec x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec x86/get_user: Use pointer masking to limit speculation x86/syscall: Sanitize syscall table de-references under speculation vfs, fdtable: Prevent bounds-check bypass via speculative execution nl80211: Sanitize array index in parse_txq_params x86/spectre: Report get_user mitigation for spectre_v1 x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel x86/speculation: Use Indirect Branch Prediction Barrier in context switch x86/paravirt: Remove 'noreplace-paravirt' cmdline option KVM: VMX: make MSR bitmaps per-VCPU x86/kvm: Update spectre-v1 mitigation x86/retpoline: Avoid retpolines for built-in __init functions x86/spectre: Simplify spectre_v2 command line parsing x86/pti: Mark constant arrays as __initconst x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL KVM/x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM/x86: Add IBPB support KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL serial: core: mark port as initialized after successful IRQ change fpga: region: release of_parse_phandle nodes after use Linux 4.14.18 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748070/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp