[ubuntu/bionic-proposed] linux-oracle_4.15.0-1029.32_amd64.tar.gz - (Accepted)
Andrea Righi
andrea.righi at canonical.com
Tue Nov 12 18:22:51 UTC 2019
linux-oracle (4.15.0-1029.32) bionic; urgency=medium
* CVE-2019-11135
- [Config] Disable TSX by default when possible
[ Ubuntu: 4.15.0-69.78 ]
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
[ Ubuntu: 4.15.0-68.77 ]
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Date: Thu, 07 Nov 2019 19:53:57 +0100
Changed-By: Andrea Righi <andrea.righi at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-017.buildd>
-------------- next part --------------
Format: 1.8
Date: Thu, 07 Nov 2019 19:53:57 +0100
Source: linux-oracle
Binary: linux-oracle-headers-4.15.0-1029 linux-oracle-tools-4.15.0-1029 linux-image-unsigned-4.15.0-1029-oracle linux-modules-4.15.0-1029-oracle linux-modules-extra-4.15.0-1029-oracle linux-headers-4.15.0-1029-oracle linux-image-unsigned-4.15.0-1029-oracle-dbgsym linux-tools-4.15.0-1029-oracle linux-cloud-tools-4.15.0-1029-oracle linux-buildinfo-4.15.0-1029-oracle
Architecture: amd64 all amd64_translations
Version: 4.15.0-1029.32
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-017.buildd>
Changed-By: Andrea Righi <andrea.righi at canonical.com>
Description:
linux-buildinfo-4.15.0-1029-oracle - Linux kernel buildinfo for version 4.15.0 on 64 bit x86 SMP
linux-cloud-tools-4.15.0-1029-oracle - Oracle Linux kernel version specific cloud tools for version 4.15
linux-headers-4.15.0-1029-oracle - Oracle Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1029-oracle - Oracle Linux kernel image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1029-oracle-dbgsym - Oracle Linux kernel debug image for version 4.15.0 on 64 bit x86
linux-modules-4.15.0-1029-oracle - Oracle Linux kernel extra modules for version 4.15.0 on 64 bit x8
linux-modules-extra-4.15.0-1029-oracle - Oracle Linux kernel extra modules for version 4.15.0 on 64 bit x8
linux-oracle-headers-4.15.0-1029 - Header files related to Oracle Linux kernel version 4.15.0
linux-oracle-tools-4.15.0-1029 - Oracle Linux kernel version specific tools for version 4.15.0-102
linux-tools-4.15.0-1029-oracle - Oracle Linux kernel version specific tools for version 4.15.0-102
Launchpad-Bugs-Fixed: 1849682 1849855 1851205
Changes:
linux-oracle (4.15.0-1029.32) bionic; urgency=medium
.
* CVE-2019-11135
- [Config] Disable TSX by default when possible
.
[ Ubuntu: 4.15.0-69.78 ]
.
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
.
[ Ubuntu: 4.15.0-68.77 ]
.
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Checksums-Sha1:
f521b02f308e70e0961e4feae68d73f08450e3fb 395616 linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
f57e83993786bcee315a5291745c93fd47c6fd17 1250824 linux-headers-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
f1be1b842ebd751aa650e71b1b80d1309a2a06b9 787547820 linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32_amd64.ddeb
ea6f7c42e2daa02c8114ae14398d0ee0bd664d3a 8169420 linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
755cf61db69929cc1a19d2408f6be66b1d656ff0 13140756 linux-modules-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
7cc227fe493bba30b10d798f8e2489290f16c189 32929992 linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
da6af4d6d2d6e5c5159975d0c1c9feac3346a81f 11078324 linux-oracle-headers-4.15.0-1029_4.15.0-1029.32_all.deb
7886934e0385e0079911cdf2b0f5bde32c7cd2dc 4798480 linux-oracle-tools-4.15.0-1029_4.15.0-1029.32_amd64.deb
5611486381a3fa1e9b73512cb3ceed19232f803e 15815 linux-oracle_4.15.0-1029.32_amd64.buildinfo
720212ebaea306e549f202641213f698593d0d94 7996881 linux-oracle_4.15.0-1029.32_amd64.tar.gz
00c294cc38ca6ea2a72253af20d965855d75aa37 24554 linux-oracle_4.15.0-1029.32_amd64_translations.tar.gz
1f3b52b06825e10aa391fcfe458bd84af895118f 1972 linux-tools-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
Checksums-Sha256:
ff86a68fe37bcf7f1fd0a796e2f6f3a7c7859ab54aa3af35b13b131d9c2fd036 395616 linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
a0764747bc5b14ac0413636be341637f6d8a096c8973bc9e5a90b8b0b800ce3d 1250824 linux-headers-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
5345291088c82a0796dd5eaece81b9678460ffe7bcab9dc113d8ba70e40283c7 787547820 linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32_amd64.ddeb
5fd102dbad9170207ec9b88b92d8f5a97bcc96f4e6678dcdb07aa7aa6b1df4d0 8169420 linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
d0dda1481d438d3e80723bc07f092a2c05e63260fdd96cde10f2079511beec31 13140756 linux-modules-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
382e6086fd76cd4daa1be1ffc70bf1c4a012ae3a66bd33f673864e93e5d4de30 32929992 linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
0f9155eadc8eff4f4ef5f7122dc59060fe911ced48f5198890c5bf38a76671a6 11078324 linux-oracle-headers-4.15.0-1029_4.15.0-1029.32_all.deb
06e67172e07b46dcdd962c1e992fe868208b077cc99dfdaed57c1cff0dc66c81 4798480 linux-oracle-tools-4.15.0-1029_4.15.0-1029.32_amd64.deb
fdab5f0cb99e60e44355ede4e085ae09983aa951b70b6e6f21dace82b3bd5709 15815 linux-oracle_4.15.0-1029.32_amd64.buildinfo
ba57ece014d2302568dc5c3b8ba3f32f9a6cbf2c3c6682a67cbfd362ed042152 7996881 linux-oracle_4.15.0-1029.32_amd64.tar.gz
384ccb1452040a24bee8c6b28dc2b0b96e2dc852a8d03f30599868a2de2c1298 24554 linux-oracle_4.15.0-1029.32_amd64_translations.tar.gz
419fd1193fdb3f225010648e709a0eeefa7269ba46833b9e29c7196ae13ec2fd 1972 linux-tools-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
Files:
003e8df4e38b16ef60e7578a38ae0537 395616 kernel optional linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
fe6aa09dfbfa0c7fd42bd3cf5c565720 1250824 devel optional linux-headers-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
4500fb62afc37189f38b13d920c2e314 787547820 devel optional linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32_amd64.ddeb
7ba4d553bcacc427a43516776ce5dde2 8169420 kernel optional linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
a7413debd181de754f10073f6ef6c2aa 13140756 kernel optional linux-modules-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
de4a4b26a10156cadaf7c49009afe667 32929992 kernel optional linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
5c740c75cf08c193a05986e1fce2ebf2 11078324 devel optional linux-oracle-headers-4.15.0-1029_4.15.0-1029.32_all.deb
d07239b0fae6c79d92e07230b266d5d7 4798480 devel optional linux-oracle-tools-4.15.0-1029_4.15.0-1029.32_amd64.deb
8c362c58fd1542e5904b2671aeac116e 15815 devel optional linux-oracle_4.15.0-1029.32_amd64.buildinfo
0138ca5a69b4a55222531f9dfe216147 7996881 raw-signing - linux-oracle_4.15.0-1029.32_amd64.tar.gz
f58dc9cf012c3da8710ee843336841ef 24554 raw-translations - linux-oracle_4.15.0-1029.32_amd64_translations.tar.gz
be6dcda47935bf708fbe6d222ebc9f23 1972 devel optional linux-tools-4.15.0-1029-oracle_4.15.0-1029.32_amd64.deb
More information about the Bionic-changes
mailing list