Bug #1823045 “Please ship modules nvme, nvmem_core as built-in” : Bugs : linux-aws package : Ubuntu

Kamal Mostafa (kamalmostafa) on 2019-04-03

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2019-04-23

Changed in linux-aws (Ubuntu Xenial):
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2019-05-14:

#1

Download full text (6.2 KiB)

This bug was fixed in the package linux-aws - 4.4.0-1083.93

---------------
linux-aws (4.4.0-1083.93) xenial; urgency=medium

[ Ubuntu: 4.4.0-148.174 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - perf/x86/intel: Add model number for Skylake Server to perf
    - perf/x86: Add model numbers for Kabylake CPUs
    - perf/x86/intel: Use Intel family macros for core perf events
    - perf/x86/msr: Use Intel family macros for MSR events code
    - perf/x86/msr: Add missing Intel models
    - SAUCE: perf/x86/{cstate,rapl,uncore}: Use Intel Model name macros
    - perf/x86/msr: Add missing CPU IDs
    - x86/speculation: Simplify the CPU bug detection logic
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - bitops: avoid integer overflow in GENMASK(_ULL)
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - locking/static_keys: Provide DECLARE and well as DEFINE macros
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - SAUCE: sched/smt: Introduce sched_smt_{active,present}
    - SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
    - SAUCE: x86/speculation: Introduce arch_smt_update()
    - x86/speculation: Rework SMT state change
    - x86/speculation: Reorder the spec_v2 code
    - x86/speculation: Unify conditional spectre v2 print functions
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-aws (4.4.0-1082.92) xenial; urgency=medium

* linux-aws: 4.4.0-1082.92 -proposed tra...

This bug was fixed in the package linux-aws - 4.4.0-1083.93

---------------
linux-aws (4.4.0-1083.93) xenial; urgency=medium

[ Ubuntu: 4.4.0-148.174 ]

* CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - perf/x86/intel: Add model number for Skylake Server to perf
    - perf/x86: Add model numbers for Kabylake CPUs
    - perf/x86/intel: Use Intel family macros for core perf events
    - perf/x86/msr: Use Intel family macros for MSR events code
    - perf/x86/msr: Add missing Intel models
    - SAUCE: perf/x86/{cstate,rapl,uncore}: Use Intel Model name macros
    - perf/x86/msr: Add missing CPU IDs
    - x86/speculation: Simplify the CPU bug detection logic
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - bitops: avoid integer overflow in GENMASK(_ULL)
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - locking/static_keys: Provide DECLARE and well as DEFINE macros
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - SAUCE: sched/smt: Introduce sched_smt_{active,present}
    - SAUCE: Rename the Ubuntu-only spec_ctrl_mutex mutex
    - SAUCE: x86/speculation: Introduce arch_smt_update()
    - x86/speculation: Rework SMT state change
    - x86/speculation: Reorder the spec_v2 code
    - x86/speculation: Unify conditional spectre v2 print functions
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

linux-aws (4.4.0-1082.92) xenial; urgency=medium

* linux-aws: 4.4.0-1082.92 -proposed tracker (LP: #1826024)

* Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

* Please ship modules nvme, nvmem_core as built-in (LP: #1823045)
    - aws: [Config] make CONFIG_BLK_DEV_NVME, NVMEM builtin

[ Ubuntu: 4.4.0-147.173 ]

* linux: 4.4.0-147.173 -proposed tracker (LP: #1826036)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
  * Xenial: Sync to upstream v4.9 (Spectre) (LP: #1820872)
    - SAUCE: cpu/hotplug: Fix Documentation/kernel-parameters.txt
    - SAUCE: Fix typo in Documentation/kernel-parameters.txt
    - SAUCE: x86: Move hunks and sync to upstream stable 4.9
    - Revert "module: Add retpoline tag to VERMAGIC"
  * CVE-2017-5753
    - posix-timers: Protect posix clock array access against speculation
    - arm64: fix possible spectre-v1 in ptrace_hbp_get_event()
    - sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[]
    - media: dvb_ca_en50221: prevent using slot_info for Spectre attacs
    - s390/keyboard: sanitize array index in do_kdsk_ioctl
    - arm64: fix possible spectre-v1 write in ptrace_hbp_set_event()
    - pktcdvd: Fix possible Spectre-v1 for pkt_devs
    - net: socket: Fix potential spectre v1 gadget in sock_is_registered
    - net: sock_diag: Fix spectre v1 gadget in __sock_diag_cmd()
    - hwmon: (nct6775) Fix potential Spectre v1
    - mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
    - nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT
    - ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
    - powerpc/ptrace: Mitigate potential Spectre v1
    - cfg80211: prevent speculation on cfg80211_classify8021d() return
    - ALSA: rawmidi: Fix potential Spectre v1 vulnerability
    - ALSA: seq: oss: Fix Spectre v1 vulnerability
  * CVE-2019-3874
    - sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege
    - sctp: use sk_wmem_queued to check for writable space
    - sctp: implement memory accounting on tx path
    - sctp: implement memory accounting on rx path
  * Kprobe event argument syntax in ftrace from ubuntu_kernel_selftests failed
    on B PowerPC (LP: #1812809)
    - selftests/ftrace: Add ppc support for kprobe args tests
  * CVE-2019-3882
    - vfio/type1: Limit DMA mappings per container
  * Intel I210 Ethernet card not working after hotplug [8086:1533]
    (LP: #1818490)
    - igb: Fix WARN_ONCE on runtime suspend
  * TSC clocksource not available in nested guests (LP: #1822821)
    - x86/tsc: Add X86_FEATURE_TSC_KNOWN_FREQ flag
    - kvmclock: fix TSC calibration for nested guests
  * Remove btrfs module after a failed fallocate attempt will cause error on 4.4
    i386 (LP: #1822579)
    - Btrfs: fix extent map leak during fallocate error path
  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244) // systemd cause kernel trace "BUG:
    unable to handle kernel paging request at 6db23a14" on Cosmic i386
    (LP: #1813244)
    - openvswitch: fix flow actions reallocation

-- Stefan Bader <stefan.bader@canonical.com>  Wed, 08 May 2019 17:52:24 +0200

Changed in linux-aws (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2019-07-30:

#2

Config could be found in AWS Eoan as well. Mark this as fix-released.

Changed in linux-aws (Ubuntu):
status:	In Progress → Fix Released

Affects		Status	Importance	Assigned to	Milestone
	linux-aws (Ubuntu)	Fix Released	High	Kamal Mostafa
	Xenial	Fix Released	Undecided	Unassigned

Ubuntu
linux-aws package

Please ship modules nvme, nvmem_core as built-in

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntulinux-aws package