Bug #1742722 “linux: 4.13.0-29.32 -proposed tracker” : Series prepare-package-signed : Bugs : Kernel SRU Workflow

Kleber Sacilotto de Souza (kleber-souza) on 2018-01-11

tags:	added: kernel-release-tracking-bug
tags:	added: kernel-release-tracking-bug-live
tags:	added: artful
Changed in kernel-sru-workflow:
status:	New → In Progress
importance:	Undecided → Medium
Changed in linux (Ubuntu):
status:	New → Invalid
tags:	added: kernel-sru-cycle-2017.11.20-7
tags:	added: kernel-sru-master-kernel

Kleber Sacilotto de Souza (kleber-souza) on 2018-01-11

description:

updated

Andy Whitcroft (apw) on 2018-01-11

Changed in linux (Ubuntu Artful):
status:	New → Confirmed

Marcelo Cerri (mhcerri) on 2018-01-11

summary:

- linux: <version to be filled> -proposed tracker
+ linux: 4.13.0-27.30 -proposed tracker

Seth Forshee (sforshee) on 2018-01-12

summary:

- linux: 4.13.0-27.30 -proposed tracker
+ linux: 4.13.0-28.31 -proposed tracker

Kleber Sacilotto de Souza (kleber-souza) on 2018-01-12

summary:	- linux: 4.13.0-28.31 -proposed tracker + linux: <version to be filled> -proposed tracker
summary:	- linux: <version to be filled> -proposed tracker + linux: 4.13.0-29.32 -proposed tracker

Kleber Sacilotto de Souza (kleber-souza) on 2018-01-12

description:

updated

Brad Figg (brad-figg) on 2018-01-12

tags:	added: block-proposed-artful
tags:	added: block-proposed
description:	updated
description:	updated

Brad Figg (brad-figg) on 2018-01-12

description:	updated
description:	updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-01-22:

#1

Download full text (11.5 KiB)

This bug was fixed in the package linux - 4.13.0-31.34

---------------
linux (4.13.0-31.34) artful; urgency=low

* linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)

  [ Stefan Bader ]
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

linux (4.13.0-30.33) artful; urgency=low

* linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)

  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"

  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

linux (4.13.0-29.32) artful; urgency=low

* linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)

  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

linux (4.13.0-28.31) artful; urgency=low

* CVE-2017-5753
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

* CVE-2017-5715
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

linux (4.13.0-27.30) artful; urgency=low

  [ Andy Whitcroft ]
  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL fea...

This bug was fixed in the package linux - 4.13.0-31.34

---------------
linux (4.13.0-31.34) artful; urgency=low

* linux: 4.13.0-31.34 -proposed tracker (LP: #1744294)

[ Stefan Bader ]
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: s390: improve cpu alternative handling for gmb and nobp
    - SAUCE: s390: print messages for gmb and nobp
    - [Config] KERNEL_NOBP=y

linux (4.13.0-30.33) artful; urgency=low

* linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)

* Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better

* Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"

* CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

linux (4.13.0-29.32) artful; urgency=low

* linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)

* CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

linux (4.13.0-28.31) artful; urgency=low

* CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

* CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

linux (4.13.0-27.30) artful; urgency=low

[ Andy Whitcroft ]
  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading

* CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading

* CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES

* powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI

* s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

-- Marcelo Henrique Cerri <marcelo.cerri@canonical.com>  Fri, 19 Jan 2018 09:56:09 -0200

Changed in linux (Ubuntu Artful):
status:	Confirmed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-02-02:

#2

This bug was fixed in the package linux - 4.13.0-32.35

---------------
linux (4.13.0-32.35) artful; urgency=low

* CVE-2017-5715 // CVE-2017-5753
- SAUCE: x86/entry: Fix up retpoline assembler labels

-- Stefan Bader <email address hidden> Tue, 23 Jan 2018 09:13:39 +0100

Changed in linux (Ubuntu):
status:	Invalid → Fix Released

Andy Whitcroft (apw) on 2022-06-06

tags:	removed: kernel-release-tracking-bug-live
Changed in kernel-sru-workflow:
status:	In Progress → Fix Released

Kernel SRU Workflow

linux: 4.13.0-29.32 -proposed tracker

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Confirmed	Medium	Canonical Kernel Team
Certification-testing	Confirmed	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-meta	Fix Released	Medium	Kleber Sacilotto de Souza
Prepare-package-signed	Fix Released	Medium	Kleber Sacilotto de Souza
Promote-to-proposed	Fix Released	Medium	Łukasz Zemczak
Promote-to-security	New	Medium	Ubuntu Stable Release Updates Team
Promote-to-updates	New	Medium	Ubuntu Stable Release Updates Team
Regression-testing	Confirmed	Medium	Canonical Kernel Team
Security-signoff	In Progress	Medium	Steve Beattie
Upload-to-ppa	Invalid	Medium	Unassigned
Verification-testing	Confirmed	Medium	Canonical Kernel Team
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Artful	Fix Released	Undecided	Unassigned