linux-aws 4.4.0-1049.58 source package in Ubuntu
Changelog
linux-aws (4.4.0-1049.58) xenial; urgency=low * linux-aws: 4.4.0-1049.58 -proposed tracker (LP: #1743001) [ Ubuntu: 4.4.0-110.133 ] * linux: 4.4.0-110.133 -proposed tracker (LP: #1742995) * CVE-2017-5753 - x86/microcode/AMD: Add support for fam17h microcode loading - bpf: add bpf_patch_insn_single helper - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis - bpf: add generic constant blinding for use in jits - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - qla2xxx: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/kvm: Pad RSB on VM transition - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/syscall: Clear unused extra registers on syscall entrance - x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance - x86/entry: Use retpoline for syscall's indirect calls - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - x86/svm: Add code to clobber the RSB on VM exit - x86/svm: Add code to clear registers on VM exit - x86/cpu/AMD: Make the LFENCE instruction serialized - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature - powerpc: add gmb barrier - s390/spinlock: add gmb memory barrier - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit - arm64: no gmb() implementation yet - arm: no gmb() implementation yet * CVE-2017-5715 - x86/microcode/AMD: Add support for fam17h microcode loading - bpf: add bpf_patch_insn_single helper - bpf: prepare bpf_int_jit_compile/bpf_prog_select_runtime apis - bpf: add generic constant blinding for use in jits - locking/barriers: introduce new memory barrier gmb() - bpf: prevent speculative execution in eBPF interpreter - x86, bpf, jit: prevent speculative execution when JIT is enabled - uvcvideo: prevent speculative execution - carl9170: prevent speculative execution - qla2xxx: prevent speculative execution - Thermal/int340x: prevent speculative execution - userns: prevent speculative execution - ipv6: prevent speculative execution - fs: prevent speculative execution - net: mpls: prevent speculative execution - udf: prevent speculative execution - x86/feature: Enable the x86 feature to control Speculation - x86/feature: Report presence of IBPB and IBRS control - x86/enter: MACROS to set/clear IBRS and set IBPB - x86/enter: Use IBRS on syscall and interrupts - x86/idle: Disable IBRS entering idle and enable it on wakeup - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup - x86/mm: Set IBPB upon context switch - x86/mm: Only set IBPB when the new thread cannot ptrace current thread - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm - x86/kvm: Set IBPB when switching VM - x86/kvm: Toggle IBRS on VM entry and exit - x86/kvm: Pad RSB on VM transition - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control - x86/syscall: Clear unused extra registers on syscall entrance - x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance - x86/entry: Use retpoline for syscall's indirect calls - x86/cpu/amd, kvm: Satisfy guest kernel reads of IC_CFG MSR - x86/cpu/AMD: Add speculative control support for AMD - x86/microcode: Extend post microcode reload to support IBPB feature - KVM: SVM: Do not intercept new speculative control MSRs - x86/svm: Set IBRS value on VM entry and exit - x86/svm: Set IBPB when running a different VCPU - KVM: x86: Add speculative control CPUID support for guests - x86/svm: Add code to clobber the RSB on VM exit - x86/svm: Add code to clear registers on VM exit - x86/cpu/AMD: Make the LFENCE instruction serialized - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature - powerpc: add gmb barrier - s390/spinlock: add gmb memory barrier - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit - arm64: no gmb() implementation yet - arm: no gmb() implementation yet * powerpc: flush L1D on return to use (LP: #1742772) - SAUCE: powerpc: Secure memory rfi flush - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm - SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS - SAUCE: rfi-flush: Implement congruence-first fallback flush - SAUCE: rfi-flush: Make l1d_flush_type bit flags - SAUCE: rfi-flush: Push the instruction selection down to the patching routine - SAUCE: rfi-flush: Expand the RFI section to two nop slots - SAUCE: rfi-flush: Support more than one flush type at once - SAUCE: rfi-flush: Allow HV to advertise multiple flush types - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush - SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files - SAUCE: Remove setup.h include file otherwise compilation complains about missing header file. - SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing - SAUCE: rfi-flush: Rework powernv logic to be more cautious - SAUCE: rfi-flush: Rework pseries logic to be more cautious - SAUCE: rfi-flush: Fix the fallback flush to actually activate - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN - SAUCE: rfi-flush: Refactor the macros so the nops are defined once - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options - SAUCE: rfi-flush: Use rfi-flush in printks - SAUCE: rfi-flush: Fallback flush add load dependency - SAUCE: rfi-flush: Fix the 32-bit KVM build - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code - SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI * s390: add ppa to kernel entry/exit (LP: #1742771) - s390: introduce CPU alternatives - s390: add ppa to kernel entry / exit * CVE-2017-5754 - x86/tlb: Drop the _GPL from the cpu_tlbstate export - Map the vsyscall page with _PAGE_USER - s390: introduce CPU alternatives - s390: add ppa to kernel entry / exit - SAUCE: powerpc: Secure memory rfi flush - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm - SAUCE: Fixup rfid in kvmppc_skip_Hinterrupt should be hrfid - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS - SAUCE: rfi-flush: Implement congruence-first fallback flush - SAUCE: rfi-flush: Make l1d_flush_type bit flags - SAUCE: rfi-flush: Push the instruction selection down to the patching routine - SAUCE: rfi-flush: Expand the RFI section to two nop slots - SAUCE: rfi-flush: Support more than one flush type at once - SAUCE: rfi-flush: Allow HV to advertise multiple flush types - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush - SAUCE: powerpc/asm: Allow including ppc_asm.h in asm files - SAUCE: Remove setup.h include file otherwise compilation complains about missing header file. - SAUCE: Fix compilation errors for arch/powerpc/lib/feature-fixups.c - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing - SAUCE: rfi-flush: Rework powernv logic to be more cautious - SAUCE: rfi-flush: Rework pseries logic to be more cautious - SAUCE: rfi-flush: Fix the fallback flush to actually activate - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN - SAUCE: rfi-flush: Refactor the macros so the nops are defined once - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options - SAUCE: rfi-flush: Use rfi-flush in printks - SAUCE: rfi-flush: Fallback flush add load dependency - SAUCE: rfi-flush: Fix the 32-bit KVM build - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code - SAUCE: UBUNTU: [Config] Disable CONFIG_PPC_DEBUG_RFI -- Kamal Mostafa <email address hidden> Fri, 12 Jan 2018 14:39:25 -0800
Upload details
- Uploaded by:
- Kamal Mostafa
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Kernel Team
- Architectures:
- all amd64
- Section:
- devel
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
linux-aws_4.4.0.orig.tar.gz | 126.7 MiB | 730e75919b5d30a9bc934ccb300eaedfdf44994ca9ee1d07a46901c46c221357 |
linux-aws_4.4.0-1049.58.diff.gz | 16.9 MiB | e080573ae4cb11ae9cb89750647b67a33a03579d4a5ee3808bb43f78aac5af14 |
linux-aws_4.4.0-1049.58.dsc | 3.5 KiB | 72d05fb0af19d086319a53b48e1b243cca8b682f6a9c930308e5af3c46560e9b |
Available diffs
- diff from 4.4.0-1048.57 to 4.4.0-1049.58 (7.1 MiB)
Binary packages built by this source
- linux-aws-cloud-tools-4.4.0-1049: Linux kernel version specific cloud tools for version 4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools for cloud tools for version 4.4.0-1049 on
64 bit x86.
You probably want to install linux-cloud-tools-4. 4.0-1049- <flavour> .
- linux-aws-cloud-tools-4.4.0-1049-dbgsym: debug symbols for package linux-aws-cloud-tools-4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools for cloud tools for version 4.4.0-1049 on
64 bit x86.
You probably want to install linux-cloud-tools-4. 4.0-1049- <flavour> .
- linux-aws-headers-4.4.0-1049: Header files related to Linux kernel version 4.4.0
This package provides kernel header files for version 4.4.0, for sites
that want the latest kernel headers. Please read
/usr/share/doc/linux- aws-headers- 4.4.0-1049/ debian. README. gz for details
- linux-aws-tools-4.4.0-1049: Linux kernel version specific tools for version 4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1049 on
64 bit x86.
You probably want to install linux-tools-4.4.0-1049- <flavour> .
- linux-aws-tools-4.4.0-1049-dbgsym: debug symbols for package linux-aws-tools-4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1049 on
64 bit x86.
You probably want to install linux-tools-4.4.0-1049- <flavour> .
- linux-cloud-tools-4.4.0-1049-aws: Linux kernel version specific cloud tools for version 4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools for cloud for version 4.4.0-1049 on
64 bit x86.
- linux-headers-4.4.0-1049-aws: Linux kernel headers for version 4.4.0 on 64 bit x86 SMP
This package provides kernel header files for version 4.4.0 on
64 bit x86 SMP.
.
This is for sites that want the latest kernel headers. Please read
/usr/share/doc/linux- headers- 4.4.0-1049/ debian. README. gz for details.
- linux-image-4.4.0-1049-aws: Linux kernel image for version 4.4.0 on 64 bit x86 SMP
This package contains the Linux kernel image for version 4.4.0 on
64 bit x86 SMP.
.
Also includes the corresponding System.map file, the modules built by the
packager, and scripts that try to ensure that the system is not left in an
unbootable state after an update.
.
Supports AWS processors.
.
Geared toward Amazon Web Services (AWS) systems.
.
You likely do not want to install this package directly. Instead, install
the linux-aws meta-package, which will ensure that upgrades work
correctly, and that supporting packages are also installed.
- linux-image-4.4.0-1049-aws-dbgsym: Linux kernel debug image for version 4.4.0 on 64 bit x86 SMP
This package provides a kernel debug image for version 4.4.0 on
64 bit x86 SMP.
.
This is for sites that wish to debug the kernel.
.
The kernel image contained in this package is NOT meant to boot from. It
is uncompressed, and unstripped. This package also includes the
unstripped modules.
- linux-tools-4.4.0-1049-aws: Linux kernel version specific tools for version 4.4.0-1049
This package provides the architecture dependant parts for kernel
version locked tools (such as perf and x86_energy_perf_policy) for
version 4.4.0-1049 on
64 bit x86.