group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1820075] Re: [Packaging] Improve config annotations check on custom kernels

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1820075@xxxxxxxxxxxxxxxxxx>
Date: Tue, 25 Jun 2019 13:08:32 -0000
Reply-to: Bug 1820075 <1820075@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux-azure - 4.15.0-1049.54

---------------
linux-azure (4.15.0-1049.54) xenial; urgency=medium

  * linux-azure: 4.15.0-1049.54 -proposed tracker (LP: #1834091)

  * Upstream Commits Needed for DPDK on Azure (LP: #1812123)
    - uio: document uio_hv_generic regions
    - uio_hv_generic: create send and receive buffers
    - uio_hv_generic: add rescind support
    - uio_hv_generic: support sub-channels
    - uio_hv_generic: fix subchannel ring mmap
    - uio_hv_generic: use standard mmap for resources
    - vmbus: keep pointer to ring buffer page
    - uio: introduce UIO_MEM_IOVA
    - hv_uio_generic: map ringbuffer phys addr
    - uio_hv_generic: use ISR callback method
    - uio_hv_generic: use correct channel in isr
    - uio_hv_generic: make ring buffer attribute for primary channel
    - uio_hv_generic: defer opening vmbus until first use
    - uio_hv_generic: set callbacks on open
    - vmbus: pass channel to hv_process_channel_removal
    - vmbus: split ring buffer allocation from open
    - vmbus: fix subchannel removal

  * Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * [linux-azure] Please Include Mainline Commit ebaf39e6032f  in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes

  * [linux-azure] Commits Requested in 16.04 for the Azure Kernel (LP: #1830242)
    - blk-mq: remove the request_list usage
    - nvme-pci: remove cq check after submission
    - nvme-pci: split the nvme queue lock into submission and completion locks

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

  [ Ubuntu: 4.15.0-54.58 ]

  * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Marcelo Henrique Cerri <marcelo.cerri@xxxxxxxxxxxxx>  Mon, 24 Jun
2019 17:44:20 -0300

** Changed in: linux-azure (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11478

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11479

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1820075

Title:
  [Packaging] Improve config annotations check on custom kernels

Status in linux-azure package in Ubuntu:
  New
Status in linux-gcp package in Ubuntu:
  New
Status in linux-azure source package in Xenial:
  Fix Released
Status in linux-gcp source package in Xenial:
  New
Status in linux-azure source package in Bionic:
  Invalid
Status in linux-gcp source package in Bionic:
  New
Status in linux-azure source package in Cosmic:
  Fix Committed
Status in linux-gcp source package in Cosmic:
  Fix Released
Status in linux-azure source package in Disco:
  Fix Committed
Status in linux-gcp source package in Disco:
  New

Bug description:
  [Impact]

  Currently for custom kernels, it's necessary to keep a separate
  annotations file that often gets out of sync with the corresponding
  file in debian.master/.

  The "debian/scripts/config-check" script can be changed to allow
  additional annotations files to act as overlays over the original
  annotations file, allowing custom kernels to override the policies
  just for the relevant configs.

  The proposal is to add support for an include directive in the
  annotations file so custom kernels can include the annotations file
  from its base kernel and override policies on a config basis.

  [Test Case]

  A kernel build should complete successfully after the change.

  
  [Regression Potential] 

  Low regression potential since that's a change on the build process
  that doesn't affect the final kernel that is built.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1820075/+subscriptions