[ubuntu/disco-proposed] linux-azure_5.0.0-1025.27_amd64.tar.gz - (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Nov 12 18:07:51 UTC 2019
linux-azure (5.0.0-1025.27) disco; urgency=medium
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
[ Ubuntu: 5.0.0-35.38 ]
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout
confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
[ Ubuntu: 5.0.0-34.36 ]
* disco/linux: <version to be filled> -proposed tracker (LP: #1850574)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Date: Mon, 11 Nov 2019 12:09:42 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-029.buildd>
-------------- next part --------------
Format: 1.8
Date: Mon, 11 Nov 2019 12:09:42 +0100
Source: linux-azure
Binary: linux-azure-cloud-tools-5.0.0-1025 linux-azure-headers-5.0.0-1025 linux-azure-tools-5.0.0-1025 linux-buildinfo-5.0.0-1025-azure linux-cloud-tools-5.0.0-1025-azure linux-headers-5.0.0-1025-azure linux-image-unsigned-5.0.0-1025-azure linux-modules-5.0.0-1025-azure linux-modules-extra-5.0.0-1025-azure linux-tools-5.0.0-1025-azure
Architecture: amd64 all amd64_translations
Version: 5.0.0-1025.27
Distribution: disco
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-029.buildd>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
linux-azure-cloud-tools-5.0.0-1025 - Linux kernel version specific cloud tools for version 5.0.0-1025
linux-azure-headers-5.0.0-1025 - Header files related to Linux kernel version 5.0.0
linux-azure-tools-5.0.0-1025 - Linux kernel version specific tools for version 5.0.0-1025
linux-buildinfo-5.0.0-1025-azure - Linux kernel buildinfo for version 5.0.0 on 64 bit x86 SMP
linux-cloud-tools-5.0.0-1025-azure - Linux kernel version specific cloud tools for version 5.0.0-1025
linux-headers-5.0.0-1025-azure - Linux kernel headers for version 5.0.0 on 64 bit x86 SMP
linux-image-unsigned-5.0.0-1025-azure - Linux kernel image for version 5.0.0 on 64 bit x86 SMP
linux-modules-5.0.0-1025-azure - Linux kernel extra modules for version 5.0.0 on 64 bit x86 SMP
linux-modules-extra-5.0.0-1025-azure - Linux kernel extra modules for version 5.0.0 on 64 bit x86 SMP
linux-tools-5.0.0-1025-azure - Linux kernel version specific tools for version 5.0.0-1025
Launchpad-Bugs-Fixed: 1849682 1850574 1850867
Changes:
linux-azure (5.0.0-1025.27) disco; urgency=medium
.
* CVE-2019-11135
- [Config] azure: Disable TSX by default when possible
.
[ Ubuntu: 5.0.0-35.38 ]
.
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- SAUCE: Fix revert "md/raid0: avoid RAID0 data corruption due to layout
confusion."
* refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
- SAUCE: shiftfs: Correct id translation for lower fs operations
- SAUCE: shiftfs: prevent type confusion
- SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling
* CVE-2018-12207
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
.
[ Ubuntu: 5.0.0-34.36 ]
.
* disco/linux: <version to be filled> -proposed tracker (LP: #1850574)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Checksums-Sha1:
982e5c8d9221dd945f3f808f3e318768727d549d 114392 linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
ef9329aaad597a84b3e51a901f9bcf14942f8728 10757936 linux-azure-headers-5.0.0-1025_5.0.0-1025.27_all.deb
8a1e9c644cfa952c77e7e53e8b7f3272cea4768b 5171400 linux-azure-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
bff502b65eb5c690916520ac23e68e9e4fc96ad8 16130 linux-azure_5.0.0-1025.27_amd64.buildinfo
0fa7149c967aa46a97f3f67a096426fd7ab07c65 7740734 linux-azure_5.0.0-1025.27_amd64.tar.gz
2a9f309064096c253e7cea34f6733c91c47604b3 24521 linux-azure_5.0.0-1025.27_amd64_translations.tar.gz
999d019c4cfbaaded51ef5c4ae0b071044bb17a6 237404 linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
90fc547abaae463baa0e43e16a9e81e338175998 1868 linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
b017bdfcbfc17c1abdb67115c55c244df4f90244 1057136 linux-headers-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
6c1a30fae9ab58915e25fc0d55e08a2155f9d09a 461917560 linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27_amd64.ddeb
80e2a8d0002923a62f02a63aa5164db9d3d319b4 7827560 linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
88f34b07af86b60ac41d24ca24ab8ffb09e030f5 12542892 linux-modules-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
52d45eaa4eb8d0d5a78d0753ea2e79d580543a3e 11295800 linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
8586ce3b27839cd5463e0cde8edc8f8e949a59af 1940 linux-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
Checksums-Sha256:
50a5f91640dedb43b415e79d6123ceca9766d2ce2c0343063ff63218e314c642 114392 linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
b66d34ae8121cd34f7f18b63cd20b65bdea95f98ed855274f452efcd3ab5cd0e 10757936 linux-azure-headers-5.0.0-1025_5.0.0-1025.27_all.deb
86002ff5470e88a31c77f785f11ade94fe479e6144efe058d3a2f8ef2cc05d79 5171400 linux-azure-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
30c2083f6c90563fd913869e3159a27e300ebd084fe304c0f41834170a4c0d33 16130 linux-azure_5.0.0-1025.27_amd64.buildinfo
ab1b59d3b5163b83cd16b2dc47fc6cfd5cd5dcf51cba6a69f41896f542cb321f 7740734 linux-azure_5.0.0-1025.27_amd64.tar.gz
c3b57067c03a2783e5b8773963fcc8d6f2e151f5d1847a60a96d84791487f7cc 24521 linux-azure_5.0.0-1025.27_amd64_translations.tar.gz
bbbe28c1a99fbac82fd06ca1cea7b73fba40163db51b8a8a7fd6c092a4f6e2ce 237404 linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
1570600062c20d073ef42d93ff45baa3d9e3898c54e58004f3fcda11ad669a01 1868 linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
ef0e591911c4b30d4d5de0a90788afd381773813ab94f9d0824bb942e53356ad 1057136 linux-headers-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
747500c135d9011293e1c1109ab0909485281c15e7eaddb12d3b9e6bccc6c2a8 461917560 linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27_amd64.ddeb
1589533ae8c9c8a9fb9569576b7a80e945ccec6d50dc0e12a2aa68429968ef02 7827560 linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
69c6de7f26f0baa5d1ef5cbabc0b39855e27a8043af7274d1bc25673d7b7b3bc 12542892 linux-modules-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
724a9f5b08a30fb16b9bf359d7f10dc1b3176e28321a926b102524f729bfc435 11295800 linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
a60acde7f7b8d99d802222586299cf17906e5f18be1a95d54eb71355a1e47b0e 1940 linux-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
Files:
02f07b98cd722f2c64a85cc060fab2d3 114392 devel optional linux-azure-cloud-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
dcadf082d96f734e94965dfb836a2a62 10757936 devel optional linux-azure-headers-5.0.0-1025_5.0.0-1025.27_all.deb
7e07d7cf3cab783abe2761af9d3a7caa 5171400 devel optional linux-azure-tools-5.0.0-1025_5.0.0-1025.27_amd64.deb
1c9fab1e6383f8564a66cfd325f77002 16130 devel optional linux-azure_5.0.0-1025.27_amd64.buildinfo
e71815e05965fdea276a5707f3191b4c 7740734 raw-signing - linux-azure_5.0.0-1025.27_amd64.tar.gz
020b7a7ee026e903c1ed906f513e47b1 24521 raw-translations - linux-azure_5.0.0-1025.27_amd64_translations.tar.gz
0a0060d47fd5deed99f617ecddf33002 237404 kernel optional linux-buildinfo-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
b45f0db1c46192886ceaae46f9049ae3 1868 devel optional linux-cloud-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
9c4f3f06367d23cb508cb02023b33961 1057136 devel optional linux-headers-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
3b7416836237c46fb464a55e9d381986 461917560 devel optional linux-image-unsigned-5.0.0-1025-azure-dbgsym_5.0.0-1025.27_amd64.ddeb
6440e15418372238d5c018838f329a03 7827560 kernel optional linux-image-unsigned-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
5ba756702dcf0f88a0c30806ee73a530 12542892 kernel optional linux-modules-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
f7174dc85e593a6cbc990eda55e70c08 11295800 kernel optional linux-modules-extra-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
a2531b10435efd976967e99f34772af4 1940 devel optional linux-tools-5.0.0-1025-azure_5.0.0-1025.27_amd64.deb
More information about the Disco-changes
mailing list