2023-03-06 14:41:40 |
Pedro Principeza |
bug |
|
|
added bug |
2023-03-06 18:45:36 |
Nick Rosbrook |
nominated for series |
|
Ubuntu Jammy |
|
2023-03-06 18:45:36 |
Nick Rosbrook |
bug task added |
|
systemd (Ubuntu Jammy) |
|
2023-03-06 18:45:43 |
Nick Rosbrook |
systemd (Ubuntu): status |
New |
Fix Released |
|
2023-03-06 18:46:00 |
Nick Rosbrook |
systemd (Ubuntu Jammy): status |
New |
Triaged |
|
2023-03-06 19:52:25 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~enr0n/ubuntu/+source/systemd/+git/systemd/+merge/438247 |
|
2023-03-11 00:04:12 |
Steve Langasek |
description |
[ Impact ]
On systems where Intel SGX is available, access to a specific devide node (/dev/sgx_vepc) must be enforced, with a specific permission (0660) and group (sgx).
This allows KVM-based virtual machines to use such feature (the SGX "enclaves") in a proper fashion. Without this, a manual udev rule needs to be created.
[ Test Plan ]
As the patch itself only tailors the permissions/group to the device node, in a system with Intel-SGX enabled, merely `ls -la` against the device node should show if the permissions and group are seen as expected.
[ Where problems could occur ]
N/A. This seems to be a very straightforward inclusion, very specific to access enablement to the SGX reserved memory used for hosting enclaves.
[ Other Info ]
N/A. |
[ Impact ]
On systems where Intel SGX is available, access to a specific device node (/dev/sgx_vepc) must be enforced, with a specific permission (0660) and group (sgx).
This allows KVM-based virtual machines to use such feature (the SGX "enclaves") in a proper fashion. Without this, a manual udev rule needs to be created.
[ Test Plan ]
As the patch itself only tailors the permissions/group to the device node, in a system with Intel-SGX enabled, merely `ls -la` against the device node should show if the permissions and group are seen as expected.
[ Where problems could occur ]
N/A. This seems to be a very straightforward inclusion, very specific to access enablement to the SGX reserved memory used for hosting enclaves.
[ Other Info ]
N/A. |
|
2023-03-11 00:04:39 |
Steve Langasek |
systemd (Ubuntu Jammy): status |
Triaged |
Fix Committed |
|
2023-03-11 00:04:40 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2023-03-11 00:04:41 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2023-03-11 00:04:45 |
Steve Langasek |
tags |
|
verification-needed verification-needed-jammy |
|
2023-03-14 18:06:03 |
William Wilson |
tags |
verification-needed verification-needed-jammy |
verification-done verification-done-jammy |
|
2023-03-24 13:43:32 |
Timo Aaltonen |
tags |
verification-done verification-done-jammy |
verification-needed verification-needed-jammy |
|
2023-03-24 17:07:27 |
William Wilson |
tags |
verification-needed verification-needed-jammy |
verification-done verification-done-jammy |
|
2023-04-11 17:37:16 |
Launchpad Janitor |
systemd (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
2023-04-11 17:37:34 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|