[ubuntu/xenial-updates] linux-gcp_4.15.0-1049.52_amd64.tar.gz - (Accepted)
Stefan Bader
stefan.bader at canonical.com
Tue Nov 12 22:43:18 UTC 2019
linux-gcp (4.15.0-1049.52) xenial; urgency=medium
* CVE-2019-11135
- [Config] gcp: Disable TSX by default when possible
[ Ubuntu: 4.15.0-69.78 ]
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
[ Ubuntu: 4.15.0-68.77 ]
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Date: Fri, 08 Nov 2019 10:59:48 +0100
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-035.buildd>
-------------- next part --------------
Format: 1.8
Date: Fri, 08 Nov 2019 10:59:48 +0100
Source: linux-gcp
Binary: linux-gcp-headers-4.15.0-1049 linux-gcp-tools-4.15.0-1049 linux-image-unsigned-4.15.0-1049-gcp linux-modules-4.15.0-1049-gcp linux-modules-extra-4.15.0-1049-gcp linux-headers-4.15.0-1049-gcp linux-image-unsigned-4.15.0-1049-gcp-dbgsym linux-tools-4.15.0-1049-gcp linux-buildinfo-4.15.0-1049-gcp
Architecture: amd64 amd64_translations
Version: 4.15.0-1049.52
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-035.buildd>
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Description:
linux-buildinfo-4.15.0-1049-gcp - Linux kernel buildinfo for version 4.15.0 on 64 bit x86 SMP
linux-gcp-headers-4.15.0-1049 - Header files related to Linux kernel version 4.15.0
linux-gcp-tools-4.15.0-1049 - Linux kernel version specific tools for version 4.15.0-1049
linux-headers-4.15.0-1049-gcp - Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1049-gcp - Linux kernel image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1049-gcp-dbgsym - Linux kernel debug image for version 4.15.0 on 64 bit x86 SMP
linux-modules-4.15.0-1049-gcp - Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
linux-modules-extra-4.15.0-1049-gcp - Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
linux-tools-4.15.0-1049-gcp - Linux kernel version specific tools for version 4.15.0-1049
Launchpad-Bugs-Fixed: 1849682 1849855 1851205
Changes:
linux-gcp (4.15.0-1049.52) xenial; urgency=medium
.
* CVE-2019-11135
- [Config] gcp: Disable TSX by default when possible
.
[ Ubuntu: 4.15.0-69.78 ]
.
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
.
[ Ubuntu: 4.15.0-68.77 ]
.
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Checksums-Sha1:
7864e8bc03f5d0c2c9b1aa889ac696ef3d353c53 391906 linux-buildinfo-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
c2052d7b9c5ac49a93be7c01d9c817b9f4819c53 11030780 linux-gcp-headers-4.15.0-1049_4.15.0-1049.52_amd64.deb
329d28c3fd0b345165a483a2b7125fdab3c97994 3930158 linux-gcp-tools-4.15.0-1049_4.15.0-1049.52_amd64.deb
b6ed90cc712e870984b875bdb0317c9a54db5a18 7946818 linux-gcp_4.15.0-1049.52_amd64.tar.gz
dcbf498ce32681e4824db6e8d623b9ff0cb71a72 24554 linux-gcp_4.15.0-1049.52_amd64_translations.tar.gz
d7c572b03dde556c6c022afd1c2c2d73bab1f53d 1239926 linux-headers-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
e76d9c654ac01218656b4221e3cb0e78d5ec82b1 625141942 linux-image-unsigned-4.15.0-1049-gcp-dbgsym_4.15.0-1049.52_amd64.ddeb
4911bfc7882a3ab1a5f57df4e40e3f219dfa2ba5 8120968 linux-image-unsigned-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
4ccc6b699c3aa38dda9b1427d96eb99d61a9dd9f 12936638 linux-modules-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
55c9ec03ee145704e8cb8e3223a81fd4b202e06a 32575392 linux-modules-extra-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
47f83d068e59df5ad4b5bf18cf24ab9902cfc1f5 1878 linux-tools-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
Checksums-Sha256:
d5b1d1279c6f2e1540d2f60571542ec50f122ad1a0672ec8b6e338fe5667bd6d 391906 linux-buildinfo-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
0d4955a4b86c6a980930825ee0563307f2b118f7db1f5c573260dadd2b6c94ec 11030780 linux-gcp-headers-4.15.0-1049_4.15.0-1049.52_amd64.deb
f2773929f6447cbf5152280c595110e1a059e1328c6d68e3c2f77454666177bd 3930158 linux-gcp-tools-4.15.0-1049_4.15.0-1049.52_amd64.deb
8df56c2cec5dfb5d6ad407f013e95fea731e028aa9e3eeffcfa09760a15fbd3a 7946818 linux-gcp_4.15.0-1049.52_amd64.tar.gz
c506f29d975e8dd1ff3462dbb8fc6892c6119febb5d6cf17effd9c4c1dcbd607 24554 linux-gcp_4.15.0-1049.52_amd64_translations.tar.gz
f03d04305e0e83153b27166a1c184854d6fd4b717733dc909e3a26f26b8f2634 1239926 linux-headers-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
3fd3c3146c997d0ea76bbbfa51cbd47148a43fd14d672e10c253cc053fec7265 625141942 linux-image-unsigned-4.15.0-1049-gcp-dbgsym_4.15.0-1049.52_amd64.ddeb
ca138a1bbeac54f7e51a04d5b63506754457ffe148a2c80020a2a48c029df602 8120968 linux-image-unsigned-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
90bee5e23418331c5d2171e0b2cf24917855d08d3afbe6dfca88876b4513bc8a 12936638 linux-modules-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
ac7b2a603d2dd38fe426e60116e9fef45b15f6c8b1c106792c849a15d170bb79 32575392 linux-modules-extra-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
a46545976a8dd855f151c99a264a6470fb54065532615a3a37c36a1e87f4fdd1 1878 linux-tools-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
Files:
92ba4732852f9fac05bb6eaea7907373 391906 kernel optional linux-buildinfo-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
126b66284a40c2bd3b336c0896dcb7da 11030780 devel optional linux-gcp-headers-4.15.0-1049_4.15.0-1049.52_amd64.deb
de613cf7992693d924db31155a9f8089 3930158 devel optional linux-gcp-tools-4.15.0-1049_4.15.0-1049.52_amd64.deb
5a33af8e012349b8a7eb267fa3c06cb9 7946818 raw-signing - linux-gcp_4.15.0-1049.52_amd64.tar.gz
20c261cadc458dea06138d8e488b8de2 24554 raw-translations - linux-gcp_4.15.0-1049.52_amd64_translations.tar.gz
1fc9fea093fc1d2509c3515b963572bd 1239926 devel optional linux-headers-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
00592a7d107043d34c5eb0d1f1948837 625141942 devel optional linux-image-unsigned-4.15.0-1049-gcp-dbgsym_4.15.0-1049.52_amd64.ddeb
92d708fb96cc70b882400697d0a5206f 8120968 kernel optional linux-image-unsigned-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
feb02d03423ddfefde4a9764a728f353 12936638 kernel optional linux-modules-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
149e256b763fe7c0499c81037ff58ddd 32575392 kernel optional linux-modules-extra-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
b89816c007a629cb12bd0ed4969fa75f 1878 devel optional linux-tools-4.15.0-1049-gcp_4.15.0-1049.52_amd64.deb
More information about the Xenial-changes
mailing list