linux-oem 4.13.0-1015.16 source package in Ubuntu

Changelog

linux-oem (4.13.0-1015.16) xenial; urgency=low

  * linux-oem: 4.13.0-1015.16 -proposed tracker (LP: #1741958)

  [ Ubuntu: 4.13.0-25.29 ]

  * linux: 4.13.0-25.29 -proposed tracker (LP: #1741955)
  * CVE-2017-5754
    - Revert "UBUNTU: [Config] updateconfigs to enable PTI"
    - [Config] Enable PTI with UNWINDER_FRAME_POINTER

linux-oem (4.13.0-1014.15) xenial; urgency=low

  * linux-oem: 4.13.0-1014.15 -proposed tracker (LP: #1741746)

  CHANGELOG: Do not edit directly. Autogenerated at release.
  CHANGELOG: Use the printchanges target to see the curent changes.
  CHANGELOG: Use the insertchanges target to create the final log.

  [ Ubuntu: 4.13.0-24.28 ]

  * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745)
  * CVE-2017-5754
    - x86/cpu, x86/pti: Do not enable PTI on AMD processors

  [ Ubuntu: 4.13.0-23.27 ]

  * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556)
  * CVE-2017-5754
    - x86/mm: Add the 'nopcid' boot option to turn off PCID
    - x86/mm: Enable CR4.PCIDE on supported systems
    - x86/mm: Document how CR4.PCIDE restore works
    - x86/entry/64: Refactor IRQ stacks and make them NMI-safe
    - x86/entry/64: Initialize the top of the IRQ stack before switching stacks
    - x86/entry/64: Add unwind hint annotations
    - xen/x86: Remove SME feature in PV guests
    - x86/xen/64: Rearrange the SYSCALL entries
    - irq: Make the irqentry text section unconditional
    - x86/xen/64: Fix the reported SS and CS in SYSCALL
    - x86/paravirt/xen: Remove xen_patch()
    - x86/traps: Simplify pagefault tracing logic
    - x86/idt: Unify gate_struct handling for 32/64-bit kernels
    - x86/asm: Replace access to desc_struct:a/b fields
    - x86/xen: Get rid of paravirt op adjust_exception_frame
    - x86/paravirt: Remove no longer used paravirt functions
    - x86/entry: Fix idtentry unwind hint
    - x86/mm/64: Initialize CR4.PCIDE early
    - objtool: Add ORC unwind table generation
    - objtool, x86: Add facility for asm code to provide unwind hints
    - x86/unwind: Add the ORC unwinder
    - x86/kconfig: Consolidate unwinders into multiple choice selection
    - objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER
    - x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry
    - x86/mm: Give each mm TLB flush generation a unique ID
    - x86/mm: Track the TLB's tlb_gen and update the flushing algorithm
    - x86/mm: Rework lazy TLB mode and TLB freshness tracking
    - x86/mm: Implement PCID based optimization: try to preserve old TLB entries
      using PCID
    - x86/mm: Factor out CR3-building code
    - x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code
    - x86/mm: Flush more aggressively in lazy TLB mode
    - Revert "x86/mm: Stop calling leave_mm() in idle code"
    - kprobes/x86: Set up frame pointer in kprobe trampoline
    - x86/tracing: Introduce a static key for exception tracing
    - x86/boot: Add early cmdline parsing for options with arguments
    - mm, x86/mm: Fix performance regression in get_user_pages_fast()
    - x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates
    - objtool: Don't report end of section error after an empty unwind hint
    - x86/head: Remove confusing comment
    - x86/head: Remove unused 'bad_address' code
    - x86/head: Fix head ELF function annotations
    - x86/boot: Annotate verify_cpu() as a callable function
    - x86/xen: Fix xen head ELF annotations
    - x86/xen: Add unwind hint annotations
    - x86/head: Add unwind hint annotations
    - ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq()
    - x86/unwinder: Make CONFIG_UNWINDER_ORC=y the default in the 64-bit defconfig
    - x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state'
      tracepoints
    - x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'
    - x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit
    - bitops: Add clear/set_bit32() to linux/bitops.h
    - x86/cpuid: Add generic table for CPUID dependencies
    - x86/fpu: Parse clearcpuid= as early XSAVE argument
    - x86/fpu: Make XSAVE check the base CPUID features before enabling
    - x86/fpu: Remove the explicit clearing of XSAVE dependent features
    - x86/platform/UV: Convert timers to use timer_setup()
    - objtool: Print top level commands on incorrect usage
    - x86/cpuid: Prevent out of bound access in do_clear_cpu_cap()
    - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
    - mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y
    - x86/kasan: Use the same shadow offset for 4- and 5-level paging
    - x86/xen: Provide pre-built page tables only for CONFIG_XEN_PV=y and
      CONFIG_XEN_PVH=y
    - x86/xen: Drop 5-level paging support code from the XEN_PV code
    - ACPI / APEI: remove the unused dead-code for SEA/NMI notification type
    - x86/asm: Don't use the confusing '.ifeq' directive
    - x86/build: Beautify build log of syscall headers
    - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to
      'nr_pages'
    - x86/cpufeatures: Enable new SSE/AVX/AVX512 CPU features
    - x86/mm: Relocate page fault error codes to traps.h
    - x86/boot: Relocate definition of the initial state of CR0
    - ptrace,x86: Make user_64bit_mode() available to 32-bit builds
    - x86/entry/64: Remove the restore_c_regs_and_iret label
    - x86/entry/64: Split the IRET-to-user and IRET-to-kernel paths
    - x86/entry/64: Move SWAPGS into the common IRET-to-usermode path
    - x86/entry/64: Simplify reg restore code in the standard IRET paths
    - x86/entry/64: Shrink paranoid_exit_restore and make labels local
    - x86/entry/64: Use pop instead of movq in syscall_return_via_sysret
    - x86/entry/64: Merge the fast and slow SYSRET paths
    - x86/entry/64: Use POP instead of MOV to restore regs on NMI return
    - x86/entry/64: Remove the RESTORE_..._REGS infrastructure
    - xen, x86/entry/64: Add xen NMI trap entry
    - x86/entry/64: De-Xen-ify our NMI code
    - x86/entry/32: Pull the MSR_IA32_SYSENTER_CS update code out of
      native_load_sp0()
    - x86/entry/64: Pass SP0 directly to load_sp0()
    - x86/entry: Add task_top_of_stack() to find the top of a task's stack
    - x86/xen/64, x86/entry/64: Clean up SP code in cpu_initialize_context()
    - x86/entry/64: Stop initializing TSS.sp0 at boot
    - x86/entry/64: Remove all remaining direct thread_struct::sp0 reads
    - x86/entry/32: Fix cpu_current_top_of_stack initialization at boot
    - x86/entry/64: Remove thread_struct::sp0
    - x86/traps: Use a new on_thread_stack() helper to clean up an assertion
    - x86/entry/64: Shorten TEST instructions
    - x86/cpuid: Replace set/clear_bit32()
    - bitops: Revert cbe96375025e ("bitops: Add clear/set_bit32() to
      linux/bitops.h")
    - x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE
    - x86/cpufeatures: Re-tabulate the X86_FEATURE definitions
    - x86/cpufeatures: Fix various details in the feature definitions
    - selftests/x86/protection_keys: Fix syscall NR redefinition warnings
    - selftests/x86/ldt_gdt: Robustify against set_thread_area() and LAR oddities
    - selftests/x86/ldt_gdt: Add infrastructure to test set_thread_area()
    - selftests/x86/ldt_gdt: Run most existing LDT test cases against the GDT as
      well
    - selftests/x86/ldt_get: Add a few additional tests for limits
    - ACPI / APEI: Replace ioremap_page_range() with fixmap
    - x86/virt, x86/platform: Merge 'struct x86_hyper' into 'struct x86_platform'
      and 'struct x86_init'
    - x86/virt: Add enum for hypervisors to replace x86_hyper
    - drivers/misc/intel/pti: Rename the header file to free up the namespace
    - x86/cpufeature: Add User-Mode Instruction Prevention definitions
    - x86: Make X86_BUG_FXSAVE_LEAK detectable in CPUID on AMD
    - perf/x86: Enable free running PEBS for REGS_USER/INTR
    - bpf: fix build issues on um due to mising bpf_perf_event.h
    - locking/barriers: Add implicit smp_read_barrier_depends() to READ_ONCE()
    - locking/barriers: Convert users of lockless_dereference() to READ_ONCE()
    - x86/mm/kasan: Don't use vmemmap_populate() to initialize shadow
    - mm/sparsemem: Fix ARM64 boot crash when CONFIG_SPARSEMEM_EXTREME=y
    - objtool: Move synced files to their original relative locations
    - objtool: Move kernel headers/code sync check to a script
    - objtool: Fix cross-build
    - tools/headers: Sync objtool UAPI header
    - objtool: Fix 64-bit build on 32-bit host
    - x86/decoder: Fix and update the opcodes map
    - x86/decoder: Add new TEST instruction pattern
    - x86/insn-eval: Add utility functions to get segment selector
    - x86/entry/64/paravirt: Use paravirt-safe macro to access eflags
    - x86/unwinder/orc: Dont bail on stack overflow
    - x86/unwinder: Handle stack overflows more gracefully
    - x86/irq: Remove an old outdated comment about context tracking races
    - x86/irq/64: Print the offending IP in the stack overflow warning
    - x86/entry/64: Allocate and enable the SYSENTER stack
    - x86/dumpstack: Add get_stack_info() support for the SYSENTER stack
    - x86/entry/gdt: Put per-CPU GDT remaps in ascending order
    - x86/mm/fixmap: Generalize the GDT fixmap mechanism, introduce struct
      cpu_entry_area
    - x86/kasan/64: Teach KASAN about the cpu_entry_area
    - x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
    - x86/dumpstack: Handle stack overflow on all stacks
    - x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct
    - x86/entry: Remap the TSS into the CPU entry area
    - x86/entry/64: Separate cpu_current_top_of_stack from TSS.sp0
    - x86/espfix/64: Stop assuming that pt_regs is on the entry stack
    - x86/entry/64: Use a per-CPU trampoline stack for IDT entries
    - x86/entry/64: Return to userspace from the trampoline stack
    - x86/entry/64: Create a per-CPU SYSCALL entry trampoline
    - x86/entry/64: Move the IST stacks into struct cpu_entry_area
    - x86/entry/64: Remove the SYSENTER stack canary
    - x86/entry: Clean up the SYSENTER_stack code
    - x86/entry/64: Make cpu_entry_area.tss read-only
    - x86/paravirt: Dont patch flush_tlb_single
    - x86/paravirt: Provide a way to check for hypervisors
    - x86/cpufeatures: Make CPU bugs sticky
    - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount
    - x86/mm/dump_pagetables: Check PAGE_PRESENT for real
    - x86/mm/dump_pagetables: Make the address hints correct and readable
    - x86/vsyscall/64: Explicitly set _PAGE_USER in the pagetable hierarchy
    - x86/vsyscall/64: Warn and fail vsyscall emulation in NATIVE mode
    - arch, mm: Allow arch_dup_mmap() to fail
    - x86/ldt: Rework locking
    - x86/ldt: Prevent LDT inheritance on exec
    - x86/mm/64: Improve the memory map documentation
    - x86/doc: Remove obvious weirdnesses from the x86 MM layout documentation
    - x86/entry: Rename SYSENTER_stack to CPU_ENTRY_AREA_entry_stack
    - x86/uv: Use the right TLB-flush API
    - x86/microcode: Dont abuse the TLB-flush interface
    - x86/mm: Use __flush_tlb_one() for kernel memory
    - x86/mm: Remove superfluous barriers
    - x86/mm: Add comments to clarify which TLB-flush functions are supposed to
      flush what
    - x86/mm: Move the CR3 construction functions to tlbflush.h
    - x86/mm: Remove hard-coded ASID limit checks
    - x86/mm: Put MMU to hardware ASID translation in one place
    - x86/mm: Create asm/invpcid.h
    - x86/cpu_entry_area: Move it to a separate unit
    - x86/cpu_entry_area: Move it out of the fixmap
    - init: Invoke init_espfix_bsp() from mm_init()
    - x86/cpu_entry_area: Prevent wraparound in setup_cpu_entry_area_ptes() on
      32bit
    - x86/cpufeatures: Add X86_BUG_CPU_INSECURE
    - x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y
    - x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching
    - x86/mm/pti: Add infrastructure for page table isolation
    - x86/pti: Add the pti= cmdline option and documentation
    - x86/mm/pti: Add mapping helper functions
    - x86/mm/pti: Allow NX poison to be set in p4d/pgd
    - x86/mm/pti: Allocate a separate user PGD
    - x86/mm/pti: Populate user PGD
    - x86/mm/pti: Add functions to clone kernel PMDs
    - x86/mm/pti: Force entry through trampoline when PTI active
    - x86/mm/pti: Share cpu_entry_area with user space page tables
    - x86/entry: Align entry text section to PMD boundary
    - x86/mm/pti: Share entry text PMD
    - x86/mm/pti: Map ESPFIX into user space
    - x86/cpu_entry_area: Add debugstore entries to cpu_entry_area
    - x86/events/intel/ds: Map debug buffers in cpu_entry_area
    - x86/mm/64: Make a full PGD-entry size hole in the memory map
    - x86/pti: Put the LDT in its own PGD if PTI is on
    - x86/pti: Map the vsyscall page if needed
    - x86/mm: Allow flushing for future ASID switches
    - x86/mm: Abstract switching CR3
    - x86/mm: Use/Fix PCID to optimize user/kernel switches
    - x86/mm: Optimize RESTORE_CR3
    - x86/mm: Use INVPCID for __native_flush_tlb_single()
    - x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming
    - x86/dumpstack: Indicate in Oops whether PTI is configured and enabled
    - x86/mm/pti: Add Kconfig
    - x86/mm/dump_pagetables: Add page table directory to the debugfs VFS
      hierarchy
    - x86/mm/dump_pagetables: Check user space page table for WX pages
    - x86/mm/dump_pagetables: Allow dumping current pagetables
    - x86/ldt: Make the LDT mapping RO
    - x86/smpboot: Remove stale TLB flush invocations
    - x86/mm: Remove preempt_disable/enable() from __native_flush_tlb()
    - x86/ldt: Plug memory leak in error path
    - x86/ldt: Make LDT pgtable free conditional
    - [Config] updateconfigs to enable PTI
    - kvm: x86: fix RSM when PCID is non-zero
    - x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat()
    - SAUCE: only attempt to use PCID in 64 bit builds
    - SAUCE: BODGE: temporarily disable some kprobe trace points which are
      cratering
    - s390/mm: use generic mm_hooks
    - objtool: use sh to invoke sync-check.sh in the Makefile
  * CVE-2017-17862
    - bpf: fix branch pruning logic
  * CVE-2017-17864
    - SAUCE: bpf/verifier: Fix states_equal() comparison of pointer and UNKNOWN
  * CVE-2017-16995
    - bpf: fix incorrect sign extension in check_alu_op()
  * CVE-2017-17863
    - SAUCE: bpf: reject out-of-bounds stack pointer calculation

 -- Kamal Mostafa <email address hidden>  Mon, 08 Jan 2018 13:38:32 -0800

Upload details

Uploaded by:
Kamal Mostafa on 2018-01-08
Uploaded to:
Xenial
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
linux-oem_4.13.0.orig.tar.gz 148.3 MiB 9511260e17e474183b9c3b2ea601d5af256dde783e14dba4031854eaa98d5089
linux-oem_4.13.0-1015.16.diff.gz 7.1 MiB c79c0f222abcbed0cfb8a2139e3418ca7ec28e4afdb18622426f6ac91783810e
linux-oem_4.13.0-1015.16.dsc 3.3 KiB fbdc6ef4f47b657bb2ed83e81883825419300a3afc82b0f2be7a87e773ff0681

View changes file

Binary packages built by this source

block-modules-4.13.0-1015-oem-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

crypto-modules-4.13.0-1015-oem-di: crypto modules

 This package contains crypto modules.

fat-modules-4.13.0-1015-oem-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fb-modules-4.13.0-1015-oem-di: Framebuffer modules
firewire-core-modules-4.13.0-1015-oem-di: Firewire (IEEE-1394) Support
floppy-modules-4.13.0-1015-oem-di: Floppy driver support
fs-core-modules-4.13.0-1015-oem-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-secondary-modules-4.13.0-1015-oem-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

input-modules-4.13.0-1015-oem-di: Support for various input methods
ipmi-modules-4.13.0-1015-oem-di: ipmi modules
irda-modules-4.13.0-1015-oem-di: Support for Infrared protocols
kernel-image-4.13.0-1015-oem-di: kernel image and system map
linux-headers-4.13.0-1015-oem: Linux kernel headers for version 4.13.0 on 64 bit x86 SMP

 This package provides kernel header files for version 4.13.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-4.13.0-1015/debian.README.gz for details.

linux-image-4.13.0-1015-oem: Linux kernel image for version 4.13.0 on 64 bit x86 SMP

 This package contains the Linux kernel image for version 4.13.0 on
 64 bit x86 SMP.
 .
 Also includes the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports OEM processors.
 .
 Geared toward desktop systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-oem meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-4.13.0-1015-oem-dbgsym: Linux kernel debug image for version 4.13.0 on 64 bit x86 SMP

 This package provides a kernel debug image for version 4.13.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-oem-headers-4.13.0-1015: Header files related to Linux kernel version 4.13.0

 This package provides kernel header files for version 4.13.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-oem-headers-4.13.0-1015/debian.README.gz for details

linux-oem-tools-4.13.0-1015: Linux kernel version specific tools for version 4.13.0-1015

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1015 on
 64 bit x86.
 You probably want to install linux-tools-4.13.0-1015-<flavour>.

linux-oem-tools-4.13.0-1015-dbgsym: debug symbols for package linux-oem-tools-4.13.0-1015

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1015 on
 64 bit x86.
 You probably want to install linux-tools-4.13.0-1015-<flavour>.

linux-tools-4.13.0-1015-oem: Linux kernel version specific tools for version 4.13.0-1015

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1015 on
 64 bit x86.

linux-udebs-oem: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

md-modules-4.13.0-1015-oem-di: Multi-device support (raid, device-mapper, lvm)
message-modules-4.13.0-1015-oem-di: Fusion and i2o storage modules

 This package containes the fusion and i2o storage modules.

mouse-modules-4.13.0-1015-oem-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

multipath-modules-4.13.0-1015-oem-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

nfs-modules-4.13.0-1015-oem-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nic-modules-4.13.0-1015-oem-di: Network interface support
nic-pcmcia-modules-4.13.0-1015-oem-di: PCMCIA network interface support
nic-shared-modules-4.13.0-1015-oem-di: nic shared modules

  This package contains modules which support nic modules

nic-usb-modules-4.13.0-1015-oem-di: USB network interface support
parport-modules-4.13.0-1015-oem-di: Parallel port support
pata-modules-4.13.0-1015-oem-di: PATA support modules
pcmcia-modules-4.13.0-1015-oem-di: PCMCIA Modules
pcmcia-storage-modules-4.13.0-1015-oem-di: PCMCIA storage support
plip-modules-4.13.0-1015-oem-di: PLIP (parallel port) networking support
ppp-modules-4.13.0-1015-oem-di: PPP (serial port) networking support
sata-modules-4.13.0-1015-oem-di: SATA storage support
scsi-modules-4.13.0-1015-oem-di: SCSI storage support
serial-modules-4.13.0-1015-oem-di: Serial port support
storage-core-modules-4.13.0-1015-oem-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

usb-modules-4.13.0-1015-oem-di: Core USB support
virtio-modules-4.13.0-1015-oem-di: VirtIO Modules

 Includes modules for VirtIO (virtual machine, generally kvm guests)

vlan-modules-4.13.0-1015-oem-di: vlan modules

 This package contains vlan (8021.Q) modules.