linux-oem 4.15.0-1015.18 source package in Ubuntu

Changelog

linux-oem (4.15.0-1015.18) bionic; urgency=medium

  [ Ubuntu: 4.15.0-32.34 ]

  * CVE-2018-5391
    - Revert "net: increase fragment memory usage limits"
  * CVE-2018-3620 // CVE-2018-3646
    - x86/Centaur: Initialize supported CPU features properly
    - x86/Centaur: Report correct CPU/cache topology
    - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
    - perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
    - x86/CPU: Rename intel_cacheinfo.c to cacheinfo.c
    - x86/CPU/AMD: Calculate last level cache ID from number of sharing threads
    - x86/CPU: Modify detect_extended_topology() to return result
    - x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available
    - x86/CPU: Move cpu local function declarations to local header
    - x86/CPU: Make intel_num_cpu_cores() generic
    - x86/CPU: Move cpu_detect_cache_sizes() into init_intel_cacheinfo()
    - x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to
      detect_num_cpu_cores()
    - x86/CPU/AMD: Fix LLC ID bit-shift calculation
    - x86/mm: Factor out pageattr _PAGE_GLOBAL setting
    - x86/mm: Undo double _PAGE_PSE clearing
    - x86/mm: Introduce "default" kernel PTE mask
    - x86/espfix: Document use of _PAGE_GLOBAL
    - x86/mm: Do not auto-massage page protections
    - x86/mm: Remove extra filtering in pageattr code
    - x86/mm: Comment _PAGE_GLOBAL mystery
    - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init
    - x86/ldt: Fix support_pte_mask filtering in map_ldt_struct()
    - x86/power/64: Fix page-table setup for temporary text mapping
    - x86/pti: Filter at vma->vm_page_prot population
    - x86/boot/64/clang: Use fixup_pointer() to access '__supported_pte_mask'
    - x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    - x86/speculation/l1tf: Change order of offset/type in swap entry
    - x86/speculation/l1tf: Protect swap entries against L1TF
    - x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
    - x86/speculation/l1tf: Make sure the first page is always reserved
    - x86/speculation/l1tf: Add sysfs reporting for l1tf
    - x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
    - x86/speculation/l1tf: Limit swap file size to MAX_PA/2
    - x86/bugs: Move the l1tf function and define pr_fmt properly
    - sched/smt: Update sched_smt_present at runtime
    - x86/smp: Provide topology_is_primary_thread()
    - x86/topology: Provide topology_smt_supported()
    - cpu/hotplug: Make bringup/teardown of smp threads symmetric
    - cpu/hotplug: Split do_cpu_down()
    - cpu/hotplug: Provide knobs to control SMT
    - x86/cpu: Remove the pointless CPU printout
    - x86/cpu/AMD: Remove the pointless detect_ht() call
    - x86/cpu/common: Provide detect_ht_early()
    - x86/cpu/topology: Provide detect_extended_topology_early()
    - x86/cpu/intel: Evaluate smp_num_siblings early
    - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
    - x86/cpu/AMD: Evaluate smp_num_siblings early
    - x86/apic: Ignore secondary threads if nosmt=force
    - x86/speculation/l1tf: Extend 64bit swap file size limit
    - x86/cpufeatures: Add detection of L1D cache flush support.
    - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
    - x86/speculation/l1tf: Protect PAE swap entries against L1TF
    - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
    - Revert "x86/apic: Ignore secondary threads if nosmt=force"
    - cpu/hotplug: Boot HT siblings at least once
    - x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
    - x86/KVM/VMX: Add module argument for L1TF mitigation
    - x86/KVM/VMX: Add L1D flush algorithm
    - x86/KVM/VMX: Add L1D MSR based flush
    - x86/KVM/VMX: Add L1D flush logic
    - x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
    - x86/KVM/VMX: Add find_msr() helper function
    - x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
    - x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
    - x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    - cpu/hotplug: Online siblings when SMT control is turned on
    - x86/litf: Introduce vmx status variable
    - x86/kvm: Drop L1TF MSR list approach
    - x86/l1tf: Handle EPT disabled state proper
    - x86/kvm: Move l1tf setup function
    - x86/kvm: Add static key for flush always
    - x86/kvm: Serialize L1D flush parameter setter
    - x86/kvm: Allow runtime control of L1D flush
    - cpu/hotplug: Expose SMT control init function
    - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    - x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
    - Documentation: Add section about CPU vulnerabilities
    - x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
    - x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    - Documentation/l1tf: Fix typos
    - cpu/hotplug: detect SMT disabled by BIOS
    - x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
    - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    - x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
    - x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    - x86: Don't include linux/irq.h from asm/hardirq.h
    - x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    - x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
    - Documentation/l1tf: Remove Yonah processors from not vulnerable list
    - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
    - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
    - KVM: x86: Add a framework for supporting MSR-based features
    - KVM: X86: Introduce kvm_get_msr_feature()
    - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    - cpu/hotplug: Fix SMT supported evaluation
    - x86/speculation/l1tf: Invert all not present mappings
    - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
    - x86/mm/pat: Make set_memory_np() L1TF safe

 -- Stefan Bader <email address hidden>  Fri, 10 Aug 2018 10:51:05 +0200

Upload details

Uploaded by:
Stefan Bader on 2018-08-10
Uploaded to:
Bionic
Original maintainer:
Ubuntu Kernel Team
Architectures:
all amd64
Section:
devel
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
linux-oem_4.15.0.orig.tar.gz 150.4 MiB c33b8ba5c45a40b689979caa2421c4d933864cd70eb93c00eb69adf43e9a24fc
linux-oem_4.15.0-1015.18.diff.gz 8.0 MiB a55f050b168ec577110bb0ad994bbd4f1f80b913fc1e10a5e8f7c8ed6f2134a0
linux-oem_4.15.0-1015.18.dsc 3.5 KiB 8db8e99173ce5f90984a6aac0abeef47a97e31dd22307a61cc7f8882db05d855

View changes file

Binary packages built by this source

block-modules-4.15.0-1015-oem-di: Block storage devices

 This package contains the block storage devices, including DAC960 and
 paraide.

crypto-modules-4.15.0-1015-oem-di: No summary available for crypto-modules-4.15.0-1015-oem-di in ubuntu cosmic.

No description available for crypto-modules-4.15.0-1015-oem-di in ubuntu cosmic.

fat-modules-4.15.0-1015-oem-di: FAT filesystem support

 This includes Windows FAT and VFAT support.

fb-modules-4.15.0-1015-oem-di: Framebuffer modules
firewire-core-modules-4.15.0-1015-oem-di: No summary available for firewire-core-modules-4.15.0-1015-oem-di in ubuntu cosmic.

No description available for firewire-core-modules-4.15.0-1015-oem-di in ubuntu cosmic.

floppy-modules-4.15.0-1015-oem-di: No summary available for floppy-modules-4.15.0-1015-oem-di in ubuntu cosmic.

No description available for floppy-modules-4.15.0-1015-oem-di in ubuntu cosmic.

fs-core-modules-4.15.0-1015-oem-di: Base filesystem modules

 This includes jfs, reiserfs and xfs.

fs-secondary-modules-4.15.0-1015-oem-di: No summary available for fs-secondary-modules-4.15.0-1015-oem-di in ubuntu cosmic.

No description available for fs-secondary-modules-4.15.0-1015-oem-di in ubuntu cosmic.

input-modules-4.15.0-1015-oem-di: No summary available for input-modules-4.15.0-1015-oem-di in ubuntu cosmic.

No description available for input-modules-4.15.0-1015-oem-di in ubuntu cosmic.

ipmi-modules-4.15.0-1015-oem-di: ipmi modules
irda-modules-4.15.0-1015-oem-di: Support for Infrared protocols
kernel-image-4.15.0-1015-oem-di: kernel image and system map
linux-headers-4.15.0-1015-oem: Linux kernel headers for version 4.15.0 on 64 bit x86 SMP

 This package provides kernel header files for version 4.15.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-4.15.0-1015/debian.README.gz for details.

linux-image-unsigned-4.15.0-1015-oem: No summary available for linux-image-unsigned-4.15.0-1015-oem in ubuntu cosmic.

No description available for linux-image-unsigned-4.15.0-1015-oem in ubuntu cosmic.

linux-image-unsigned-4.15.0-1015-oem-dbgsym: No summary available for linux-image-unsigned-4.15.0-1015-oem-dbgsym in ubuntu cosmic.

No description available for linux-image-unsigned-4.15.0-1015-oem-dbgsym in ubuntu cosmic.

linux-modules-4.15.0-1015-oem: Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP

 Contains the corresponding System.map file, the modules built by the packager, and scripts that try to ensure that the system is not left in an
 unbootable state after an update.
 .
 Supports OEM processors.
 .
 Geared toward desktop systems.
 .
 You likely do not want to install this package directly. Instead, install
 the linux-oem meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-oem-headers-4.15.0-1015: Header files related to Linux kernel version 4.15.0

 This package provides kernel header files for version 4.15.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-oem-headers-4.15.0-1015/debian.README.gz for details

linux-oem-tools-4.15.0-1015: Linux kernel version specific tools for version 4.15.0-1015

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.15.0-1015 on
 64 bit x86.
 You probably want to install linux-tools-4.15.0-1015-<flavour>.

linux-oem-tools-4.15.0-1015-dbgsym: No summary available for linux-oem-tools-4.15.0-1015-dbgsym in ubuntu cosmic.

No description available for linux-oem-tools-4.15.0-1015-dbgsym in ubuntu cosmic.

linux-tools-4.15.0-1015-oem: Linux kernel version specific tools for version 4.15.0-1015

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.15.0-1015 on
 64 bit x86.

linux-udebs-oem: Metapackage depending on kernel udebs

 This package depends on the all udebs that the kernel build generated,
 for easier version and migration tracking.

md-modules-4.15.0-1015-oem-di: Multi-device support (raid, device-mapper, lvm)
message-modules-4.15.0-1015-oem-di: Fusion and i2o storage modules

 This package containes the fusion and i2o storage modules.

mouse-modules-4.15.0-1015-oem-di: Mouse support

 This package contains mouse drivers for the Linux kernel.

multipath-modules-4.15.0-1015-oem-di: DM-Multipath support

  This package contains modules for device-mapper multipath support.

nfs-modules-4.15.0-1015-oem-di: NFS filesystem drivers

 Includes the NFS client driver, and supporting modules.

nic-modules-4.15.0-1015-oem-di: Network interface support
nic-pcmcia-modules-4.15.0-1015-oem-di: PCMCIA network interface support
nic-shared-modules-4.15.0-1015-oem-di: nic shared modules

  This package contains modules which support nic modules

nic-usb-modules-4.15.0-1015-oem-di: USB network interface support
parport-modules-4.15.0-1015-oem-di: Parallel port support
pata-modules-4.15.0-1015-oem-di: PATA support modules
pcmcia-modules-4.15.0-1015-oem-di: PCMCIA Modules
pcmcia-storage-modules-4.15.0-1015-oem-di: PCMCIA storage support
plip-modules-4.15.0-1015-oem-di: PLIP (parallel port) networking support
ppp-modules-4.15.0-1015-oem-di: PPP (serial port) networking support
sata-modules-4.15.0-1015-oem-di: SATA storage support
scsi-modules-4.15.0-1015-oem-di: SCSI storage support
serial-modules-4.15.0-1015-oem-di: Serial port support
storage-core-modules-4.15.0-1015-oem-di: Core storage support

 Includes core SCSI, LibATA, USB-Storage. Also includes related block
 devices for CD, Disk and Tape medium (and IDE Floppy).

usb-modules-4.15.0-1015-oem-di: Core USB support
virtio-modules-4.15.0-1015-oem-di: VirtIO Modules

 Includes modules for VirtIO (virtual machine, generally kvm guests)

vlan-modules-4.15.0-1015-oem-di: vlan modules

 This package contains vlan (8021.Q) modules.