[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Tags removed: verification-needed-cosmic
** Tags added: verification-done-cosmic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Changed in: ubuntu-power-systems
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
This bug was fixed in the package linux - 4.18.0-11.12
---
linux (4.18.0-11.12) cosmic; urgency=medium
* linux: 4.18.0-11.12 -proposed tracker (LP: #1799445)
* arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271
reserve_memblock_reserved_regions (LP: #1797139)
- SAUCE: arm64: Fix /proc/iomem for reserved but not memory regions
* arm64: snapdragon: WARNING: CPU: 0 PID: 1 at drivers/irqchip/irq-gic.c:1016
gic_irq_domain_translate (LP: #1797143)
- SAUCE: arm64: dts: msm8916: camms: fix gic_irq_domain_translate warnings
* The front MIC can't work on the Lenovo M715 (LP: #1797292)
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
* Provide mode where all vCPUs on a core must be the same VM (LP: #1792957)
- KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core must be the
same
VM
* fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
- SAUCE: fscache: Fix race in decrementing refcount of op->npages
* hns3: autoneg settings get lost on down/up (LP: #1797654)
- net: hns3: Fix for information of phydev lost problem when down/up
* not able to unwind the stack from within __kernel_clock_gettime in the Linux
vDSO (LP: #1797963)
- powerpc/vdso: Correct call frame information
* Signal 7 error when running GPFS tracing in cluster (LP: #1792195)
- powerpc/mm/books3s: Add new pte bit to mark pte temporarily invalid.
- powerpc/mm/radix: Only need the Nest MMU workaround for R -> RW transition
* Support Edge Gateway's WIFI LED (LP: #1798330)
- SAUCE: mwifiex: Switch WiFi LED state according to the device status
* Support Edge Gateway's Bluetooth LED (LP: #1798332)
- SAUCE: Bluetooth: Support for LED on Edge Gateways
* kvm doesn't work on 36 physical bits systems (LP: #1798427)
- KVM: x86: fix L1TF's MMIO GFN calculation
* CVE-2018-15471
- xen-netback: fix input validation in xenvif_set_hash_mapping()
* regression in 'ip --family bridge neigh' since linux v4.12 (LP: #1796748)
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header
-- Stefan Bader Tue, 23 Oct 2018 18:59:15
+0200
** Changed in: linux (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Released
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
This bug was fixed in the package linux - 4.15.0-39.42 --- linux (4.15.0-39.42) bionic; urgency=medium * linux: 4.15.0-39.42 -proposed tracker (LP: #1799411) * Linux: insufficient shootdown for paging-structure caches (LP: #1798897) - mm: move tlb_table_flush to tlb_flush_mmu_free - mm/tlb: Remove tlb_remove_table() non-concurrent condition - mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE - [Config] CONFIG_HAVE_RCU_TABLE_INVALIDATE=y * Ubuntu18.04: GPU total memory is reduced (LP: #1792102) - Revert "powerpc/powernv: Increase memory block size to 1GB on radix" * arm64: snapdragon: reduce boot noise (LP: #1797154) - [Config] arm64: snapdragon: DRM_MSM=m - [Config] arm64: snapdragon: SND*=m - [Config] arm64: snapdragon: disable ARM_SDE_INTERFACE - [Config] arm64: snapdragon: disable DRM_I2C_ADV7511_CEC - [Config] arm64: snapdragon: disable VIDEO_ADV7511, VIDEO_COBALT * [Bionic] CPPC bug fixes (LP: #1796949) - ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id - cpufreq: CPPC: Don't set transition_latency - ACPI / CPPC: Fix invalid PCC channel status errors * regression in 'ip --family bridge neigh' since linux v4.12 (LP: #1796748) - rtnetlink: fix rtnl_fdb_dump() for ndmsg header * screen displays abnormally on the lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca, 1002:15dd) (LP: #1796786) - drm/amd/display: Fix takover from VGA mode - drm/amd/display: early return if not in vga mode in disable_vga - drm/amd/display: Refine disable VGA * arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271 reserve_memblock_reserved_regions (LP: #1797139) - SAUCE: arm64: Fix /proc/iomem for reserved but not memory regions * The front MIC can't work on the Lenovo M715 (LP: #1797292) - ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 * Keyboard backlight sysfs sometimes is missing on Dell laptops (LP: #1797304) - platform/x86: dell-smbios: Correct some style warnings - platform/x86: dell-smbios: Rename dell-smbios source to dell-smbios-base - platform/x86: dell-smbios: Link all dell-smbios-* modules together - [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y * rpi3b+: ethernet not working (LP: #1797406) - lan78xx: Don't reset the interface on open * 87cdf3148b11 was never backported to 4.15 (LP: #1795653) - xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto * [Ubuntu18.04][Power9][DD2.2]package installation segfaults inside debian chroot env in P9 KVM guest with HTM enabled (kvm) (LP: #1792501) - KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds * Provide mode where all vCPUs on a core must be the same VM (LP: #1792957) - KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core must be the same VM * fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314) - SAUCE: fscache: Fix race in decrementing refcount of op->npages * CVE-2018-9363 - Bluetooth: hidp: buffer overflow in hidp_process_report * CVE-2017-13168 - scsi: sg: mitigate read/write abuse * [Bionic] ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set (LP: #1797200) - ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set * [Bionic] arm64: topology: Avoid checking numa mask for scheduler MC selection (LP: #1797202) - arm64: topology: Avoid checking numa mask for scheduler MC selection * crypto/vmx - Backport of Fix sleep-in-atomic bugs patch for 18.04 (LP: #1790832) - crypto: vmx - Fix sleep-in-atomic bugs * hns3: autoneg settings get lost on down/up (LP: #1797654) - net: hns3: Fix for information of phydev lost problem when down/up * not able to unwind the stack from within __kernel_clock_gettime in the Linux vDSO (LP: #1797963) - powerpc/vdso: Correct call frame information * Signal 7 error when running GPFS tracing in cluster (LP: #1792195) - powerpc/mm/books3s: Add new pte bit to mark pte temporarily invalid. - powerpc/mm/radix: Only need the Nest MMU workaround for R -> RW transition * Support Edge Gateway's WIFI LED (LP: #1798330) - SAUCE: mwifiex: Switch WiFi LED state according to the device status * Support Edge Gateway's Bluetooth LED (LP: #1798332) - SAUCE: Bluetooth: Support for LED on Edge Gateways * USB cardreader (0bda:0328) make the system can't enter s3 or hang (LP: #1798328) - usb: Don't disable Latency tolerance Messaging (LTM) before port reset * CVE-2018-15471 - xen-netback: fix input validation in xenvif_set_hash_mapping() * CVE-2018-16658 - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status * [Bionic] Update ThunderX2 implementation defined pmu core events (LP: #1796904) - perf vendor events arm64: Update ThunderX2
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
Thanks Breno. Changing bionic verification tag to done.
Is the cosmic -proposed kernel also ok?
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
Fix Committed
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
Hello IBM,
Could you please verify if the Bionic and Cosmic kernels currently in
-proposed resolves the issue?
Thank you.
** Changed in: linux (Ubuntu Cosmic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
Fix Committed
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
bionic' to 'verification-done-bionic'. If the problem still exists,
change the tag 'verification-needed-bionic' to 'verification-failed-
bionic'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: verification-needed-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
cosmic' to 'verification-done-cosmic'. If the problem still exists,
change the tag 'verification-needed-cosmic' to 'verification-failed-
cosmic'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: verification-needed-cosmic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
Hi Breno,
That is correct.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Changed in: linux (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
hi Joseph,
I understand this patch will make the next SRU, correct?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
In Progress
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
SRU request submitted:
https://lists.ubuntu.com/archives/kernel-team/2018-October/095982.html
** Description changed:
+ == SRU Justification ==
+ This patch has been requested by IBM. It provides a mode where all vCPUs
+ on a core must be the same VM. This is intended for use in
+ security-conscious settings where users are concerned about possible
+ side-channel attacks between threads which could perhaps enable one VM
+ to attack another VM on the same core, or the host.
+
+ == Fix ==
+ linux-next commit:
+ aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
+
+
+ == Regression Potential ==
+ Low. Changes limited to powerpc.
+
+ == Test Case ==
+ A test kernel was built with this patch and tested by the original bug
reporter.
+ The bug reporter states the test kernel resolved the bug.
+
+
+
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users are
concerned about possible side-channel attacks between threads which
could perhaps enable one VM to attack another VM on the same core, or
the host.
** Also affects: linux (Ubuntu Cosmic)
Importance: Medium
Assignee: Joseph Salisbury (jsalisbury)
Status: In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1792957
Title:
Provide mode where all vCPUs on a core must be the same VM
Status in The Ubuntu-power-systems project:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
In Progress
Status in linux source package in Cosmic:
In Progress
Bug description:
== SRU Justification ==
This patch has been requested by IBM. It provides a mode where all vCPUs
on a core must be the same VM. This is intended for use in
security-conscious settings where users are concerned about possible
side-channel attacks between threads which could perhaps enable one VM
to attack another VM on the same core, or the host.
== Fix ==
linux-next commit:
aa2278644ae5 ("KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core
must be the same VM")
== Regression Potential ==
Low. Changes limited to powerpc.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Comment: #0 - Leonardo Augusto Guimaraes Garcia -
2018-09-13 07:12:48 ==
+++ This bug was initially created as a clone of Bug #171443 +++
Please, add the following patch:
http://patchwork.ozlabs.org/patch/968786/
which adds a mode where all vCPUs on a core must be the same VM on
POWER8 and POWER9.
This is intended for use in security-conscious settings where users
are concerned about possible side-channel attacks between threads
which could perhaps enable one VM to attack another VM on the same
core, or the host.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
Hi Joseph, > I built a test kernel with the requested commit. > The test kernel can be downloaded from: > http://kernel.ubuntu.com/~jsalisbury/lp1792957 > > Can you test this kernel and see if it resolves this bug? I tested this kernel in the following scenarios: - Booted the host on a P9 machine and started an 18.04 guest using the default parameters. - Removed the kvm_hv module and reinstalled it using the 'one_vm_per_core' parameter, shut down the 18.04 guest and restarted it. ➜ ~ sudo virsh destroy breno-1804 ➜ ~ sudo rmmod kvm_hv ➜ ~ sudo modprobe kvm_hv one_vm_per_core=1 ➜ ~ sudo virsh start --console breno-1804 On both guests I ran sysbench, as: breno@ubuntu:~$ sysbench --threads=16 cpu run sysbench 1.0.11 (using system LuaJIT 2.1.0-beta3) Running the test with following options: breno@ubuntu:~$ sysbench --threads=16 cpu run Number of threads: 16 Initializing random number generator from current time Prime numbers limit: 1 Initializing worker threads... Threads started! CPU speed: events per second: 33648.49 . Everything worked fine. I think this patch is good to get accepted. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792957 Title: Provide mode where all vCPUs on a core must be the same VM Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-09-13 07:12:48 == +++ This bug was initially created as a clone of Bug #171443 +++ Please, add the following patch: http://patchwork.ozlabs.org/patch/968786/ which adds a mode where all vCPUs on a core must be the same VM on POWER8 and POWER9. This is intended for use in security-conscious settings where users are concerned about possible side-channel attacks between threads which could perhaps enable one VM to attack another VM on the same core, or the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Changed in: ubuntu-power-systems Status: New => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792957 Title: Provide mode where all vCPUs on a core must be the same VM Status in The Ubuntu-power-systems project: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-09-13 07:12:48 == +++ This bug was initially created as a clone of Bug #171443 +++ Please, add the following patch: http://patchwork.ozlabs.org/patch/968786/ which adds a mode where all vCPUs on a core must be the same VM on POWER8 and POWER9. This is intended for use in security-conscious settings where users are concerned about possible side-channel attacks between threads which could perhaps enable one VM to attack another VM on the same core, or the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
I built a test kernel with the requested commit. The test kernel can be downloaded from: http://kernel.ubuntu.com/~jsalisbury/lp1792957 Can you test this kernel and see if it resolves this bug? Note about installing test kernels: • If the test kernel is prior to 4.15(Bionic) you need to install the linux-image and linux-image-extra .deb packages. • If the test kernel is 4.15(Bionic) or newer, you need to install the linux-modules, linux-modules-extra and linux-image-unsigned .deb packages. Thanks in advance! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792957 Title: Provide mode where all vCPUs on a core must be the same VM Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-09-13 07:12:48 == +++ This bug was initially created as a clone of Bug #171443 +++ Please, add the following patch: http://patchwork.ozlabs.org/patch/968786/ which adds a mode where all vCPUs on a core must be the same VM on POWER8 and POWER9. This is intended for use in security-conscious settings where users are concerned about possible side-channel attacks between threads which could perhaps enable one VM to attack another VM on the same core, or the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: linux (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => Joseph Salisbury (jsalisbury) ** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Bionic) Status: New => In Progress ** Changed in: linux (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792957 Title: Provide mode where all vCPUs on a core must be the same VM Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-09-13 07:12:48 == +++ This bug was initially created as a clone of Bug #171443 +++ Please, add the following patch: http://patchwork.ozlabs.org/patch/968786/ which adds a mode where all vCPUs on a core must be the same VM on POWER8 and POWER9. This is intended for use in security-conscious settings where users are concerned about possible side-channel attacks between threads which could perhaps enable one VM to attack another VM on the same core, or the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1792957] Re: Provide mode where all vCPUs on a core must be the same VM
** Package changed: kernel-package (Ubuntu) => linux (Ubuntu) ** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Importance: Undecided => Medium ** Changed in: ubuntu-power-systems Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1792957 Title: Provide mode where all vCPUs on a core must be the same VM Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: New Bug description: == Comment: #0 - Leonardo Augusto Guimaraes Garcia - 2018-09-13 07:12:48 == +++ This bug was initially created as a clone of Bug #171443 +++ Please, add the following patch: http://patchwork.ozlabs.org/patch/968786/ which adds a mode where all vCPUs on a core must be the same VM on POWER8 and POWER9. This is intended for use in security-conscious settings where users are concerned about possible side-channel attacks between threads which could perhaps enable one VM to attack another VM on the same core, or the host. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1792957/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
