[ubuntu/xenial-updates] linux-oracle_4.15.0-1029.32~16.04.1_amd64.tar.gz - (Accepted)
Andrea Righi
andrea.righi at canonical.com
Tue Nov 12 22:43:20 UTC 2019
linux-oracle (4.15.0-1029.32~16.04.1) xenial; urgency=medium
[ Ubuntu: 4.15.0-1029.32 ]
* CVE-2019-11135
- [Config] Disable TSX by default when possible
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Date: Fri, 08 Nov 2019 17:57:58 +0100
Changed-By: Andrea Righi <andrea.righi at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-005.buildd>
-------------- next part --------------
Format: 1.8
Date: Fri, 08 Nov 2019 17:57:58 +0100
Source: linux-oracle
Binary: linux-oracle-headers-4.15.0-1029 linux-oracle-tools-4.15.0-1029 linux-image-unsigned-4.15.0-1029-oracle linux-modules-4.15.0-1029-oracle linux-modules-extra-4.15.0-1029-oracle linux-headers-4.15.0-1029-oracle linux-image-unsigned-4.15.0-1029-oracle-dbgsym linux-tools-4.15.0-1029-oracle linux-cloud-tools-4.15.0-1029-oracle linux-buildinfo-4.15.0-1029-oracle
Architecture: amd64 all amd64_translations
Version: 4.15.0-1029.32~16.04.1
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lgw01-amd64-005.buildd>
Changed-By: Andrea Righi <andrea.righi at canonical.com>
Description:
linux-buildinfo-4.15.0-1029-oracle - Linux kernel buildinfo for version 4.15.0 on 64 bit x86 SMP
linux-cloud-tools-4.15.0-1029-oracle - Oracle Linux kernel version specific cloud tools for version 4.15
linux-headers-4.15.0-1029-oracle - Oracle Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1029-oracle - Oracle Linux kernel image for version 4.15.0 on 64 bit x86 SMP
linux-image-unsigned-4.15.0-1029-oracle-dbgsym - Oracle Linux kernel debug image for version 4.15.0 on 64 bit x86
linux-modules-4.15.0-1029-oracle - Oracle Linux kernel extra modules for version 4.15.0 on 64 bit x8
linux-modules-extra-4.15.0-1029-oracle - Oracle Linux kernel extra modules for version 4.15.0 on 64 bit x8
linux-oracle-headers-4.15.0-1029 - Header files related to Oracle Linux kernel version 4.15.0
linux-oracle-tools-4.15.0-1029 - Oracle Linux kernel version specific tools for version 4.15.0-102
linux-tools-4.15.0-1029-oracle - Oracle Linux kernel version specific tools for version 4.15.0-102
Launchpad-Bugs-Fixed: 1849682 1849855 1851205
Changes:
linux-oracle (4.15.0-1029.32~16.04.1) xenial; urgency=medium
.
[ Ubuntu: 4.15.0-1029.32 ]
.
* CVE-2019-11135
- [Config] Disable TSX by default when possible
* KVM NULL pointer deref (LP: #1851205)
- KVM: nVMX: handle page fault in vmread fix
* CVE-2018-12207
- KVM: MMU: drop vcpu param in gpte_access
- kvm: Convert kvm_lock to a mutex
- kvm: x86: Do not release the page inside mmu_set_spte()
- KVM: x86: make FNAME(fetch) and __direct_map more similar
- KVM: x86: remove now unneeded hugepage gfn adjustment
- KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON
- KVM: x86: add tracepoints around __direct_map and FNAME(fetch)
- kvm: x86, powerpc: do not allow clearing largepages debugfs entry
- SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active
- SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
- SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
- SAUCE: kvm: Add helper function for creating VM worker threads
- SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
- SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
- SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT
* CVE-2019-11135
- KVM: x86: use Intel speculation bugs and features as derived in generic x86
code
- x86/msr: Add the IA32_TSX_CTRL MSR
- x86/cpu: Add a helper function x86_read_arch_cap_msr()
- x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
- x86/speculation/taa: Add mitigation for TSX Async Abort
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
- x86/tsx: Add "auto" option to the tsx= cmdline parameter
- x86/speculation/taa: Add documentation for TSX Async Abort
- x86/tsx: Add config options to set tsx=on|off|auto
- SAUCE: x86/speculation/taa: Call tsx_init()
- SAUCE: x86/cpu: Include cpu header from bugs.c
- [Config] Disable TSX by default when possible
* CVE-2019-0154
- SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
- SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA
* CVE-2019-0155
- drm/i915/gtt: Add read only pages to gen8_pte_encode
- drm/i915/gtt: Read-only pages for insert_entries on bdw+
- drm/i915/gtt: Disable read-only support under GVT
- drm/i915: Prevent writing into a read-only object via a GGTT mmap
- drm/i915/cmdparser: Check reg_table_count before derefencing.
- drm/i915/cmdparser: Do not check past the cmd length.
- drm/i915: Silence smatch for cmdparser
- drm/i915: Move engine->needs_cmd_parser to engine->flags
- SAUCE: drm/i915: Rename gen7 cmdparser tables
- SAUCE: drm/i915: Disable Secure Batches for gen6+
- SAUCE: drm/i915: Remove Master tables from cmdparser
- SAUCE: drm/i915: Add support for mandatory cmdparsing
- SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
- SAUCE: drm/i915: Allow parsing of unsized batches
- SAUCE: drm/i915: Add gen9 BCS cmdparsing
- SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
- SAUCE: drm/i915/cmdparser: Add support for backward jumps
- SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching
* bionic/linux: 4.15.0-68.77 -proposed tracker (LP: #1849855)
* [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
setting (LP: #1849682)
- Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."
Checksums-Sha1:
d33f5a0cb5a2e50d5c84fe73db8a863bc659738a 394644 linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
f390b29097bd798e024a8803f8efb52e10e404c3 1239832 linux-headers-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
5e3c1f2807ba7f4747638a63e9a8a3c863937026 629521958 linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32~16.04.1_amd64.ddeb
40403d7ffe592040f40637c2146e0297fdfe3358 8151602 linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
8f49c1355296cfac9e2c2d18e8cad5c05b0e7534 13060094 linux-modules-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
0ef301637c2199f61d0434b48b4e27d4299c016b 32783740 linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
82bf13ff39310839ff362d038c006795082363bc 11031838 linux-oracle-headers-4.15.0-1029_4.15.0-1029.32~16.04.1_all.deb
7443676e4cd754475e4cf2a22c52c3cfbde16ca0 4240148 linux-oracle-tools-4.15.0-1029_4.15.0-1029.32~16.04.1_amd64.deb
0e42daeae456d6e91e98d16d3ec7de2459afd0d5 7977350 linux-oracle_4.15.0-1029.32~16.04.1_amd64.tar.gz
c9a65ed2765ba4167a0e2ff2c6ea2cb956073f0b 24556 linux-oracle_4.15.0-1029.32~16.04.1_amd64_translations.tar.gz
0e6dc90910a8c0caa1d9a78230fd01b8009786d9 1912 linux-tools-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
Checksums-Sha256:
49bbb7ad53e6b4727c7519372f1dda2ca434c78971cc186d2931ac9d8974b793 394644 linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
91cc5e8c80220f8a93fc4359ac4534830c3a9f4eb92e8dd52a77da229e6f8e04 1239832 linux-headers-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
df5742bca783ae82dc1777d1f2fb9451dd5d412b812a05d7c0cdd7b2a52f7f72 629521958 linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32~16.04.1_amd64.ddeb
2108c12ec3228fb4e7855b1bdae875cba21b04c62ba7582904b916e1ccdb9531 8151602 linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
d63b1d31e5fd5bc2c8b56b5e2d4e80a709f156eeebd8ce3e9cfce74b0af994b9 13060094 linux-modules-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
be8404cc9da47da73993f910b7660adf80c4a0be3df33c814a5468be51838f94 32783740 linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
c4ee53549e0cdb12671b3c91e8c10ae1dae3d8e5f661a7c4d0d0e4ac5c23a1a6 11031838 linux-oracle-headers-4.15.0-1029_4.15.0-1029.32~16.04.1_all.deb
41ccb916f3c13afc71eb6792e5d47b8ee1ad31b7e6e78f8802f28a4af9ab1d37 4240148 linux-oracle-tools-4.15.0-1029_4.15.0-1029.32~16.04.1_amd64.deb
55363da71fbe4c69f7460eaa567a069a13e4faf5bff56a3353419c0bb5dcaa39 7977350 linux-oracle_4.15.0-1029.32~16.04.1_amd64.tar.gz
aadfd5c22ef7f9ce93c7c41093b9d8648dbae43aa9700eb9815383cf3e3ae034 24556 linux-oracle_4.15.0-1029.32~16.04.1_amd64_translations.tar.gz
e17bc60c979d7851fb537fc706026a80b39e21cf9762e3dfa64b9d74d8a10256 1912 linux-tools-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
Files:
21e490a1ea650f9220a5e355a9abed31 394644 kernel optional linux-buildinfo-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
69a154b9102642bd3ba7f7f3d109795e 1239832 devel optional linux-headers-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
0df53968ca14381b2e9cc7a50150f931 629521958 devel optional linux-image-unsigned-4.15.0-1029-oracle-dbgsym_4.15.0-1029.32~16.04.1_amd64.ddeb
286a3459f1698972a7257916f8a2e0fb 8151602 kernel optional linux-image-unsigned-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
6fba4794600d558a69815110325f3d17 13060094 kernel optional linux-modules-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
e58305fe09725a36568aec4f1d74f0e3 32783740 kernel optional linux-modules-extra-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
46d3175f6776f3f1a0e9fabb8c5792d6 11031838 devel optional linux-oracle-headers-4.15.0-1029_4.15.0-1029.32~16.04.1_all.deb
dc7881b95eca9c71c051ba8596473098 4240148 devel optional linux-oracle-tools-4.15.0-1029_4.15.0-1029.32~16.04.1_amd64.deb
1efb84b4b4b3194d891b4282f2ebcdf9 7977350 raw-signing - linux-oracle_4.15.0-1029.32~16.04.1_amd64.tar.gz
54051f7719f2c7165438d4e2b7fb404c 24556 raw-translations - linux-oracle_4.15.0-1029.32~16.04.1_amd64_translations.tar.gz
e9a3c463a0b2b6f9a08700ea552c1f2a 1912 devel optional linux-tools-4.15.0-1029-oracle_4.15.0-1029.32~16.04.1_amd64.deb
More information about the Xenial-changes
mailing list