Bug #1744298 “linux-hwe: 4.13.0-31.34~16.04.1 -proposed tracker” : Series upload-to-ppa : Bugs : Kernel SRU Workflow

Stefan Bader (smb) on 2018-01-19

tags:	added: kernel-release-tracking-bug
tags:	added: kernel-release-tracking-bug-live
tags:	added: xenial
Changed in linux-hwe (Ubuntu Xenial):
status:	New → Confirmed
Changed in kernel-sru-workflow:
status:	New → In Progress
importance:	Undecided → Medium
Changed in linux-hwe (Ubuntu):
status:	New → Invalid
Changed in linux-hwe (Ubuntu Xenial):
importance:	Undecided → Medium
tags:	added: kernel-sru-cycle-2017.11.20-9
tags:	added: kernel-sru-backport-of-1744294

Marcelo Cerri (mhcerri) on 2018-01-19

summary:

- linux-hwe: <version to be filled> -proposed tracker
+ linux-hwe: 4.13.0-31.34~16.04.1 -proposed tracker

Brad Figg (brad-figg) on 2018-01-19

description:	updated
description:	updated

Brad Figg (brad-figg) on 2018-01-20

tags:	added: block-proposed-xenial
tags:	added: block-proposed
description:	updated

Brad Figg (brad-figg) on 2018-01-22

description:	updated
description:	updated

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2018-01-22:

#1

Setting automated-testing to 'Fix Released' based on the test results from the previous version (4.13.0-30.33~16.04.1).

http://people.canonical.com/~kernel/status/adt-matrix/xenial-linux-meta-hwe.html

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2018-01-22:

#2

Setting regression-testing to 'Fix Released' based on test results from xenial/linux 4.13.0-31.34 (bug 1744294).

Brad Figg (brad-figg) on 2018-01-22

tags:	removed: block-proposed-xenial
tags:	removed: block-proposed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-01-22:

#3

Download full text (11.6 KiB)

This bug was fixed in the package linux-hwe - 4.13.0-31.34~16.04.1

---------------
linux-hwe (4.13.0-31.34~16.04.1) xenial; urgency=low

* linux-hwe: 4.13.0-31.34~16.04.1 -proposed tracker (LP: #1744298)

* linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)

  [ Stefan Bader ]
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

linux (4.13.0-30.33) artful; urgency=low

* linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)

  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

linux (4.13.0-29.32) artful; urgency=low

* linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)

  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

linux (4.13.0-28.31) artful; urgency=low

* CVE-2017-5753
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

* CVE-2017-5715
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

linux (4.13.0-27.30) artful; urgency=low

  [ Andy Whitcroft ]
  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: ...

This bug was fixed in the package linux-hwe - 4.13.0-31.34~16.04.1

---------------
linux-hwe (4.13.0-31.34~16.04.1) xenial; urgency=low

* linux-hwe: 4.13.0-31.34~16.04.1 -proposed tracker (LP: #1744298)

* linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)

[ Stefan Bader ]
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

linux (4.13.0-30.33) artful; urgency=low

* linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)

* Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

* Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"

* CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

linux (4.13.0-29.32) artful; urgency=low

* linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)

* CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

linux (4.13.0-28.31) artful; urgency=low

* CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

* CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

linux (4.13.0-27.30) artful; urgency=low

[ Andy Whitcroft ]
  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading

* CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading

* CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES

* powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI

* s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Fri, 19 Jan 2018 09:56:09 -0200

Changed in linux-hwe (Ubuntu Xenial):
status:	Confirmed → Fix Released
status:	Confirmed → Fix Released

Brad Figg (brad-figg) on 2018-01-22

description:	updated
description:	updated

Revision history for this message

Brad Figg (brad-figg) wrote on 2018-01-22: Package Released!

#5

The package has been published and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status:	In Progress → Fix Released
description:	updated
description:	updated
tags:	removed: kernel-release-tracking-bug-live

Kernel SRU Workflow

linux-hwe: 4.13.0-31.34~16.04.1 -proposed tracker

Bug Description

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Marcelo Cerri
Prepare-package-meta	Fix Released	Medium	Marcelo Cerri
Prepare-package-signed	Fix Released	Medium	Marcelo Cerri
Promote-to-proposed	Fix Released	Medium	Łukasz Zemczak
Promote-to-security	Fix Released	Medium	Łukasz Zemczak
Promote-to-updates	Fix Released	Medium	Łukasz Zemczak
Regression-testing	Fix Released	Medium	Canonical Kernel Team
Security-signoff	Fix Released	Medium	Canonical Security Team
Upload-to-ppa	New	Medium	Canonical Kernel Team
Verification-testing	Invalid	Medium	Canonical Kernel Team
linux-hwe (Ubuntu)	Invalid	Undecided	Unassigned
Xenial	Fix Released	Medium	Unassigned