linux-kvm VFIO support for Kata containers

Bug #1759421 reported by Julio Montes on 2018-03-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-kvm (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Kamal Mostafa

Bug Description

Next configs are needed to support VFIO
* CONFIG_DMAR_TABLE
* CONFIG_HAVE_INTEL_TXT
* CONFIG_INTEL_IOMMU
* CONFIG_INTEL_IOMMU_DEFAULT_ON
* CONFIG_INTEL_IOMMU_FLOPPY_WA
* CONFIG_INTEL_IOMMU_SVM
* CONFIG_IOMMU_API
* CONFIG_IOMMU_IOVA
* CONFIG_IOMMU_SUPPORT
* CONFIG_IRQ_REMAP
* CONFIG_PCI_ATS
* CONFIG_PCI_PASID
* CONFIG_VFIO
* CONFIG_VFIO_IOMMU_TYPE1
* CONFIG_VFIO_PCI
* CONFIG_VFIO_PCI_INTX
* CONFIG_VFIO_PCI_MMAP
* CONFIG_VFIO_VIRQFD

CVE References

Changed in linux-kvm (Ubuntu Xenial):
status: New → In Progress
Changed in linux-kvm (Ubuntu Xenial):
assignee: nobody → Kamal Mostafa (kamalmostafa)
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (18.2 KiB)

This bug was fixed in the package linux-kvm - 4.4.0-1021.26

---------------
linux-kvm (4.4.0-1021.26) xenial; urgency=medium

  * linux-kvm: 4.4.0-1021.26 -proposed tracker (LP: #1761445)

  * linux-kvm VFIO support for Kata containers (LP: #1759421)
    - kvm: [config] Enable VFIO

  [ Ubuntu: 4.4.0-120.144 ]

  * linux: 4.4.0-120.144 -proposed tracker (LP: #1761438)
  * intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
    image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
    - Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
      thread"
    - x86/speculation: Use Indirect Branch Prediction Barrier in context switch
  * DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
    install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
    - [Packaging] include the retpoline extractor in the headers
  * retpoline hints: primary infrastructure and initial hints (LP: #1758856)
    - [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool
    - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32bit
    - x86/paravirt, objtool: Annotate indirect calls
    - x86/asm: Stop depending on ptrace.h in alternative.h
    - [Packaging] retpoline -- add safe usage hint support
    - [Packaging] retpoline-check -- only report additions
    - [Packaging] retpoline -- widen indirect call/jmp detection
    - [Packaging] retpoline -- elide %rip relative indirections
    - [Packaging] retpoline -- clear hint information from packages
    - SAUCE: modpost: add discard to non-allocatable whitelist
    - KVM: x86: Make indirect calls in emulator speculation safe
    - KVM: VMX: Make indirect call speculation safe
    - x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
    - SAUCE: early/late -- annotate indirect calls in early/late initialisation
      code
    - SAUCE: vga_set_mode -- avoid jump tables
    - [Config] retpoline -- switch to new format
    - [Packaging] final-checks -- remove check for empty retpoline files
  * Xenial update to 4.4.117 stable release (LP: #1756860)
    - IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
    - PM / devfreq: Propagate error from devfreq_add_device()
    - s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
    - ARM: dts: STi: Add gpio polarity for "hdmi,hpd-gpio" property
    - arm: spear600: Add missing interrupt-parent of rtc
    - arm: spear13xx: Fix dmas cells
    - arm: spear13xx: Fix spics gpio controller's warning
    - ALSA: seq: Fix regression by incorrect ioctl_mutex usages
    - KVM/x86: Reduce retpoline performance impact in slot_handle_level_range(),
      by always inlining iterator helper methods
    - x86/cpu: Change type of x86_cache_size variable to unsigned int
    - drm/radeon: adjust tested variable
    - rtc-opal: Fix handling of firmware error codes, prevent busy loops
    - ext4: save error to disk in __ext4_grp_locked_error()
    - ext4: correct documentation for grpid mount option
    - mm: hide a #warning for COMPILE_TEST
    - video: fbdev: ...

Changed in linux-kvm (Ubuntu Xenial):
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew) on 2019-07-31
Changed in linux-kvm (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers