group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1765364] Re: Backport spectre/meltdown fixes on qemu for ppc64 into 16.04 and possibly 14.04 LTS releases

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1765364@xxxxxxxxxxxxxxxxxx>
Date: Wed, 27 Mar 2019 11:54:49 -0000
Reply-to: Bug 1765364 <1765364@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package qemu - 1:2.5+dfsg-5ubuntu10.36

---------------
qemu (1:2.5+dfsg-5ubuntu10.36) xenial-security; urgency=medium

  * Spectre/Meltdown fixes for ppc64 (LP: #1765364)
    - debian/patches/lp1765364/*.patches: add backported capabilities and
      spectre/meltdown commits.
  * SECURITY UPDATE: race during file renaming in v9fs_wstat
    - debian/patches/CVE-2018-19489.patch: add locks to hw/9pfs/9p.c.
    - CVE-2018-19489
  * SECURITY UPDATE: heap based buffer overflow in slirp
    - debian/patches/CVE-2019-6778.patch: check data length while emulating
      ident function in slirp/tcp_subr.c.
    - CVE-2019-6778

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Fri, 22 Mar 2019
14:19:08 -0400

** Changed in: qemu (Ubuntu Xenial)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19489

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6778

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1765364

Title:
  Backport spectre/meltdown fixes on qemu for ppc64 into 16.04 and
  possibly 14.04 LTS releases

Status in The Ubuntu-power-systems project:
  Incomplete
Status in The Ubuntu-power-systems project ubuntu-14.04 series:
  New
Status in The Ubuntu-power-systems project ubuntu-16.04 series:
  In Progress
Status in qemu package in Ubuntu:
  Fix Released
Status in qemu source package in Xenial:
  Fix Released

Bug description:
  == Comment: #0 - Satheesh Rajendran <satheera@xxxxxxxxxx> - 2018-04-19 04:26:51 ==
  ---Problem Description---
  Backport spectre/meltdown fixes on qemu for ppc64 into all LTS releases
   
  Contact Information = satheera@xxxxxxxxxx 
   
  ---uname output---
  -
   
  Machine Type = power8,power9 
   
  ---Debugger---
  A debugger is not configured
   
  ---Steps to Reproduce---
   For pseries guests there are 3 tri-state -machine options/capabilities relating to Spectre/Meltdown mitigation: cap-cfpc, cap-sbbc, cap-ibs, which each correspond to a set of host machine capabilities advertised by the KVM kernel module in new/patched host kernels that can be used to mitigate various aspects of Spectre/Meltdown:

  cap-cfpc: Cache Flush on Privilege Change
  cap-sbbc: Speculation Barrier Bounds Checking
  cap-ibs: Indirect Branch Serialisation

  Details can be found here https://www.qemu.org/2018/02/14/qemu-2-11-1
  -and-spectre-update/

  Needed qemu commits:

  cb931c2108 target/ppc: Check mask when setting cap_ppc_safe_indirect_branch
  4f5b039d2b ppc/spapr-caps: Disallow setting workaround for spapr-cap-ibs
  8c5909c419 ppc/spapr-caps: Change migration macro to take full spapr-cap name
  c59704b254 target/ppc/spapr: Add H-Call H_GET_CPU_CHARACTERISTICS
  4be8d4e7d9 target/ppc/spapr_caps: Add new tristate cap safe_indirect_branch
  09114fd817 target/ppc/spapr_caps: Add new tristate cap safe_bounds_check
  8f38eaf8f9 target/ppc/spapr_caps: Add new tristate cap safe_cache
  6898aed77f target/ppc/spapr_caps: Add support for tristate spapr_capabilities
  8acc2ae5e9 target/ppc/kvm: Add cap_ppc_safe_[cache/bounds_check/indirect_branch]


  Optional commits to introduce a machine type variant pseries-<release>-sxxm, when used would set/enable the three machine capabilities explained above automatically, if host is capable(host kernel is supported). Bug 166426
  813f3cf655 ppc/spapr-caps: Define the pseries-2.12-sxxm machine type
  c76c0d3090 ppc/spapr-caps: Convert cap-ibs to custom spapr-cap
  aaf265ffde ppc/spapr-caps: Convert cap-sbbc to custom spapr-cap
  f27aa81e72 ppc/spapr-caps: Convert cap-cfpc to custom spapr-cap
  87175d1bc5 ppc/spapr-caps: Add support for custom spapr_capabilities

  
   
  Userspace tool common name: qemu-kvm 
   
  The userspace tool has the following bit modes: both 

  Userspace rpm: qemu-kvm

  Userspace tool obtained from project website:  na 
   
  *Additional Instructions for satheera@xxxxxxxxxx:
  -Attach ltrace and strace of userspace application.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1765364/+subscriptions