Xenial update to 4.4.127 stable release

Bug #1765007 reported by Juerg Haefliger on 2018-04-18
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Unassigned

Bug Description

SRU Justification

Impact:
   The upstream process for stable tree updates is quite similar
   in scope to the Ubuntu SRU process, e.g., each patch has to
   demonstrably fix a bug, and each patch is vetted by upstream
   by originating either directly from a mainline/stable Linux tree
   or a minimally backported form of that patch. The 4.4.127 upstream
   stable stable patch set is now available. It should be included
   in the Ubuntu kernel as well.

   git://git.kernel.org/

TEST CASE: TBD

   The following patches from the 4.4.127 stable release shall be
   applied:

   * Linux 4.4.127
   * Revert "ip6_vti: adjust vti mtu according to mtu of lower device"
   * net: cavium: liquidio: fix up "Avoid dma_unmap_single on uninitialized ndata"
   * spi: davinci: fix up dma_mapping_error() incorrect patch
   * Revert "mtip32xx: use runtime tag to initialize command header"
   * Revert "cpufreq: Fix governor module removal race"
   * Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
   * Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
   * Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
   * nospec: Kill array_index_nospec_mask_check()
   * nospec: Move array_index_nospec() parameter checking into separate macro
   * net: hns: Fix ethtool private flags
   * md/raid10: reset the 'first' at the end of loop
   * ARM: dts: am57xx-beagle-x15-common: Add overide powerhold property
   * ARM: dts: dra7: Add power hold and power controller properties to palmas
   * Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition
   * vt: change SGR 21 to follow the standards
   * Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
   * Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
   * staging: comedi: ni_mio_common: ack ai fifo error interrupts.
   * fs/proc: Stop trying to report thread stacks
   * crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
   * crypto: ahash - Fix early termination in hash walk
   * parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
   * media: usbtv: prevent double free in error case
   * mei: remove dev_err message on an unsupported ioctl
   * USB: serial: cp210x: add ELDAT Easywave RX09 id
   * USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
   * USB: serial: ftdi_sio: add RT Systems VX-8 cable
   * usb: dwc2: Improve gadget state disconnection handling
   * scsi: virtio_scsi: always read VPD pages for multiqueue too
   * llist: clang: introduce member_address_is_nonnull()
   * Bluetooth: Fix missing encryption refresh on Security Request
   * netfilter: x_tables: add and use xt_check_proc_name
   * netfilter: bridge: ebt_among: add more missing match size checks
   * xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
   * net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
   * RDMA/ucma: Introduce safer rdma_addr_size() variants
   * RDMA/ucma: Don't allow join attempts for unsupported AF family
   * RDMA/ucma: Check that device exists prior to accessing it
   * RDMA/ucma: Check that device is connected prior to access it
   * RDMA/ucma: Ensure that CM_ID exists prior to access it
   * RDMA/ucma: Fix use-after-free access in ucma_close
   * RDMA/ucma: Check AF family prior resolving address
   * xfrm_user: uncoditionally validate esn replay attribute struct
   * arm64: avoid overflow in VA_START and PAGE_OFFSET
   * selinux: Remove redundant check for unknown labeling behavior
   * netfilter: ctnetlink: Make some parameters integer to avoid enum mismatch
   * tty: provide tty_name() even without CONFIG_TTY
   * audit: add tty field to LOGIN event
   * frv: declare jiffies to be located in the .data section
   * jiffies.h: declare jiffies and jiffies_64 with ____cacheline_aligned_in_smp
   * fs: compat: Remove warning from COMPATIBLE_IOCTL
   * selinux: Remove unnecessary check of array base in selinux_set_mapping()
   * cpumask: Add helper cpumask_available()
   * genirq: Use cpumask_available() for check of cpumask variable
   * netfilter: nf_nat_h323: fix logical-not-parentheses warning
   * Input: mousedev - fix implicit conversion warning
   * dm ioctl: remove double parentheses
   * PCI: Make PCI_ROM_ADDRESS_MASK a 32-bit constant
   * writeback: fix the wrong congested state variable definition
   * ACPI, PCI, irq: remove redundant check for null string pointer
   * kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
   * usb: gadget: f_hid: fix: Prevent accessing released memory
   * usb: gadget: align buffer size when allocating for OUT endpoint
   * usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
   * usb: gadget: change len to size_t on alloc_ep_req()
   * usb: gadget: define free_ep_req as universal function
   * partitions/msdos: Unable to mount UFS 44bsd partitions
   * perf/hwbp: Simplify the perf-hwbp code, fix documentation
   * ALSA: pcm: potential uninitialized return values
   * ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
   * mtd: jedec_probe: Fix crash in jedec_read_mfr()

Juerg Haefliger (juergh) on 2018-04-18
description: updated
Juerg Haefliger (juergh) wrote :

Skipped the following commits because they modify upstream's Spectre v1 code which we haven't pulled in (yet) with the 4.4.118 stable update:
   * nospec: Kill array_index_nospec_mask_check()
   * nospec: Move array_index_nospec() parameter checking into separate macro

Stefan Bader (smb) on 2018-04-18
Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) on 2018-04-18
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (59.3 KiB)

This bug was fixed in the package linux - 4.4.0-127.153

---------------
linux (4.4.0-127.153) xenial; urgency=medium

  * CVE-2018-3639 (powerpc)
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/64s: Move cpu_show_meltdown()
    - powerpc/64s: Enhance the information in cpu_show_meltdown()
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/64s: Wire up cpu_show_spectre_v1()
    - powerpc/64s: Wire up cpu_show_spectre_v2()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - SAUCE: powerpc/64s: Add support for a store forwarding barrier at kernel
      entry/exit

  * CVE-2018-3639 (x86)
    - SAUCE: Clean up IBPB and IBRS control functions and macros
    - SAUCE: Fix up IBPB and IBRS kernel parameters documentation
    - SAUCE: Remove #define X86_FEATURE_PTI
    - x86/cpufeature: Move some of the scattered feature bits to x86_capability
    - x86/cpufeature: Cleanup get_cpu_cap()
    - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6
    - x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
    - x86/cpufeatures: Add Intel feature bits for Speculation Control
    - SAUCE: x86/kvm: Expose SPEC_CTRL from the leaf
    - x86/cpufeatures: Add AMD feature bits for Speculation Control
    - x86/msr: Add definitions for new speculation control MSRs
    - SAUCE: x86/msr: Rename MSR spec control feature bits
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
    - x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
    - x86/speculation: Add <asm/msr-index.h> dependency
    - x86/cpufeatures: Clean up Spectre v2 related CPUID flags
    - x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
    - SAUCE: x86/speculation: Move vendor specific IBRS/IBPB control code
    - SAUCE: x86: Add alternative_msr_write
    - SAUCE: x86/nospec: Simplify alternative_msr_write()
    - SAUCE: x86/bugs: Concentrate bug detection into a separate function
    - SAUCE: x86/bugs: Concentrate bug reporting into a separate function
    - arch: Introduce post-init read-only memory
    - SAUCE: x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - SAUCE: x86/bugs, KVM: Support the combination of guest a...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Juerg Haefliger (juergh) on 2018-06-04
Changed in linux (Ubuntu):
status: New → Incomplete
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers