linux-raspi2 4.15.0-1020.22 source package in Ubuntu


linux-raspi2 (4.15.0-1020.22) bionic; urgency=medium

  [ Ubuntu: 4.15.0-32.35 ]

  * CVE-2018-3620 // CVE-2018-3646
    - x86/Centaur: Initialize supported CPU features properly
    - x86/Centaur: Report correct CPU/cache topology
    - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
    - perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
    - x86/CPU: Rename intel_cacheinfo.c to cacheinfo.c
    - x86/CPU/AMD: Calculate last level cache ID from number of sharing threads
    - x86/CPU: Modify detect_extended_topology() to return result
    - x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available
    - x86/CPU: Move cpu local function declarations to local header
    - x86/CPU: Make intel_num_cpu_cores() generic
    - x86/CPU: Move cpu_detect_cache_sizes() into init_intel_cacheinfo()
    - x86/CPU: Move x86_cpuinfo::x86_max_cores assignment to
    - x86/CPU/AMD: Fix LLC ID bit-shift calculation
    - x86/mm: Factor out pageattr _PAGE_GLOBAL setting
    - x86/mm: Undo double _PAGE_PSE clearing
    - x86/mm: Introduce "default" kernel PTE mask
    - x86/espfix: Document use of _PAGE_GLOBAL
    - x86/mm: Do not auto-massage page protections
    - x86/mm: Remove extra filtering in pageattr code
    - x86/mm: Comment _PAGE_GLOBAL mystery
    - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init
    - x86/ldt: Fix support_pte_mask filtering in map_ldt_struct()
    - x86/power/64: Fix page-table setup for temporary text mapping
    - x86/pti: Filter at vma->vm_page_prot population
    - x86/boot/64/clang: Use fixup_pointer() to access '__supported_pte_mask'
    - x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
    - x86/speculation/l1tf: Change order of offset/type in swap entry
    - x86/speculation/l1tf: Protect swap entries against L1TF
    - x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
    - x86/speculation/l1tf: Make sure the first page is always reserved
    - x86/speculation/l1tf: Add sysfs reporting for l1tf
    - x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
    - x86/speculation/l1tf: Limit swap file size to MAX_PA/2
    - x86/bugs: Move the l1tf function and define pr_fmt properly
    - sched/smt: Update sched_smt_present at runtime
    - x86/smp: Provide topology_is_primary_thread()
    - x86/topology: Provide topology_smt_supported()
    - cpu/hotplug: Make bringup/teardown of smp threads symmetric
    - cpu/hotplug: Split do_cpu_down()
    - cpu/hotplug: Provide knobs to control SMT
    - x86/cpu: Remove the pointless CPU printout
    - x86/cpu/AMD: Remove the pointless detect_ht() call
    - x86/cpu/common: Provide detect_ht_early()
    - x86/cpu/topology: Provide detect_extended_topology_early()
    - x86/cpu/intel: Evaluate smp_num_siblings early
    - x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
    - x86/cpu/AMD: Evaluate smp_num_siblings early
    - x86/apic: Ignore secondary threads if nosmt=force
    - x86/speculation/l1tf: Extend 64bit swap file size limit
    - x86/cpufeatures: Add detection of L1D cache flush support.
    - x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
    - x86/speculation/l1tf: Protect PAE swap entries against L1TF
    - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
    - Revert "x86/apic: Ignore secondary threads if nosmt=force"
    - cpu/hotplug: Boot HT siblings at least once
    - x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
    - x86/KVM/VMX: Add module argument for L1TF mitigation
    - x86/KVM/VMX: Add L1D flush algorithm
    - x86/KVM/VMX: Add L1D MSR based flush
    - x86/KVM/VMX: Add L1D flush logic
    - x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
    - x86/KVM/VMX: Add find_msr() helper function
    - x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
    - x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
    - x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
    - cpu/hotplug: Online siblings when SMT control is turned on
    - x86/litf: Introduce vmx status variable
    - x86/kvm: Drop L1TF MSR list approach
    - x86/l1tf: Handle EPT disabled state proper
    - x86/kvm: Move l1tf setup function
    - x86/kvm: Add static key for flush always
    - x86/kvm: Serialize L1D flush parameter setter
    - x86/kvm: Allow runtime control of L1D flush
    - cpu/hotplug: Expose SMT control init function
    - cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
    - x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
    - Documentation: Add section about CPU vulnerabilities
    - x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
    - x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
    - Documentation/l1tf: Fix typos
    - cpu/hotplug: detect SMT disabled by BIOS
    - x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
    - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
    - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
    - x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
    - x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
    - x86: Don't include linux/irq.h from asm/hardirq.h
    - x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
    - x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
    - Documentation/l1tf: Remove Yonah processors from not vulnerable list
    - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
    - x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
    - KVM: x86: Add a framework for supporting MSR-based features
    - KVM: X86: Introduce kvm_get_msr_feature()
    - KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
    - KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
    - cpu/hotplug: Fix SMT supported evaluation
    - x86/speculation/l1tf: Invert all not present mappings
    - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
    - x86/mm/pat: Make set_memory_np() L1TF safe
    - cpu: Fix per-cpu regression on ARM64
  * CVE-2018-5391
    - Revert "net: increase fragment memory usage limits"

 -- Thadeu Lima de Souza Cascardo <email address hidden>  Fri, 10 Aug 2018 15:56:36 -0300

Upload details

Uploaded by:
Thadeu Lima de Souza Cascardo on 2018-08-10
Uploaded to:
Original maintainer:
Ubuntu Kernel Team
armhf arm64
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


Bionic: [FULLYBUILT] arm64 [FULLYBUILT] armhf


File Size SHA-256 Checksum
linux-raspi2_4.15.0.orig.tar.gz 150.4 MiB c33b8ba5c45a40b689979caa2421c4d933864cd70eb93c00eb69adf43e9a24fc
linux-raspi2_4.15.0-1020.22.diff.gz 9.9 MiB 270d75eb566b7a3a765a645e2861cb607879f31b6a3d20a2ba1c85189143c802
linux-raspi2_4.15.0-1020.22.dsc 3.3 KiB 5f565b0568a9414f031e3c57b3b3705f4eafbc5a3fe1d84467fb6d4f815dc4c0

View changes file

Binary packages built by this source

linux-headers-4.15.0-1020-raspi2: Linux kernel headers for version 4.15.0 on ARMv8 SMP

 This package provides kernel header files for version 4.15.0 on
 This is for sites that want the latest kernel headers. Please read
 /usr/share/doc/linux-headers-4.15.0-1020/debian.README.gz for details.

linux-image-4.15.0-1020-raspi2: Linux kernel image for version 4.15.0 on ARMv8 SMP

 This package contains the Linux kernel image for version 4.15.0 on
 Supports Generic processors.
 Geared toward desktop and server systems.
 You likely do not want to install this package directly. Instead, install
 the linux-raspi2 meta-package, which will ensure that upgrades work
 correctly, and that supporting packages are also installed.

linux-image-4.15.0-1020-raspi2-dbgsym: Linux kernel debug image for version 4.15.0 on ARMv8 SMP

 This package provides a kernel debug image for version 4.15.0 on
 This is for sites that wish to debug the kernel.
 The kernel image contained in this package is NOT meant to boot from. It
 is uncompressed, and unstripped. This package also includes the
 unstripped modules.

linux-modules-4.15.0-1020-raspi2: No summary available for linux-modules-4.15.0-1020-raspi2 in ubuntu cosmic.

No description available for linux-modules-4.15.0-1020-raspi2 in ubuntu cosmic.

linux-raspi2-headers-4.15.0-1020: Header files related to Linux kernel version 4.15.0

 This package provides kernel header files for version 4.15.0, for sites
 that want the latest kernel headers. Please read
 /usr/share/doc/linux-raspi2-headers-4.15.0-1020/debian.README.gz for details

linux-raspi2-tools-4.15.0-1020: No summary available for linux-raspi2-tools-4.15.0-1020 in ubuntu cosmic.

No description available for linux-raspi2-tools-4.15.0-1020 in ubuntu cosmic.

linux-raspi2-tools-4.15.0-1020-dbgsym: debug symbols for linux-raspi2-tools-4.15.0-1020
linux-tools-4.15.0-1020-raspi2: Linux kernel version specific tools for version 4.15.0-1020

 This package provides the architecture dependant parts for kernel
 version locked tools (such as perf and x86_energy_perf_policy) for
 version 4.15.0-1020 on