canonical-hw-cert team mailing list archive
-
canonical-hw-cert team
-
Mailing list archive
-
Message #12210
[Bug 1982620] Re: focal/linux-azure-5.15: 5.15.0-1016.19~20.04.1 -proposed tracker
*** This bug is a duplicate of bug 1983674 ***
https://bugs.launchpad.net/bugs/1983674
This bug was fixed in the package linux-azure-5.15 -
5.15.0-1017.20~20.04.1
---------------
linux-azure-5.15 (5.15.0-1017.20~20.04.1) focal; urgency=medium
[ Ubuntu: 5.15.0-1017.20 ]
* CVE-2022-2585
- SAUCE: posix-cpu-timers: Cleanup CPU timers before freeing them during exec
* CVE-2022-2586
- SAUCE: netfilter: nf_tables: do not allow SET_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
- SAUCE: netfilter: nf_tables: do not allow RULE_ID to refer to another chain
* CVE-2022-2588
- SAUCE: net_sched: cls_route: remove from list when handle is 0
linux-azure-5.15 (5.15.0-1016.19~20.04.1) focal; urgency=medium
* focal/linux-azure-5.15: 5.15.0-1016.19~20.04.1 -proposed tracker
(LP: #1982620)
[ Ubuntu: 5.15.0-1016.19 ]
* jammy/linux-azure: 5.15.0-1016.19 -proposed tracker (LP: #1982619)
* Azure: multi-MSI patches break fio tests on NVMe (LP: #1982613)
- Revert "PCI: hv: Fix interrupt mapping for multi-MSI"
- Revert "PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()"
- Revert "PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI"
- Revert "PCI: hv: Remove unused hv_set_msi_entry_from_desc()"
- Revert "PCI: hv: Avoid the retarget interrupt hypercall in irq_unmask() on
ARM64"
- Revert "PCI: hv: Fix multi-MSI to allow more than one MSI vector"
- Revert "genirq/msi, treewide: Use a named struct for PCI/MSI attributes"
- Revert "PCI/MSI: Remove msi_desc_to_pci_sysdata()"
- Revert "PCI/MSI: Make pci_msi_domain_write_msg() static"
- Revert "genirq/msi: Fixup includes"
- Revert "genirq/msi: Remove unused domain callbacks"
- Revert "genirq/msi: Guard sysfs code"
linux-azure-5.15 (5.15.0-1015.18~20.04.1) focal; urgency=medium
* focal/linux-azure-5.15: 5.15.0-1015.18~20.04.1 -proposed tracker
(LP: #1982312)
* Packaging resync (LP: #1786013)
- [Packaging] update variants
[ Ubuntu: 5.15.0-1015.18 ]
* jammy/linux-azure: 5.15.0-1015.18 -proposed tracker (LP: #1982272)
* Azure: Add support for multi-MSI (LP: #1981577)
- genirq/msi: Guard sysfs code
- genirq/msi: Remove unused domain callbacks
- genirq/msi: Fixup includes
- PCI/MSI: Make pci_msi_domain_write_msg() static
- PCI/MSI: Remove msi_desc_to_pci_sysdata()
- genirq/msi, treewide: Use a named struct for PCI/MSI attributes
- PCI: hv: Fix multi-MSI to allow more than one MSI vector
- PCI: hv: Avoid the retarget interrupt hypercall in irq_unmask() on ARM64
- PCI: hv: Remove unused hv_set_msi_entry_from_desc()
- PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
- PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
- PCI: hv: Fix interrupt mapping for multi-MSI
* AMD ACP 6.x DMIC Supports (LP: #1949245)
- [Config] azure: Disable AMD ACP 6 DMIC Support
* Ubuntu 22.04 and 20.04 DPC Fixes for Failure Cases of DownPort Containment
events (LP: #1965241)
- [Config] azure: Enable config option CONFIG_PCIE_EDR
* CVE-2022-29900 // CVE-2022-29901
- [Config]: azure: Enable speculation mitigations
* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/2022.07.11)
* CVE-2022-29900 // CVE-2022-29901
- x86/lib/atomic64_386_32: Rename things
- x86: Prepare asm files for straight-line-speculation
- x86: Prepare inline-asm for straight-line-speculation
- x86/alternative: Relax text_poke_bp() constraint
- kbuild: move objtool_args back to scripts/Makefile.build
- x86: Add straight-line-speculation mitigation
- kvm/emulate: Fix SETcc emulation function offsets with SLS
- crypto: x86/poly1305 - Fixup SLS
- objtool: Add straight-line-speculation validation
- objtool: Fix SLS validation for kcov tail-call replacement
- objtool: Fix objtool regression on x32 systems
- objtool: Fix symbol creation
- objtool: Introduce CFI hash
- objtool: Default ignore INT3 for unreachable
- x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
- x86/traps: Use pt_regs directly in fixup_bad_iret()
- x86/entry: Switch the stack after error_entry() returns
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry()
- x86/entry: Don't call error_entry() for XENPV
- x86/entry: Remove skip_r11rcx
- x86/realmode: build with -D__DISABLE_EXPORTS
- x86/ibt,ftrace: Make function-graph play nice
- x86/kvm/vmx: Make noinstr clean
- x86/cpufeatures: Move RETPOLINE flags to word 11
- x86/retpoline: Cleanup some #ifdefery
- x86/retpoline: Swizzle retpoline thunk
- x86/retpoline: Use -mfunction-return
- x86: Undo return-thunk damage
- x86,objtool: Create .return_sites
- objtool: skip non-text sections when adding return-thunk sites
- x86,static_call: Use alternative RET encoding
- x86/ftrace: Use alternative RET encoding
- x86/bpf: Use alternative RET encoding
- x86/kvm: Fix SETcc emulation for return thunks
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
- x86/sev: Avoid using __x86_return_thunk
- x86: Use return-thunk in asm code
- x86/entry: Avoid very early RET
- objtool: Treat .text.__x86.* as noinstr
- x86: Add magic AMD return-thunk
- x86/bugs: Report AMD retbleed vulnerability
- x86/bugs: Add AMD retbleed= boot parameter
- x86/bugs: Enable STIBP for JMP2RET
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
- x86/entry: Add kernel IBRS implementation
- x86/bugs: Optimize SPEC_CTRL MSR writes
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
- x86/bugs: Split spectre_v2_select_mitigation() and
spectre_v2_user_select_mitigation()
- x86/bugs: Report Intel retbleed vulnerability
- intel_idle: Disable IBRS during long idle
- objtool: Update Retpoline validation
- x86/xen: Rename SYS* entry points
- x86/xen: Add UNTRAIN_RET
- x86/bugs: Add retbleed=ibpb
- x86/bugs: Do IBPB fallback check only once
- objtool: Add entry UNRET validation
- x86/cpu/amd: Add Spectral Chicken
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
- x86/speculation: Fix firmware entry SPEC_CTRL handling
- x86/speculation: Fix SPEC_CTRL write on SMT state change
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
- x86/speculation: Remove x86_spec_ctrl_mask
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
- KVM: VMX: Flatten __vmx_vcpu_run()
- KVM: VMX: Convert launched argument to flags
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
- KVM: VMX: Fix IBRS handling after vmexit
- x86/speculation: Fill RSB on vmexit for IBRS
- KVM: VMX: Prevent RSB underflow before vmenter
- x86/common: Stamp out the stepping madness
- x86/cpu/amd: Enumerate BTC_NO
- x86/retbleed: Add fine grained Kconfig knobs
- x86/bugs: Add Cannon lake to RETBleed affected CPU list
- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry
- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
- x86/kexec: Disable RET on kexec
- x86/speculation: Disable RRSBA behavior
- [Config]: Enable speculation mitigations
- x86/static_call: Serialize __static_call_fixup() properly
- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
- x86/bugs: Mark retbleed_strings static
- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt
- x86/kvm: fix FASTOP_SIZE when return thunks are enabled
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
- KVM: emulate: do not adjust size of fastop and setcc subroutines
- x86/bugs: Remove apostrophe typo
- efi/x86: use naked RET on mixed mode call wrapper
* jammy/linux: 5.15.0-43.46 -proposed tracker (LP: #1981243)
* Packaging resync (LP: #1786013)
- debian/dkms-versions -- update from kernel-versions (main/2022.07.11)
* nbd: requests can become stuck when disconnecting from server with qemu-nbd
(LP: #1896350)
- nbd: don't handle response without a corresponding request message
- nbd: make sure request completion won't concurrent
- nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed
- nbd: fix io hung while disconnecting device
* Ubuntu 22.04 and 20.04 DPC Fixes for Failure Cases of DownPort Containment
events (LP: #1965241)
- PCI/portdrv: Rename pm_iter() to pcie_port_device_iter()
- PCI: pciehp: Ignore Link Down/Up caused by error-induced Hot Reset
- [Config] Enable config option CONFIG_PCIE_EDR
* [SRU] Ubuntu 22.04 Feature Request-Add support for a NVMe-oF-TCP CDC Client
- TP 8010 (LP: #1948626)
- nvme: add CNTRLTYPE definitions for 'identify controller'
- nvme: send uevent on connection up
- nvme: expose cntrltype and dctype through sysfs
* [UBUNTU 22.04] Kernel oops while removing device from cio_ignore list
(LP: #1980951)
- s390/cio: derive cdev information only for IO-subchannels
* Jammy Charmed OpenStack deployment fails over connectivity issues when using
converged OVS bridge for control and data planes (LP: #1978820)
- net/mlx5e: TC NIC mode, fix tc chains miss table
* Hairpin traffic does not work with centralized NAT gw (LP: #1967856)
- net: openvswitch: fix misuse of the cached connection on tuple changes
* alsa: asoc: amd: the internal mic can't be dedected on yellow carp machines
(LP: #1980700)
- ASoC: amd: Add driver data to acp6x machine driver
- ASoC: amd: Add support for enabling DMIC on acp6x via _DSD
* AMD ACP 6.x DMIC Supports (LP: #1949245)
- ASoC: amd: add Yellow Carp ACP6x IP register header
- ASoC: amd: add Yellow Carp ACP PCI driver
- ASoC: amd: add acp6x init/de-init functions
- ASoC: amd: add platform devices for acp6x pdm driver and dmic driver
- ASoC: amd: add acp6x pdm platform driver
- ASoC: amd: add acp6x irq handler
- ASoC: amd: add acp6x pdm driver dma ops
- ASoC: amd: add acp6x pci driver pm ops
- ASoC: amd: add acp6x pdm driver pm ops
- ASoC: amd: enable Yellow carp acp6x drivers build
- ASoC: amd: create platform device for acp6x machine driver
- ASoC: amd: add YC machine driver using dmic
- ASoC: amd: enable Yellow Carp platform machine driver build
- ASoC: amd: fix uninitialized variable in snd_acp6x_probe()
- [Config] Enable AMD ACP 6 DMIC Support
* [UBUNTU 20.04] Include patches to avoid self-detected stall with Secure
Execution (LP: #1979296)
- KVM: s390: pv: add macros for UVC CC values
- KVM: s390: pv: avoid stalls when making pages secure
* [22.04 FEAT] KVM: Attestation support for Secure Execution (crypto)
(LP: #1959973)
- drivers/s390/char: Add Ultravisor io device
- s390/uv_uapi: depend on CONFIG_S390
- [Config] CONFIG_S390_UV_UAPI=y for s390x
* CVE-2022-1679
- SAUCE: ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
* CVE-2022-28893
- SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
- SUNRPC: Don't leak sockets in xs_local_connect()
* CVE-2022-34918
- netfilter: nf_tables: stricter validation of element data
* CVE-2022-1652
- floppy: use a statically allocated error counter
-- Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx> Fri, 05 Aug
2022 08:49:03 -0300
** Changed in: linux-azure-5.15 (Ubuntu Focal)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1652
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1679
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2585
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2586
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2588
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28893
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29900
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29901
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-34918
--
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1982620
Title:
focal/linux-azure-5.15: 5.15.0-1016.19~20.04.1 -proposed tracker
Status in Kernel SRU Workflow:
Fix Committed
Status in Kernel SRU Workflow automated-testing series:
Fix Released
Status in Kernel SRU Workflow boot-testing series:
Fix Released
Status in Kernel SRU Workflow certification-testing series:
Invalid
Status in Kernel SRU Workflow new-review series:
Fix Released
Status in Kernel SRU Workflow prepare-package series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
Fix Released
Status in Kernel SRU Workflow promote-to-security series:
New
Status in Kernel SRU Workflow promote-to-updates series:
New
Status in Kernel SRU Workflow regression-testing series:
Fix Released
Status in Kernel SRU Workflow security-signoff series:
Fix Released
Status in Kernel SRU Workflow sru-review series:
Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
Fix Released
Status in Kernel SRU Workflow verification-testing series:
Fix Released
Status in linux-azure-5.15 source package in Focal:
Fix Released
Bug description:
This bug will contain status and test results related to a kernel
source (or snap) as stated in the title.
For an explanation of the tasks and the associated workflow see:
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
-- swm properties --
boot-testing-requested: true
bugs-spammed: true
built:
from: c7215591e7632227
route-entry: 1
delta:
promote-to-proposed: [signed, main, meta, lrm, lrs, lrg]
flag:
boot-testing-requested: true
bugs-spammed: true
proposed-announcement-sent: true
proposed-testing-requested: true
issue: KSRU-4500
kernel-stable-master-bug: 1982619
packages:
lrg: linux-restricted-generate-azure-5.15
lrm: linux-restricted-modules-azure-5.15
lrs: linux-restricted-signatures-azure-5.15
main: linux-azure-5.15
meta: linux-meta-azure-5.15
signed: linux-signed-azure-5.15
phase: Holding before Promote to Updates
phase-changed: Wednesday, 03. August 2022 17:13 UTC
proposed-announcement-sent: true
proposed-testing-requested: true
reason:
promote-to-updates: Holding -- cycle not ready to release
synthetic:
:promote-to-as-proposed: Fix Released
trackers:
focal/linux-azure-fde-5.15: bug 1982314
variant: debs
versions:
lrm: 5.15.0-1016.19~20.04.1
main: 5.15.0-1016.19~20.04.1
meta: 5.15.0.1016.19~20.04.9
signed: 5.15.0-1016.19~20.04.1
~~:
clamps:
new-review: c7215591e7632227
promote-to-proposed: c7215591e7632227
self: 5.15.0-1016.19~20.04.1
sru-review: c7215591e7632227
To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1982620/+subscriptions