group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1572624] Re: Backport patch to abort syscalls in active transactions

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1572624@xxxxxxxxxxxxxxxxxx>
Date: Thu, 14 Jul 2016 17:13:03 -0000
Reply-to: Bug 1572624 <1572624@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 3.13.0-92.139

---------------
linux (3.13.0-92.139) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1597060

  [ Josh Boyer ]

  * SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module
    loading is restricted
    - LP: #1566221
  * SAUCE: UEFI: efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
    - LP: #1566221
  * SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot
    - LP: #1566221, #1571691
  * SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode
    - LP: #1566221, #1571691

  [ Matthew Garrett ]

  * SAUCE: UEFI: Add secure_modules() call
    - LP: #1566221
  * SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled
    - LP: #1566221
  * SAUCE: UEFI: x86: Lock down IO port access when module security is
    enabled
    - LP: #1566221
  * SAUCE: UEFI: ACPI: Limit access to custom_method
    - LP: #1566221
  * SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading
    is restricted
    - LP: #1566221
  * SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is
    restricted
    - LP: #1566221
  * SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module
    loading restrictions
    - LP: #1566221
  * SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted
    - LP: #1566221
  * SAUCE: UEFI: Add option to automatically enforce module signatures when
    in Secure Boot mode
    - LP: #1566221

  [ Stefan Bader ]

  * [Config] Add pm80xx scsi driver to d-i
    - LP: #1595628

  [ Tim Gardner ]

  * [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
  * SAUCE: UEFI: Display MOKSBState when disabled
    - LP: #1566221, #1571691
  * SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl
    - LP: #1593075
  * SAUCE: UEFI: Set EFI_SECURE_BOOT bit in x86_efi_facility
    - LP: #1593075
  * [Config] CONFIG_EFI=n for arm64
    - LP: #1566221

  [ Upstream Kernel Changes ]

  * powerpc/tm: Abort syscalls in active transactions
    - LP: #1572624
  * HID: core: prevent out-of-bound readings
    - LP: #1579190
  * efi: Add separate 32-bit/64-bit definitions
    - LP: #1566221
  * x86/efi: Build our own EFI services pointer table
    - LP: #1566221
  * mm: migrate dirty page without clear_page_dirty_for_io etc
    - LP: #1581865
    - CVE-2016-3070
  * oom_kill: change oom_kill.c to use for_each_thread()
    - LP: #1592429
  * oom_kill: has_intersects_mems_allowed() needs rcu_read_lock()
    - LP: #1592429
  * oom_kill: add rcu_read_lock() into find_lock_task_mm()
    - LP: #1592429
  * virtio_balloon: return the amount of freed memory from leak_balloon()
    - LP: #1587089
  * virtio_balloon: free some memory from balloon on OOM
    - LP: #1587089
  * virtio_ballon: change stub of release_pages_by_pfn
    - LP: #1587089
  * virtio_balloon: do not change memory amount visible via /proc/meminfo
    - LP: #1587089

 -- Kamal Mostafa <kamal@xxxxxxxxxxxxx>  Tue, 28 Jun 2016 12:40:49 -0700

** Changed in: linux (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3070

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1572624

Title:
  Backport patch to abort syscalls in active transactions

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Vivid:
  Fix Released
Status in linux source package in Wily:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Released

Bug description:
  == Comment: #0 - Tulio Magno Quites Machado Filho - 2016-02-23 12:47:09 ==
  ---Problem Description---
  This is happening on Ubuntu 14.04.3.
  User is creating stack structure using C++ transactional memory extension:

      int Pop(int)
      {
          int ret = 0;
          __transaction_atomic
          {
                  if(!stack_.empty())
                  {
                          ret = stack_.top();
                          stack_.pop();
                  } else
                          ret = -1;
          }
          return ret;
      }

  While evaluating if(!stack_.empty()), this code calls a libitm function (GCC code), which calls malloc (glibc code) which ends up calling futex (a syscall).
  A syscall inside a transaction is forbidden by the kernel, but there is nothing the user can do to avoid this syscall.

  This will hang the user application inside the malloc(), which would
  be waiting for the futex to return.

  Ubuntu 14.04 provides glibc 2.19, which is too old to know about HTM.
  And this is probably happening with other libraries as well.

  Backporting commit b4b56f9e would solve this issue.
    
  ---uname output---
  Linux 3.13.0-66-generic #108-Ubuntu SMP Wed Oct 7 16:06:09 UTC 2015 ppc64le ppc64le ppc64le GNU/Linux
   
  ---Steps to Reproduce---
   Start a transaction, make a syscall.
   
  == Comment: #1 - Wei Guo - 2016-02-24 02:33:03 ==
  I already verfied that kernel with patch b4b56f9e (on Ubuntu14.04) will work.

  == Comment: #2 - Wei Guo - 2016-02-26 04:20:37 ==
  Backport patch for commit b4b56f9e is attached. The patch is based on tag Ubuntu-lts-3.19.0-25.26_14.04.1.

  Tested based on Ubuntu 14.04.4 LTS ( 3.19.0-25-generic).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1572624/+subscriptions