[Bug 1742772] Re: powerpc: flush L1D on return to use
This bug was fixed in the package linux - 3.13.0-142.191 --- linux (3.13.0-142.191) trusty; urgency=medium * linux: 3.13.0-142.191 -proposed tracker (LP: #1746900) * CVE-2017-17806 - crypto: hmac - require that the underlying hash algorithm is unkeyed * CVE-2017-18017 - netfilter: xt_TCPMSS: add more sanity tests on tcph->doff * CVE-2017-17450 - netfilter: xt_osf: Add missing permission checks * CVE-2018-5344 - loop: fix concurrent lo_open/lo_release * CVE-2017-5715 (Spectre v2 embargoed) // CVE-2017-5753 (Spectre v1 embargoed) - x86/asm/msr: Make wrmsrl_safe() a function * CVE-2017-1000407 - KVM: VMX: remove I/O port 0x80 bypass on Intel hosts * CVE-2017-0861 - ALSA: pcm: prevent UAF in snd_pcm_info * CVE-2017-14051 - scsi: qla2xxx: Fix an integer overflow in sysfs code * CVE-2017-15868 - Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket * CVE-2018-5333 - RDS: null pointer dereference in rds_atomic_free_op * powerpc: flush L1D on return to use (LP: #1742772) // CVE-2017-5754 (Meltdown) - SAUCE: powerpc: Prevent Meltdown attack with L1-D$ flush - SAUCE: powerpc: Remove dead code in sycall entry - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing - SAUCE: rfi-flush: Fallback flush add load dependency - SAUCE: rfi-flush: Fix the 32-bit KVM build - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code - SAUCE: rfi-flush: Make the fallback robust against memory corruption - SAUCE: powerpc/kernel: Does not use sync - SAUCE: rfi-flush: Factor out init_fallback_flush() - SAUCE: rfi-flush: Make setup_rfi_flush() not __init - SAUCE: rfi-flush: Move the logic to avoid a redo into the sysfs code - SAUCE: rfi-flush: Make it possible to call setup_rfi_flush() again - SAUCE: rfi-flush: Call setup_rfi_flush() after LPM migration - SAUCE: rfi-flush: Fix fallback on distros using bootmem - SAUCE: rfi-flush: fix package build error (unused variable limit) - SAUCE: rfi-flush: Fix kernel package build using bootmem - SAUCE: rfi-flush: Move rfi_flush_fallback_area to end of paca - SAUCE: rfi-flush: Fix rename of pseries_setup_rfi_flush() - SAUCE: rfi-flush: Mark DEBUG_RFI as BROKEN - SAUCE: rfi-flush: Switch to new linear fallback flush - SAUCE: powerpc/kernel: Remove unused variable - SAUCE: powerpc/kernel: Fix typo on variable - SAUCE: powerpc/kernel: Fix instructions usage - SAUCE: powerpc/kernel: Define PACA_L1D_FLUSH_SIZE - SAUCE: rfi-flush: Fix for kernel crash. * upload urgency should be medium by default (LP: #1745338) - [Packaging] update urgency to medium by default * CVE-2017-12190 - fix unbalanced page refcounting in bio_map_user_iov - more bio_map_user_iov() leak fixes * CVE-2017-15274 - KEYS: fix dereferencing NULL payload with nonzero length * CVE-2017-14140 - Sanitize 'move_pages()' permission checks * CVE-2017-15115 - sctp: do not peel off an assoc from one netns to another one * CVE-2017-14489 - scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly * CVE-2017-12153 - nl80211: check for the required netlink attributes presence * CVE-2017-16525 - USB: serial: console: fix use-after-free after failed setup - USB: serial: console: fix use-after-free on disconnect * CVE-2017-7542 - ipv6: avoid overflow of offset in ip6_find_1stfragopt - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() * CVE-2017-15102 - usb: misc: legousbtower: Fix NULL pointer deference * CVE-2017-12192 - KEYS: prevent KEYCTL_READ on negative key * CVE-2017-14156 - video: fbdev: aty: do not leak uninitialized padding in clk to userspace * CVE-2017-5669 - ipc/shm: Fix shmat mmap nil-page protection * CVE-2017-0750 - f2fs: do more integrity verification for superblock * CVE-2017-7889 - mm: Tighten x86 /dev/mem with zeroing reads * CVE-2017-8824 - dccp: CVE-2017-8824: use-after-free in DCCP code -- Stefan Bader Fri, 02 Feb 2018 13:01:39 +0100 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-0750 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-0861 ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000407 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12153 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12190 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12192 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14051 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14140 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14156 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi
[Bug 1742772] Re: powerpc: flush L1D on return to use
Verified on 3.13.0-142-generic that rfi-flush is enabled and active: >From dmesg: [0.00] rfi-flush: Using fallback displacement flush [0.00] rfi-flush: patched 9 locations ** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If the problem still exists, change the tag 'verification-needed-trusty' to 'verification-failed- trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
This bug was fixed in the package linux - 4.13.0-32.35 --- linux (4.13.0-32.35) artful; urgency=low * CVE-2017-5715 // CVE-2017-5753 - SAUCE: x86/entry: Fix up retpoline assembler labels -- Stefan Bader Tue, 23 Jan 2018 09:13:39 +0100 ** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
** Changed in: linux (Ubuntu Trusty) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
This bug was fixed in the package linux - 4.4.0-112.135 --- linux (4.4.0-112.135) xenial; urgency=low * linux: 4.4.0-112.135 -proposed tracker (LP: #1744244) * CVE-2017-5715 // CVE-2017-5753 - x86/cpuid: Provide get_scattered_cpuid_leaf() - SAUCE: Fix spec_ctrl support in KVM - SAUCE: s390: improve cpu alternative handling for gmb and nobp - SAUCE: s390: print messages for gmb and nobp - [Config] KERNEL_NOBP=y linux (4.4.0-111.134) xenial; urgency=low * linux: 4.4.0-111.134 -proposed tracker (LP: #1743362) * Do not duplicate changelog entries assigned to more than one bug or CVE (LP: #1743383) - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better * CVE-2017-5715 // CVE-2017-5753 - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature -- repair missmerge - Revert "x86/svm: Add code to clear registers on VM exit" - kvm: vmx: Scrub hardware GPRs at VM-exit * CVE-2017-5754 - SAUCE: powerpc: use sync instead of hwsync mnemonic linux (4.4.0-110.133) xenial; urgency=low * linux: 4.4.0-110.133 -proposed tracker (LP: #1742995) * CVE-2017-5753 - x86/microcode/AMD: Add support for fam17h microcode loading - bpf: add bpf_patch_insn_single helper - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis - bpf: add generic constant blinding for use in jits - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - qla2xxx: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/kvm: Pad RSB on VM transition - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/syscall: Clear unused extra registers on syscall entrance - x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance - x86/entry: Use retpoline for syscall's indirect calls - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - x86/svm: Add code to clobber the RSB on VM exit - x86/svm: Add code to clear registers on VM exit - x86/cpu/AMD: Make the LFENCE instruction serialized - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature - powerpc: add gmb barrier - s390/spinlock: add gmb memory barrier - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit - arm64: no gmb() implementation yet - arm: no gmb() implementation yet * CVE-2017-5715 - x86/microcode/AMD: Add support for fam17h microcode loading - bpf: add bpf_patch_insn_single helper - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis - bpf: add generic constant blinding for use in jits - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - qla2xxx: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS t
[Bug 1742772] Re: powerpc: flush L1D on return to use
This bug was fixed in the package linux - 4.13.0-31.34 --- linux (4.13.0-31.34) artful; urgency=low * linux: 4.13.0-31.34 -proposed tracker (LP: #1744294) [ Stefan Bader ] * CVE-2017-5715 // CVE-2017-5753 - SAUCE: s390: improve cpu alternative handling for gmb and nobp - SAUCE: s390: print messages for gmb and nobp - [Config] KERNEL_NOBP=y linux (4.13.0-30.33) artful; urgency=low * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412) * Do not duplicate changelog entries assigned to more than one bug or CVE (LP: #1743383) - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better * Unable to handle kernel NULL pointer dereference at isci_task_abort_task (LP: #1726519) - Revert "scsi: libsas: allow async aborts" * CVE-2017-5715 // CVE-2017-5753 - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature -- repair missmerge - Revert "x86/svm: Add code to clear registers on VM exit" - kvm: vmx: Scrub hardware GPRs at VM-exit linux (4.13.0-29.32) artful; urgency=low * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722) * CVE-2017-5754 - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions" - Revert "sysfs/cpu: Fix typos in vulnerability documentation" - Revert "sysfs/cpu: Add vulnerability folder" - Revert "UBUNTU: [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES" linux (4.13.0-28.31) artful; urgency=low * CVE-2017-5753 - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit * CVE-2017-5715 - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit linux (4.13.0-27.30) artful; urgency=low [ Andy Whitcroft ] * CVE-2017-5753 - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - p54: prevent speculative execution - qla2xxx: prevent speculative execution - cw1200: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/kvm: Pad RSB on VM transition - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/syscall: Clear unused extra registers on syscall entrance - x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance - x86/entry: Use retpoline for syscall's indirect calls - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - x86/svm: Add code to clobber the RSB on VM exit - x86/svm: Add code to clear registers on VM exit - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature - powerpc: add gmb barrier - s390/spinlock: add gmb memory barrier - x86/microcode/AMD: Add support for fam17h microcode loading * CVE-2017-5715 - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - p54: prevent speculative execution - qla2xxx: prevent speculative execution - cw1200: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and I
[Bug 1742772] Re: powerpc: flush L1D on return to use
IBM test done regression testing on this "-proposed" builds and found no issues. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
** Changed in: linux (Ubuntu Artful) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
** Also affects: linux (Ubuntu Artful) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1742772] Re: powerpc: flush L1D on return to use
** Changed in: linux (Ubuntu) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu Xenial) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu Artful) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1742772 Title: powerpc: flush L1D on return to use To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1742772/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs