linux-kvm: 4.4.0-1017.22 -proposed tracker

Bug #1743002 reported by Marcelo Cerri on 2018-01-12
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Kernel SRU Workflow
Medium
Unassigned
Automated-testing
Medium
Canonical Kernel Team
Certification-testing
Medium
Canonical Hardware Certification
Prepare-package
Medium
Kamal Mostafa
Prepare-package-meta
Medium
Kamal Mostafa
Promote-to-proposed
Medium
Adam Conrad
Promote-to-security
Medium
Łukasz Zemczak
Promote-to-updates
Medium
Łukasz Zemczak
Regression-testing
Medium
Canonical Kernel Team
Security-signoff
Medium
Steve Beattie
Upload-to-ppa
Medium
Canonical Kernel Team
Verification-testing
Medium
Canonical Kernel Team
linux-kvm (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned

Bug Description

This bug is for tracking the <version to be filled> upload package. This bug will contain status and testing results related to that upload.

For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
boot-testing-requested: true
kernel-stable-master-bug: 1744244
phase: Released
proposed-announcement-sent: true
proposed-testing-requested: true

CVE References

Marcelo Cerri (mhcerri) on 2018-01-12
tags: added: kernel-release-tracking-bug
tags: added: kernel-release-tracking-bug-live
tags: added: xenial
Changed in kernel-sru-workflow:
status: New → In Progress
importance: Undecided → Medium
Changed in linux-kvm (Ubuntu):
status: New → Invalid
tags: added: kernel-sru-cycle-2017.11.20-8
tags: added: kernel-sru-derivative-of-1742995
summary: - linux-kvm: <version to be filled> -proposed tracker
+ linux-kvm: 4.4.0-1017.22 -proposed tracker
Brad Figg (brad-figg) on 2018-01-13
tags: added: block-proposed-xenial
tags: added: block-proposed
description: updated
description: updated
Brad Figg (brad-figg) on 2018-01-13
description: updated
description: updated
Andy Whitcroft (apw) on 2018-01-13
Changed in linux-kvm (Ubuntu Xenial):
status: New → Confirmed
Andy Whitcroft (apw) on 2018-01-15
description: updated
tags: added: kernel-sru-derivative-of-1743362
removed: kernel-sru-derivative-of-1742995

http://people.canonical.com/~kernel/status/adt-matrix/xenial-linux-meta-kvm.html

Adt tests not showing any regression, overriding automated-testing status to 'Fix Released'.

Stefan Bader (smb) on 2018-01-19
description: updated
tags: added: kernel-sru-derivative-of-1744244
removed: kernel-sru-derivative-of-1743362

Regression tests results are good.

Brad Figg (brad-figg) on 2018-01-29
tags: removed: block-proposed-xenial
tags: removed: block-proposed
Launchpad Janitor (janitor) wrote :
Download full text (10.4 KiB)

This bug was fixed in the package linux-kvm - 4.4.0-1017.22

---------------
linux-kvm (4.4.0-1017.22) xenial; urgency=low

  * linux-kvm: 4.4.0-1016.21 -proposed tracker (LP: #1743002)

  [ Ubuntu: 4.4.0-110.133 ]

  * linux: 4.4.0-110.133 -proposed tracker (LP: #1742995)
  * CVE-2017-5753
    - x86/microcode/AMD: Add support for fam17h microcode loading
    - bpf: add bpf_patch_insn_single helper
    - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis
    - bpf: add generic constant blinding for use in jits
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Make the LFENCE instruction serialized
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
    - arm64: no gmb() implementation yet
    - arm: no gmb() implementation yet
  * CVE-2017-5715
    - x86/microcode/AMD: Add support for fam17h microcode loa...

Changed in linux-kvm (Ubuntu Xenial):
status: Confirmed → Fix Released
Brad Figg (brad-figg) on 2018-01-29
description: updated
description: updated

The package has been published and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status: In Progress → Fix Released
description: updated
description: updated
tags: removed: kernel-release-tracking-bug-live
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers