linux-aws builds modules which are not shipped

Bug #1836706 reported by Stefan Bader on 2019-07-16
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-aws (Ubuntu)
Low
Stefan Bader
Xenial
Low
Unassigned
Bionic
Low
Unassigned
Disco
Low
Unassigned

Bug Description

[SRU Justification]

== Impact ==

The build of AWS kernels currently is set up in a way that, like the generic kernel, builds a larger number of modules than it actually provides in the main modules package. However, unlike the generic kernel, it does not provide a linux-modules-extra which contains all those built modules.

So there is no way for users to get modules which were deemed unnecessary in the AWS cloud space. But this also causes problems in cases where out of tree modules are being tried to compile. Those will configure themselves based on the provided config and then might depend on functionality which is provided in some module that is not part of the non-extra set.

== Fix ==

To fix this, but also to get all of the kernels aligned, the AWS kernel should start to provide a linux-modules-extra which contains all those modules not shipped in the main modules packages. Since the default linux-aws meta package is supposed to only install the minimal set, there needs to be a linux-modules-extra-aws meta package which keeps the extra modules in sync with the kernel.

== Testcase ==

sudo apt-get install linux-modules-extra-aws

This should download and install additional kernel modules.

== Risk of Regression ==

Low, this will start to ship an additional package which is not installed by default.

Stefan Bader (smb) on 2019-07-16
Changed in linux-aws (Ubuntu Xenial):
importance: Undecided → Low
Changed in linux-aws (Ubuntu Bionic):
importance: Undecided → Low
Changed in linux-aws (Ubuntu Disco):
importance: Undecided → Low
Changed in linux-aws (Ubuntu Xenial):
status: New → Fix Committed
Changed in linux-aws (Ubuntu Bionic):
status: New → Fix Committed
Changed in linux-aws (Ubuntu Disco):
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-aws - 5.0.0-1012.13

---------------
linux-aws (5.0.0-1012.13) disco; urgency=medium

  * add support for Amazon Graviton PCIe controller (LP: #1834962)
    - PCI: al: Add Amazon Annapurna Labs PCIe host controller driver
    - genirq/msi: Add a new field in msi_desc to store an IOMMU cookie
    - iommu/dma-iommu: Split iommu_dma_map_msi_msg() in two parts
    - irqchip/gicv2m: Don't map the MSI page in gicv2m_compose_msi_msg()
    - SAUCE: irqchip/gic: Add support for Amazon Graviton variant of GICv3+GICv2m
    - SAUCE: [aws] arm64: acpi/pci: invoke _DSM whether to preserve firmware PCI
      setup
    - [Config] aws: set CONFIG_IRQ_MSI_IOMMU=y

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

  * linux-aws builds modules which are not shipped (LP: #1836706)
    - [Packaging] Start shipping modules-extra

 -- Kleber Sacilotto de Souza <email address hidden> Fri, 02 Aug 2019 12:32:10 +0200

Changed in linux-aws (Ubuntu Disco):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-aws - 4.15.0-1045.47

---------------
linux-aws (4.15.0-1045.47) bionic; urgency=medium

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130 // CVE-2019-11091
    - SAUCE: Synchronize MDS mitigations with upstream

  * add support for Amazon Graviton PCIe controller (LP: #1834962)
    - PCI: al: Add Amazon Annapurna Labs PCIe host controller driver
    - SAUCE: [aws] irqchip/gic-v2m: invoke from gic-v3 initialization and add acpi
      quirk flow
    - SAUCE: [aws] arm64: acpi/pci: invoke _DSM whether to preserve firmware PCI
      setup

  * linux-aws builds modules which are not shipped (LP: #1836706)
    - [Packaging] Start shipping modules-extra

 -- Kleber Sacilotto de Souza <email address hidden> Fri, 02 Aug 2019 14:16:59 +0200

Changed in linux-aws (Ubuntu Bionic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (42.7 KiB)

This bug was fixed in the package linux-aws - 4.4.0-1090.101

---------------
linux-aws (4.4.0-1090.101) xenial; urgency=medium

  [ Ubuntu: 4.4.0-159.187 ]

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

linux-aws (4.4.0-1089.100) xenial; urgency=medium

  * xenial/linux-aws: 4.4.0-1089.100 -proposed tracker (LP: #1837588)

  * CVE-2018-5383
    - [Config] aws: CRYPTO_ECDH=m

  * linux-aws builds modules which are not shipped (LP: #1836706)
    - [Packaging] Start shipping modules-extra

  [ Ubuntu: 4.4.0-158.186 ]

  * xenial/linux: 4.4.0-158.186 -proposed tracker (LP: #1837609)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts
  * ixgbe{vf} - Physical Function gets IRQ when VF checks link state
    (LP: #1836760)
    - ixgbevf: Use cached link state instead of re-reading the value for ethtool
  * CVE-2018-5383
    - crypto: kpp - Key-agreement Protocol Primitives API (KPP)
    - crypto: dh - Add DH software implementation
    - crypto: ecdh - Add ECDH software support
    - crypto: ecdh - make ecdh_shared_secret unique
    - crypto: doc - add KPP documentation
    - crypto: kpp, (ec)dh - fix typos
    - crypto: ecc - remove unused function arguments
    - crypto: ecc - remove unnecessary casts
    - crypto: ecc - rename ecdh_make_pub_key()
    - crypto: ecdh - add privkey generation support
    - crypto: ecc - Fix NULL pointer deref. on no default_rng
    - [Config] CRYPTO_ECDH=m
    - Bluetooth: convert smp and selftest to crypto kpp API
    - crypto: ecdh - add public key verification test
  * Xenial update: 4.4.185 upstream stable release (LP: #1836668)
    - fs/binfmt_flat.c: make load_flat_shared_library() work
    - scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
    - tracing: Silence GCC 9 array bounds warning
    - gcc-9: silence 'address-of-packed-member' warning
    - usb: chipidea: udc: workaround for endpoint conflict issue
    - Input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD
    - apparmor: enforce nullbyte at end of tag string
    - parport: Fix mem leak in parport_register_dev_model
    - parisc: Fix compiler warnings in float emulation code
    - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
    - MIPS: uprobes: remove set but not used variable 'epc'
    - net: hns: Fix loopback test failed at copper ports
    - sparc: perf: fix updated event period in response to PERF_EVENT_IOC_PERIOD
    - scripts/checkstack.pl: Fix arm64 wrong or unknown architecture
    - scsi: ufs: Check that space was properly alloced in copy_query_response
    - s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
    - hwmon: (pmbus/core) Treat parameters as paged if on multiple pages
    - Btrfs: fix race between readahead and device replace/removal
    - btrfs: st...

Changed in linux-aws (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-aws - 5.0.0-1012.13

---------------
linux-aws (5.0.0-1012.13) disco; urgency=medium

  * add support for Amazon Graviton PCIe controller (LP: #1834962)
    - PCI: al: Add Amazon Annapurna Labs PCIe host controller driver
    - genirq/msi: Add a new field in msi_desc to store an IOMMU cookie
    - iommu/dma-iommu: Split iommu_dma_map_msi_msg() in two parts
    - irqchip/gicv2m: Don't map the MSI page in gicv2m_compose_msi_msg()
    - SAUCE: irqchip/gic: Add support for Amazon Graviton variant of GICv3+GICv2m
    - SAUCE: [aws] arm64: acpi/pci: invoke _DSM whether to preserve firmware PCI
      setup
    - [Config] aws: set CONFIG_IRQ_MSI_IOMMU=y

  * CVE-2019-1125
    - x86/cpufeatures: Carve out CQM features retrieval
    - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
    - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
    - x86/speculation: Enable Spectre v1 swapgs mitigations
    - x86/entry/64: Use JMP instead of JMPQ
    - x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS

  * linux-aws builds modules which are not shipped (LP: #1836706)
    - [Packaging] Start shipping modules-extra

 -- Kleber Sacilotto de Souza <email address hidden> Fri, 02 Aug 2019 12:32:10 +0200

Changed in linux-aws (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers