group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1881338] Re: linux-azure: Update SGX version to version LD_1.33

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1881338@xxxxxxxxxxxxxxxxxx>
Date: Tue, 28 Jul 2020 00:57:16 -0000
Reply-to: Bug 1881338 <1881338@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux-azure - 5.4.0-1022.22

---------------
linux-azure (5.4.0-1022.22) focal; urgency=medium

  * focal/linux-azure: 5.4.0-1022.22 -proposed tracker (LP: #1887060)

  [ Ubuntu: 5.4.0-42.46 ]

  * focal/linux: 5.4.0-42.46 -proposed tracker (LP: #1887069)
  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux-azure (5.4.0-1021.21) focal; urgency=medium

  * focal/linux-azure: 5.4.0-1021.21 -proposed tracker (LP: #1885845)

  * module intel_sgx appears to be blacklisted by the kernel.  (LP: #1862201)
    - Revert "UBUNTU: [Packaging] linux-azure: Prevent intel_sgx from being
      automatically loaded"
    - [Packaging] linux-azure: Divert conf files blacklisting intel_sgx

  * Add XDP support to hv_netvsc driver (LP: #1877654)
    - hv_netvsc: Add XDP support
    - hv_netvsc: Update document for XDP support
    - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs

  * Request to include two NUMA related commits in Azure kernels (LP: #1880975)
    - PCI: hv: Decouple the func definition in hv_dr_state from VSP message
    - PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2

  [ Ubuntu: 5.4.0-41.45 ]

  * focal/linux: 5.4.0-41.45 -proposed tracker (LP: #1885855)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open
  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start
  * CVE-2020-11935
    - aufs: do not call i_readcount_inc()
  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - selftests: net: ip_defrag: ignore EPERM
  * Update lockdown patches (LP: #1884159)
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down
  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc
  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

 -- Khalid Elmously <khalid.elmously@xxxxxxxxxxxxx>  Fri, 10 Jul 2020
01:51:58 -0400

** Changed in: linux-azure (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11935

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1881338

Title:
   linux-azure: Update SGX version to version LD_1.33

Status in linux-azure package in Ubuntu:
  Fix Released
Status in linux-azure-4.15 package in Ubuntu:
  New
Status in linux-base package in Ubuntu:
  Fix Released
Status in linux-azure source package in Xenial:
  Fix Released
Status in linux-azure-4.15 source package in Xenial:
  Invalid
Status in linux-base source package in Xenial:
  Fix Released
Status in linux-azure source package in Bionic:
  Fix Committed
Status in linux-azure-4.15 source package in Bionic:
  Fix Released
Status in linux-base source package in Bionic:
  Fix Released
Status in linux-azure source package in Eoan:
  Fix Released
Status in linux-azure-4.15 source package in Eoan:
  Invalid
Status in linux-base source package in Eoan:
  Fix Released
Status in linux-azure source package in Focal:
  Fix Released
Status in linux-azure-4.15 source package in Focal:
  Invalid
Status in linux-base source package in Focal:
  Fix Released

Bug description:
  [Impact]

  We have included the DCAP version of SGX into the linux-azure kernels
  in order to provide a signed version of this driver that can be used
  with secure boot in Azure instances.

  Since a new version of this driver was released, we should update the
  embedded driver:

  https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/LD_1.33/driver/linux

  [Test Case]

  - Install the new kernel on an ACC azure instance.
  - Ensure the module loads properly.
  - Check if ECL (provided on the azure images) is working properly.

  [Regression Potential]

  The changes are extensive, but both Canonical and Microsoft perform
  validation tests on SGX. Besides that, the change is restricted to
  linux-azure running on specific instances.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1881338/+subscriptions