linux-oem 4.13.0-1017.18 source package in Ubuntu

Changelog

linux-oem (4.13.0-1017.18) xenial; urgency=low

  * linux-oem: 4.13.0-1017.18 -proposed tracker (LP: #1743418)

  * Realtek card reader - RTS5243 [VEN_10EC&DEV_5260] (LP: #1737673)
    - mmc: rtsx: fix tuning fail on gen3 PCI-Express
    - mfd: rts5249: Add support for RTS5250S power saving
    - misc: rtsx: Move Realtek Card Reader Driver to misc
    - misc: rtsx: Add support for RTS5260
    - misc: rtsx: Fix symbol clashes
    - [Config] update configs for RTSX

  * Realtek card reader power consumption issue (LP: #1743516)
    - mfd: Fix RTS5227 (and others) powermanagement

  [ Ubuntu: 4.13.0-30.33 ]

  * linux: 4.13.0-30.33 -proposed tracker (LP: #1743412)
  * Do not duplicate changelog entries assigned to more than one bug or CVE
    (LP: #1743383)
    - [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
  * Unable to handle kernel NULL pointer dereference at isci_task_abort_task
    (LP: #1726519)
    - Revert "scsi: libsas: allow async aborts"
  * CVE-2017-5715 // CVE-2017-5753
    - SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
      -- repair missmerge
    - Revert "x86/svm: Add code to clear registers on VM exit"
    - kvm: vmx: Scrub hardware GPRs at VM-exit

linux-oem (4.13.0-1016.17) xenial; urgency=low

  * linux-oem: 4.13.0-1016.17 -proposed tracker (LP: #1742728)

  * Add support for Realtek Bluetooth device [0bda:b00a] (LP: #1742613)
    - SAUCE: Import Bluetooth driver for Realtek 8821CE
    - SAUCE: Make rtl8821ce-bt work with 0bda:b00a only
    - SAUCE: rtl8821ce-bt: append device ID to config filename
    - SAUCE: bluetooth: Blacklist 0bda:b00a
    - SAUCE: build ubuntu/rtl8821ce-bt for x86 only

  * Add support for Realtek WiFi device [10ec:c821] (LP: #1740231)
    - SAUCE: Import RTL8821CE driver
    - SAUCE: Add ubuntu/rtl8821ce into build script
    - SAUCE: Sync ubuntu/rtl8821ce with a new release from Realtek

  * External HDMI monitor failed to show screen on Lenovo X1 series
    (LP: #1738523)
    - SAUCE: drm/i915: Disable writing of TMDS_OE on Lenovo ThinkPad X1 series

  * Support realtek new codec alc257 in the alsa hda driver  (LP: #1738911)
    - ALSA: hda/realtek - New codec support for ALC257

  * QCA Rome bluetooth can not wakeup after USB runtime suspended.
    (LP: #1737890)
    - Bluetooth: btusb: driver to enable the usb-wakeup feature

  * Intel 9260/9462/9560 can't connect to 5GHz AP (LP: #1736639)
    - iwlwifi: mvm: enable RX offloading with TKIP and WEP
    - iwlwifi: mvm: mark MIC stripped MPDUs

  * [Artful][Wyse 3040] System hang when trying to enable an offlined CPU core
    (LP: #1736393)
    - SAUCE: drm/i915:Don't set chip specific data
    - SAUCE: drm/i915: make previous commit affects Wyse 3040 only

  * Touchpad stops working after a few seconds in Lenovo ideapad 320
    (LP: #1732056)
    - pinctrl/amd: fix masking of GPIO interrupts

  [ Ubuntu: 4.13.0-29.32 ]

  * linux: 4.13.0-29.32 -proposed tracker (LP: #1742722)
  * CVE-2017-5754
    - Revert "x86/cpu: Implement CPU vulnerabilites sysfs functions"
    - Revert "sysfs/cpu: Fix typos in vulnerability documentation"
    - Revert "sysfs/cpu: Add vulnerability folder"
    - Revert "UBUNTU: [Config] updateconfigs to enable
      GENERIC_CPU_VULNERABILITIES"

  [ Ubuntu: 4.13.0-28.31 ]

  * CVE-2017-5753
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
  * CVE-2017-5715
    - SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit

  [ Ubuntu: 4.13.0-27.30 ]

  * CVE-2017-5753
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5715
    - locking/barriers: introduce new memory barrier gmb()
    - bpf: prevent speculative execution in eBPF interpreter
    - x86, bpf, jit: prevent speculative execution when JIT is enabled
    - uvcvideo: prevent speculative execution
    - carl9170: prevent speculative execution
    - p54: prevent speculative execution
    - qla2xxx: prevent speculative execution
    - cw1200: prevent speculative execution
    - Thermal/int340x: prevent speculative execution
    - userns: prevent speculative execution
    - ipv6: prevent speculative execution
    - fs: prevent speculative execution
    - net: mpls: prevent speculative execution
    - udf: prevent speculative execution
    - x86/feature: Enable the x86 feature to control Speculation
    - x86/feature: Report presence of IBPB and IBRS control
    - x86/enter: MACROS to set/clear IBRS and set IBPB
    - x86/enter: Use IBRS on syscall and interrupts
    - x86/idle: Disable IBRS entering idle and enable it on wakeup
    - x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
    - x86/mm: Set IBPB upon context switch
    - x86/mm: Only set IBPB when the new thread cannot ptrace current thread
    - x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
    - x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
    - x86/kvm: Set IBPB when switching VM
    - x86/kvm: Toggle IBRS on VM entry and exit
    - x86/kvm: Pad RSB on VM transition
    - x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
    - x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control
    - x86/syscall: Clear unused extra registers on syscall entrance
    - x86/syscall: Clear unused extra registers on 32-bit compatible syscall
      entrance
    - x86/entry: Use retpoline for syscall's indirect calls
    - x86/cpu/AMD: Add speculative control support for AMD
    - x86/microcode: Extend post microcode reload to support IBPB feature
    - KVM: SVM: Do not intercept new speculative control MSRs
    - x86/svm: Set IBRS value on VM entry and exit
    - x86/svm: Set IBPB when running a different VCPU
    - KVM: x86: Add speculative control CPUID support for guests
    - x86/svm: Add code to clobber the RSB on VM exit
    - x86/svm: Add code to clear registers on VM exit
    - x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
    - powerpc: add gmb barrier
    - s390/spinlock: add gmb memory barrier
    - x86/microcode/AMD: Add support for fam17h microcode loading
  * CVE-2017-5754
    - x86/pti: Enable PTI by default
    - x86/pti: Make sure the user/kernel PTEs match
    - x86/dumpstack: Fix partial register dumps
    - x86/dumpstack: Print registers for first stack frame
    - x86/process: Define cpu_tss_rw in same section as declaration
    - x86/mm: Set MODULES_END to 0xffffffffff000000
    - x86/mm: Map cpu_entry_area at the same place on 4/5 level
    - x86/kaslr: Fix the vaddr_end mess
    - x86/events/intel/ds: Use the proper cache flush method for mapping ds
      buffers
    - x86/tlb: Drop the _GPL from the cpu_tlbstate export
    - x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm
    - x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN
    - x86/pti: Unbreak EFI old_memmap
    - x86/Documentation: Add PTI description
    - x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
    - sysfs/cpu: Add vulnerability folder
    - x86/cpu: Implement CPU vulnerabilites sysfs functions
    - x86/tboot: Unbreak tboot with PTI enabled
    - x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
    - x86/cpu/AMD: Make LFENCE a serializing instruction
    - x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
    - sysfs/cpu: Fix typos in vulnerability documentation
    - x86/alternatives: Fix optimize_nops() checking
    - x86/pti: Make unpoison of pgd for trusted boot work for real
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
    - [Config] updateconfigs to enable GENERIC_CPU_VULNERABILITIES
  * powerpc: flush L1D on return to use (LP: #1742772)
    - SAUCE: powerpc: Secure memory rfi flush
    - SAUCE: rfi-flush: Make DEBUG_RFI a CONFIG option
    - SAUCE: rfi-flush: Add HRFI_TO_UNKNOWN and use it in denorm
    - SAUCE: rfi-flush: kvmppc_skip_(H)interrupt returns to host kernel
    - SAUCE: KVM: Revert the implementation of H_GET_CPU_CHARACTERISTICS
    - SAUCE: rfi-flush: Implement congruence-first fallback flush
    - SAUCE: rfi-flush: Make l1d_flush_type bit flags
    - SAUCE: rfi-flush: Push the instruction selection down to the patching
      routine
    - SAUCE: rfi-flush: Expand the RFI section to two nop slots
    - SAUCE: rfi-flush: Support more than one flush type at once
    - SAUCE: rfi-flush: Allow HV to advertise multiple flush types
    - SAUCE: rfi-flush: Add speculation barrier before ori 30,30,0 flush
    - SAUCE: rfi-flush: Add barriers to the fallback L1D flushing
    - SAUCE: rfi-flush: Rework powernv logic to be more cautious
    - SAUCE: rfi-flush: Rework pseries logic to be more cautious
    - SAUCE: rfi-flush: Put the fallback flushes in the real trampoline section
    - SAUCE: rfi-flush: Fix the fallback flush to actually activate
    - SAUCE: rfi-flush: Fix HRFI_TO_UNKNOWN
    - SAUCE: rfi-flush: Refactor the macros so the nops are defined once
    - SAUCE: rfi-flush: Add no_rfi_flush and nopti comandline options
    - SAUCE: rfi-flush: Use rfi-flush in printks
    - SAUCE: rfi-flush: Fallback flush add load dependency
    - SAUCE: rfi-flush: Fix the 32-bit KVM build
    - SAUCE: rfi-flush: Fix some RFI conversions in the KVM code
    - SAUCE: rfi-flush: Make the fallback robust against memory corruption
    - [Config] Disable CONFIG_PPC_DEBUG_RFI
  * s390: add ppa to kernel entry/exit (LP: #1742771)
    - s390: introduce CPU alternatives
    - s390: add ppa to kernel entry / exit

 -- Kleber Sacilotto de Souza <email address hidden>  Tue, 16 Jan 2018 12:10:35 +0100

Upload details

Uploaded by:
Kleber Sacilotto de Souza on 2018-01-16
Uploaded to:
Xenial
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
linux-oem_4.13.0.orig.tar.gz 148.3 MiB 9511260e17e474183b9c3b2ea601d5af256dde783e14dba4031854eaa98d5089
linux-oem_4.13.0-1017.18.diff.gz 10.4 MiB dcf9f54dc464110483836bbe1335e1f77a55f3fa30f85adaa92fd4ec588094dc
linux-oem_4.13.0-1017.18.dsc 3.0 KiB b74bd38ef00e58f101d620d4284f352ac0e79a06877f560e1c61c789b90c5cec

View changes file

Binary packages built by this source

block-modules-4.13.0-1017-oem-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

crypto-modules-4.13.0-1017-oem-di: crypto modules

 This package contains crypto modules.

fat-modules-4.13.0-1017-oem-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fb-modules-4.13.0-1017-oem-di: Framebuffer modules
firewire-core-modules-4.13.0-1017-oem-di: Firewire (IEEE-1394) Support
floppy-modules-4.13.0-1017-oem-di: Floppy driver support
fs-core-modules-4.13.0-1017-oem-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-secondary-modules-4.13.0-1017-oem-di: Extra filesystem modules

 This includes support for Windows NTFS and MacOS HFS/HFSPlus

input-modules-4.13.0-1017-oem-di: Support for various input methods
ipmi-modules-4.13.0-1017-oem-di: ipmi modules
irda-modules-4.13.0-1017-oem-di: Support for Infrared protocols
kernel-image-4.13.0-1017-oem-di: kernel image and system map
linux-headers-4.13.0-1017-oem: Linux kernel headers for version 4.13.0 on 64 bit x86 SMP

 This package provides kernel header files for version 4.13.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-4.13.0-1017/debian.README.gz for details.

linux-image-4.13.0-1017-oem: Linux kernel image for version 4.13.0 on 64 bit x86 SMP

 This package contains the Linux kernel image for version 4.13.0 on
 64 bit x86 SMP.
 .
 Also includes the corresponding System.map file, the modules built by the
 packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports OEM processors.
 .
 Geared toward desktop systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-oem meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-4.13.0-1017-oem-dbgsym: Linux kernel debug image for version 4.13.0 on 64 bit x86 SMP

 This package provides a kernel debug image for version 4.13.0 on
 64 bit x86 SMP.
 .
 This is for sites that wish to debug the kernel.
 .
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-oem-headers-4.13.0-1017: Header files related to Linux kernel version 4.13.0

 This package provides kernel header files for version 4.13.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-oem-headers-4.13.0-1017/debian.README.gz for details

linux-oem-tools-4.13.0-1017: Linux kernel version specific tools for version 4.13.0-1017

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1017 on
 64 bit x86.
 You probably want to install linux-tools-4.13.0-1017-<flavour>.

linux-oem-tools-4.13.0-1017-dbgsym: debug symbols for package linux-oem-tools-4.13.0-1017

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1017 on
 64 bit x86.
 You probably want to install linux-tools-4.13.0-1017-<flavour>.

linux-tools-4.13.0-1017-oem: Linux kernel version specific tools for version 4.13.0-1017

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.13.0-1017 on
 64 bit x86.

linux-udebs-oem: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

md-modules-4.13.0-1017-oem-di: Multi-device support (raid, device-mapper, lvm)
message-modules-4.13.0-1017-oem-di: Fusion and i2o storage modules

 This package containes the fusion and i2o storage modules.

mouse-modules-4.13.0-1017-oem-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

multipath-modules-4.13.0-1017-oem-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

nfs-modules-4.13.0-1017-oem-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nic-modules-4.13.0-1017-oem-di: Network interface support
nic-pcmcia-modules-4.13.0-1017-oem-di: PCMCIA network interface support
nic-shared-modules-4.13.0-1017-oem-di: nic shared modules

  This package contains modules which support nic modules

nic-usb-modules-4.13.0-1017-oem-di: USB network interface support
parport-modules-4.13.0-1017-oem-di: Parallel port support
pata-modules-4.13.0-1017-oem-di: PATA support modules
pcmcia-modules-4.13.0-1017-oem-di: PCMCIA Modules
pcmcia-storage-modules-4.13.0-1017-oem-di: PCMCIA storage support
plip-modules-4.13.0-1017-oem-di: PLIP (parallel port) networking support
ppp-modules-4.13.0-1017-oem-di: PPP (serial port) networking support
sata-modules-4.13.0-1017-oem-di: SATA storage support
scsi-modules-4.13.0-1017-oem-di: SCSI storage support
serial-modules-4.13.0-1017-oem-di: Serial port support
storage-core-modules-4.13.0-1017-oem-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

usb-modules-4.13.0-1017-oem-di: Core USB support
virtio-modules-4.13.0-1017-oem-di: VirtIO Modules

 Includes modules for VirtIO (virtual machine, generally kvm guests)

vlan-modules-4.13.0-1017-oem-di: vlan modules

 This package contains vlan (8021.Q) modules.