Ubuntu
linux-nvidia package

linux-nvidia 6.8.0-1005.5 source package in Ubuntu

Changelog

linux-nvidia (6.8.0-1005.5) noble; urgency=medium

  * noble/linux-nvidia: 6.8.0-1005.5 -proposed tracker (LP: #2060232)

  * Packaging resync (LP: #1786013)
    - [Packaging] drop getabis data
    - [Packaging] Replace fs/cifs with fs/smb in inclusion list
    - [Packaging] debian.nvidia/dkms-versions -- update from kernel-versions
      (main/d2024.04.04)

  * Enable GDS in the 6.8 based linux-nvidia kernel (LP: #2059814)
    - NVIDIA: SAUCE: Patch NFS driver to support GDS with 6.8 Kernel
    - NVIDIA: SAUCE: NVMe/MVMEeOF: Patch NVMe/NVMeOF driver to support GDS on
      Linux 6.8 Kernel
    - NVIDIA: [Config] Add nvidia-fs build dependencies

  * Reapply the linux-nvidia kernel config options from the 5.15 and 6.5 kernels
    (LP: #2060327)
    - NVIDIA: [Config]: Grouping AAEON config options together, under a comment
    - NVIDIA: [Config]: Disable the NOUVEAU driver which is not used with -nvidia
      kernels
    - NVIDIA: [Config]: Adding CORESIGHT and ARM64_ERRATUM configs to annotations

  [ Ubuntu: 6.8.0-28.28 ]

  * noble/linux: 6.8.0-28.28 -proposed tracker (LP: #2061867)
  * linux-gcp 6.8.0-1005.5 (+ others) Noble kernel regression iwth new apparmor
    profiles/features (LP: #2061851)
    - SAUCE: apparmor4.0.0 [92/90]: fix address mapping for recvfrom

  [ Ubuntu: 6.8.0-25.25 ]

  * noble/linux: 6.8.0-25.25 -proposed tracker (LP: #2061083)
  * Packaging resync (LP: #1786013)
    - [Packaging] debian.master/dkms-versions -- update from kernel-versions
      (main/d2024.04.04)
  * Apply mitigations for the native BHI hardware vulnerabilty (LP: #2060909)
    - x86/cpufeatures: Add new word for scattered features
    - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file
    - x86/syscall: Don't force use of indirect calls for system calls
    - x86/bhi: Add support for clearing branch history at syscall entry
    - x86/bhi: Define SPEC_CTRL_BHI_DIS_S
    - x86/bhi: Enumerate Branch History Injection (BHI) bug
    - x86/bhi: Add BHI mitigation knob
    - x86/bhi: Mitigate KVM by default
    - KVM: x86: Add BHI_NO
    - x86: set SPECTRE_BHI_ON as default
    - [Config] enable spectre_bhi=auto by default
  * update apparmor and LSM stacking patch set (LP: #2028253)
    - SAUCE: apparmor4.0.0 [01/90]: LSM stacking v39: integrity: disassociate
      ima_filter_rule from security_audit_rule
    - SAUCE: apparmor4.0.0 [02/90]: LSM stacking v39: SM: Infrastructure
      management of the sock security
    - SAUCE: apparmor4.0.0 [03/90]: LSM stacking v39: LSM: Add the lsmblob data
      structure.
    - SAUCE: apparmor4.0.0 [04/90]: LSM stacking v39: IMA: avoid label collisions
      with stacked LSMs
    - SAUCE: apparmor4.0.0 [05/90]: LSM stacking v39: LSM: Use lsmblob in
      security_audit_rule_match
    - SAUCE: apparmor4.0.0 [06/90]: LSM stacking v39: LSM: Add lsmblob_to_secctx
      hook
    - SAUCE: apparmor4.0.0 [07/90]: LSM stacking v39: Audit: maintain an lsmblob
      in audit_context
    - SAUCE: apparmor4.0.0 [08/90]: LSM stacking v39: LSM: Use lsmblob in
      security_ipc_getsecid
    - SAUCE: apparmor4.0.0 [09/90]: LSM stacking v39: Audit: Update shutdown LSM
      data
    - SAUCE: apparmor4.0.0 [10/90]: LSM stacking v39: LSM: Use lsmblob in
      security_current_getsecid
    - SAUCE: apparmor4.0.0 [11/90]: LSM stacking v39: LSM: Use lsmblob in
      security_inode_getsecid
    - SAUCE: apparmor4.0.0 [12/90]: LSM stacking v39: Audit: use an lsmblob in
      audit_names
    - SAUCE: apparmor4.0.0 [13/90]: LSM stacking v39: LSM: Create new
      security_cred_getlsmblob LSM hook
    - SAUCE: apparmor4.0.0 [14/90]: LSM stacking v39: Audit: Change context data
      from secid to lsmblob
    - SAUCE: apparmor4.0.0 [15/90]: LSM stacking v39: Netlabel: Use lsmblob for
      audit data
    - SAUCE: apparmor4.0.0 [16/90]: LSM stacking v39: LSM: Ensure the correct LSM
      context releaser
    - SAUCE: apparmor4.0.0 [17/90]: LSM stacking v39: LSM: Use lsmcontext in
      security_secid_to_secctx
    - SAUCE: apparmor4.0.0 [18/90]: LSM stacking v39: LSM: Use lsmcontext in
      security_lsmblob_to_secctx
    - SAUCE: apparmor4.0.0 [19/90]: LSM stacking v39: LSM: Use lsmcontext in
      security_inode_getsecctx
    - SAUCE: apparmor4.0.0 [20/90]: LSM stacking v39: LSM: Use lsmcontext in
      security_dentry_init_security
    - SAUCE: apparmor4.0.0 [21/90]: LSM stacking v39: LSM:
      security_lsmblob_to_secctx module selection
    - SAUCE: apparmor4.0.0 [22/90]: LSM stacking v39: Audit: Create audit_stamp
      structure
    - SAUCE: apparmor4.0.0 [23/90]: LSM stacking v39: Audit: Allow multiple
      records in an audit_buffer
    - SAUCE: apparmor4.0.0 [24/90]: LSM stacking v39: Audit: Add record for
      multiple task security contexts
    - SAUCE: apparmor4.0.0 [25/90]: LSM stacking v39: audit: multiple subject lsm
      values for netlabel
    - SAUCE: apparmor4.0.0 [26/90]: LSM stacking v39: Audit: Add record for
      multiple object contexts
    - SAUCE: apparmor4.0.0 [27/90]: LSM stacking v39: LSM: Remove unused
      lsmcontext_init()
    - SAUCE: apparmor4.0.0 [28/90]: LSM stacking v39: LSM: Improve logic in
      security_getprocattr
    - SAUCE: apparmor4.0.0 [29/90]: LSM stacking v39: LSM: secctx provider check
      on release
    - SAUCE: apparmor4.0.0 [31/90]: LSM stacking v39: LSM: Exclusive secmark usage
    - SAUCE: apparmor4.0.0 [32/90]: LSM stacking v39: LSM: Identify which LSM
      handles the context string
    - SAUCE: apparmor4.0.0 [33/90]: LSM stacking v39: AppArmor: Remove the
      exclusive flag
    - SAUCE: apparmor4.0.0 [34/90]: LSM stacking v39: LSM: Add mount opts blob
      size tracking
    - SAUCE: apparmor4.0.0 [35/90]: LSM stacking v39: LSM: allocate mnt_opts blobs
      instead of module specific data
    - SAUCE: apparmor4.0.0 [36/90]: LSM stacking v39: LSM: Infrastructure
      management of the key security blob
    - SAUCE: apparmor4.0.0 [37/90]: LSM stacking v39: LSM: Infrastructure
      management of the mnt_opts security blob
    - SAUCE: apparmor4.0.0 [38/90]: LSM stacking v39: LSM: Correct handling of
      ENOSYS in inode_setxattr
    - SAUCE: apparmor4.0.0 [39/90]: LSM stacking v39: LSM: Remove lsmblob
      scaffolding
    - SAUCE: apparmor4.0.0 [40/90]: LSM stacking v39: LSM: Allow reservation of
      netlabel
    - SAUCE: apparmor4.0.0 [41/90]: LSM stacking v39: LSM: restrict
      security_cred_getsecid() to a single LSM
    - SAUCE: apparmor4.0.0 [42/90]: LSM stacking v39: Smack: Remove
      LSM_FLAG_EXCLUSIVE
    - SAUCE: apparmor4.0.0 [43/90]: LSM stacking v39: UBUNTU: SAUCE: apparmor4.0.0
      [12/95]: add/use fns to print hash string hex value
    - SAUCE: apparmor4.0.0 [44/90]: patch to provide compatibility with v2.x net
      rules
    - SAUCE: apparmor4.0.0 [45/90]: add unpriviled user ns mediation
    - SAUCE: apparmor4.0.0 [46/90]: Add sysctls for additional controls of unpriv
      userns restrictions
    - SAUCE: apparmor4.0.0 [47/90]: af_unix mediation
    - SAUCE: apparmor4.0.0 [48/90]: Add fine grained mediation of posix mqueues
    - SAUCE: apparmor4.0.0 [49/90]: setup slab cache for audit data
    - SAUCE: apparmor4.0.0 [50/90]: Improve debug print infrastructure
    - SAUCE: apparmor4.0.0 [51/90]: add the ability for profiles to have a
      learning cache
    - SAUCE: apparmor4.0.0 [52/90]: enable userspace upcall for mediation
    - SAUCE: apparmor4.0.0 [53/90]: prompt - lock down prompt interface
    - SAUCE: apparmor4.0.0 [54/90]: prompt - allow controlling of caching of a
      prompt response
    - SAUCE: apparmor4.0.0 [55/90]: prompt - add refcount to audit_node in prep or
      reuse and delete
    - SAUCE: apparmor4.0.0 [56/90]: prompt - refactor to moving caching to
      uresponse
    - SAUCE: apparmor4.0.0 [57/90]: prompt - Improve debug statements
    - SAUCE: apparmor4.0.0 [58/90]: prompt - fix caching
    - SAUCE: apparmor4.0.0 [59/90]: prompt - rework build to use append fn, to
      simplify adding strings
    - SAUCE: apparmor4.0.0 [60/90]: prompt - refcount notifications
    - SAUCE: apparmor4.0.0 [61/90]: prompt - add the ability to reply with a
      profile name
    - SAUCE: apparmor4.0.0 [62/90]: prompt - fix notification cache when updating
    - SAUCE: apparmor4.0.0 [63/90]: prompt - add tailglob on name for cache
      support
    - SAUCE: apparmor4.0.0 [64/90]: prompt - allow profiles to set prompts as
      interruptible
    - SAUCE: apparmor4.0.0 [65/90] v6.8 prompt:fixup interruptible
    - SAUCE: apparmor4.0.0 [69/90]: add io_uring mediation
    - SAUCE: apparmor4.0.0 [70/90]: apparmor: fix oops when racing to retrieve
      notification
    - SAUCE: apparmor4.0.0 [71/90]: apparmor: fix notification header size
    - SAUCE: apparmor4.0.0 [72/90]: apparmor: fix request field from a prompt
      reply that denies all access
    - SAUCE: apparmor4.0.0 [73/90]: apparmor: open userns related sysctl so lxc
      can check if restriction are in place
    - SAUCE: apparmor4.0.0 [74/90]: apparmor: cleanup attachment perm lookup to
      use lookup_perms()
    - SAUCE: apparmor4.0.0 [75/90]: apparmor: remove redundant unconfined check.
    - SAUCE: apparmor4.0.0 [76/90]: apparmor: switch signal mediation to using
      RULE_MEDIATES
    - SAUCE: apparmor4.0.0 [77/90]: apparmor: ensure labels with more than one
      entry have correct flags
    - SAUCE: apparmor4.0.0 [78/90]: apparmor: remove explicit restriction that
      unconfined cannot use change_hat
    - SAUCE: apparmor4.0.0 [79/90]: apparmor: cleanup: refactor file_perm() to
      provide semantics of some checks
    - SAUCE: apparmor4.0.0 [80/90]: apparmor: carry mediation check on label
    - SAUCE: apparmor4.0.0 [81/90]: apparmor: convert easy uses of unconfined() to
      label_mediates()
    - SAUCE: apparmor4.0.0 [82/90]: apparmor: add additional flags to extended
      permission.
    - SAUCE: apparmor4.0.0 [83/90]: apparmor: add support for profiles to define
      the kill signal
    - SAUCE: apparmor4.0.0 [84/90]: apparmor: fix x_table_lookup when stacking is
      not the first entry
    - SAUCE: apparmor4.0.0 [85/90]: apparmor: allow profile to be transitioned
      when a user ns is created
    - SAUCE: apparmor4.0.0 [86/90]: apparmor: add ability to mediate caps with
      policy state machine
    - SAUCE: apparmor4.0.0 [87/90]: fixup notify
    - SAUCE: apparmor4.0.0 [88/90]: apparmor: add fine grained ipv4/ipv6 mediation
    - SAUCE: apparmor4.0.0 [89/90]:apparmor: disable tailglob responses for now
    - SAUCE: apparmor4.0.0 [90/90]: apparmor: Fix notify build warnings
    - SAUCE: apparmor4.0.0: fix reserved mem for when we save ipv6 addresses
    - [Config] disable CONFIG_SECURITY_APPARMOR_RESTRICT_USERNS
  * update apparmor and LSM stacking patch set (LP: #2028253) // [FFe]
    apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic
    (LP: #2032602)
    - SAUCE: apparmor4.0.0 [66/90]: prompt - add support for advanced filtering of
      notifications
    - SAUCE: apparmor4.0.0 [67/90]: userns - add the ability to reference a global
      variable for a feature value
    - SAUCE: apparmor4.0.0 [68/90]: userns - make it so special unconfined
      profiles can mediate user namespaces
  * [MTL] x86: Fix Cache info sysfs is not populated (LP: #2049793)
    - SAUCE: cacheinfo: Check for null last-level cache info
    - SAUCE: cacheinfo: Allocate memory for memory if not done from the primary
      CPU
    - SAUCE: x86/cacheinfo: Delete global num_cache_leaves
    - SAUCE: x86/cacheinfo: Clean out init_cache_level()
  * Miscellaneous Ubuntu changes
    - SAUCE: apparmor4.0.0: LSM stacking v39: fix build error with
      CONFIG_SECURITY=n
    - [Config] toolchain version update

  [ Ubuntu: 6.8.0-22.22 ]

  * noble/linux: 6.8.0-22.22 -proposed tracker (LP: #2060238)

  [ Ubuntu: 6.8.0-21.21 ]

  * noble/linux: 6.8.0-21.21 -proposed tracker (LP: #2060225)
  * Miscellaneous Ubuntu changes
    - [Config] update toolchain version in annotations

 -- Ian May <email address hidden>  Tue, 16 Apr 2024 17:12:48 -0500

Upload details

Uploaded by:
Ian May
Uploaded to:
Noble
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64 arm64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Oracular proposed main devel

Builds

Noble: [FULLYBUILT] amd64 [FULLYBUILT] arm64

Downloads

File Size SHA-256 Checksum
linux-nvidia_6.8.0.orig.tar.gz 219.4 MiB 26512115972bdf017a4ac826cc7d3e9b0ba397d4f85cd330e4e4ff54c78061c8
linux-nvidia_6.8.0-1005.5.diff.gz 1.5 MiB 6c8ee9d9af310c96d49852e35c482dfa5f89cd8e1f4fb3d1e7040f7467744f53
linux-nvidia_6.8.0-1005.5.dsc 6.7 KiB 6c8403dd391b38f8a4f68010314fdfd5480e6dd5ad5e3e1e4a629d8c807be42e

View changes file

Binary packages built by this source

linux-buildinfo-6.8.0-1005-nvidia: Linux kernel buildinfo for version 6.8.0 on ARMv8 SMP

 This package contains the Linux kernel buildinfo for version 6.8.0 on
 ARMv8 SMP.
 .
 You likely do not want to install this package.

linux-buildinfo-6.8.0-1005-nvidia-64k: No summary available for linux-buildinfo-6.8.0-1005-nvidia-64k in ubuntu noble.

No description available for linux-buildinfo-6.8.0-1005-nvidia-64k in ubuntu noble.

linux-headers-6.8.0-1005-nvidia: No summary available for linux-headers-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-headers-6.8.0-1005-nvidia in ubuntu noble.

linux-headers-6.8.0-1005-nvidia-64k: Linux kernel headers for version 6.8.0 on ARMv8 SMP

 This package provides kernel header files for version 6.8.0 on
 ARMv8 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-6.8.0-1005/debian.README.gz for details.

linux-image-unsigned-6.8.0-1005-nvidia: No summary available for linux-image-unsigned-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-image-unsigned-6.8.0-1005-nvidia in ubuntu noble.

linux-image-unsigned-6.8.0-1005-nvidia-64k: Linux kernel image for version 6.8.0 on ARMv8 SMP

 This package contains the unsigned Linux kernel image for version 6.8.0 on
 ARMv8 SMP.
 .
 Supports Nvidia 64K pages processors.
 .
 Geared toward desktop and server systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-nvidia-64k meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-unsigned-6.8.0-1005-nvidia-64k-dbgsym: No summary available for linux-image-unsigned-6.8.0-1005-nvidia-64k-dbgsym in ubuntu noble.

No description available for linux-image-unsigned-6.8.0-1005-nvidia-64k-dbgsym in ubuntu noble.

linux-image-unsigned-6.8.0-1005-nvidia-dbgsym: Linux kernel debug image for version 6.8.0 on ARMv8 SMP

 This package provides the unsigned kernel debug image for version 6.8.0 on
 ARMv8 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-modules-6.8.0-1005-nvidia: No summary available for linux-modules-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-modules-6.8.0-1005-nvidia in ubuntu noble.

linux-modules-6.8.0-1005-nvidia-64k: No summary available for linux-modules-6.8.0-1005-nvidia-64k in ubuntu noble.

No description available for linux-modules-6.8.0-1005-nvidia-64k in ubuntu noble.

linux-modules-extra-6.8.0-1005-nvidia: No summary available for linux-modules-extra-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-modules-extra-6.8.0-1005-nvidia in ubuntu noble.

linux-modules-iwlwifi-6.8.0-1005-nvidia: No summary available for linux-modules-iwlwifi-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-modules-iwlwifi-6.8.0-1005-nvidia in ubuntu noble.

linux-modules-nvidia-fs-6.8.0-1005-nvidia: Linux kernel nvidia-fs modules for version 6.8.0-1005

 This package provides the Linux kernel nvidia-fs modules for version
 6.8.0-1005.
 .
 You likely do not want to install this package directly. Instead, install the
 one of the linux-modules-nvidia-fs-nvidia* meta-packages,
 which will ensure that upgrades work correctly, and that supporting packages are
 also installed.

linux-modules-nvidia-fs-6.8.0-1005-nvidia-64k: Linux kernel nvidia-fs modules for version 6.8.0-1005

 This package provides the Linux kernel nvidia-fs modules for version
 6.8.0-1005.
 .
 You likely do not want to install this package directly. Instead, install the
 one of the linux-modules-nvidia-fs-nvidia-64k* meta-packages,
 which will ensure that upgrades work correctly, and that supporting packages are
 also installed.

linux-nvidia-headers-6.8.0-1005: Header files related to Linux kernel version 6.8.0

 This package provides kernel header files for version 6.8.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-nvidia-headers-6.8.0-1005/debian.README.gz for details

linux-nvidia-tools-6.8.0-1005: Linux kernel version specific tools for version 6.8.0-1005

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 6.8.0-1005 on
 ARMv8.
 You probably want to install linux-tools-6.8.0-1005-<flavour>.

linux-nvidia-tools-host: No summary available for linux-nvidia-tools-host in ubuntu noble.

No description available for linux-nvidia-tools-host in ubuntu noble.

linux-tools-6.8.0-1005-nvidia: No summary available for linux-tools-6.8.0-1005-nvidia in ubuntu noble.

No description available for linux-tools-6.8.0-1005-nvidia in ubuntu noble.

linux-tools-6.8.0-1005-nvidia-64k: Linux kernel version specific tools for version 6.8.0-1005

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 6.8.0-1005 on
 ARMv8.