kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #139590
[Bug 1499089] Re: Please enable kconfig X86_LEGACY_VM86 for i386
This bug was fixed in the package linux - 4.2.0-16.19
---------------
linux (4.2.0-16.19) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1504143
* [Config] CONFIG_X86_LEGACY_VM86=y, CONFIG_VM86=y for i386
- LP: #1499089
* [Config] CONFIG_MODIFY_LDT_SYSCALL=y
- LP: #1499089
* SAUCE: intel_pstate: Allow manually forcing the use of HWP on Skylake-S
* [Config] CONFIG_ARM64_ERRATUM_843419=n
- LP: #1502946
* [Config] CONFIG_CAVIUM_ERRATUM_22375=y, CONFIG_CAVIUM_ERRATUM_23154=y
[ Christophe Lombard ]
* SAUCE: (noup) cxl: Fix number of allocated pages in SPA
- LP: #1499849
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix to avoid corrupting port selection mask
[ Robert Richter ]
* SAUCE: (noup) irqchip/gicv3-its: Add range check for number of
allocated pages
* SAUCE: (noup) irqchip/gicv3: Workaround for Cavium ThunderX erratum
23154
* SAUCE: (noup) irqchip/gicv3-its: Read typer register outside the loop
* SAUCE: (noup) irqchip/gicv3-its: Add HW revision detection and
configuration
* SAUCE: (noup) irqchip/gicv3-its: Workaround for Cavium ThunderX errata
22375, 24313
[ Upstream Kernel Changes ]
* x86/compat: Define ARCH_WANT_OLD_COMPAT_IPC only for 32-bit compat
- LP: #1499089
* x86/compat: Clean up HAVE_UID16 config
- LP: #1499089
* x86/compat: Separate ia32 and x32 compat ABIs
- LP: #1499089
* x86/entry/vm86: Clean up saved_fs/gs
- LP: #1499089
* x86/entry/vm86: Preserve 'orig_ax'
- LP: #1499089
* x86/entry/vm86: Move userspace accesses to do_sys_vm86()
- LP: #1499089
* x86/kconfig/32: Rename CONFIG_VM86 and default it to 'n'
- LP: #1499089
* x86/ldt: Make modify_ldt() optional
- LP: #1499089
* x86/vm86: Move vm86 fields out of 'thread_struct'
- LP: #1499089
* x86/vm86: Move fields from 'struct kernel_vm86_struct' to 'struct vm86'
- LP: #1499089
* x86/vm86: Eliminate 'struct kernel_vm86_struct'
- LP: #1499089
* x86/vm86: Use the normal pt_regs area for vm86
- LP: #1499089
* x86/vm86: Move the vm86 IRQ definitions to vm86.h
- LP: #1499089
* x86/vm86: Clean up vm86.h includes
- LP: #1499089
* x86/vm86: Rename vm86->vm86_info to user_vm86
- LP: #1499089
* x86/vm86: Rename vm86->v86flags and v86mask
- LP: #1499089
* x86/selftests, x86/vm86: Improve entry_from_vm86 selftest
- LP: #1499089
* selftests/x86/vm86: Fix entry_from_vm86 test on 64-bit kernels
- LP: #1499089
* x86/vm86: Block non-root vm86(old) if mmap_min_addr != 0
- LP: #1499089
* x86/vm86: Fix the misleading CONFIG_VM86 Kconfig help text
- LP: #1499089
* netfilter: conntrack: use nf_ct_tmpl_free in CT/synproxy error paths
- LP: #1503902
linux (4.2.0-15.18) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503692
[ Andy Whitcroft ]
* Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()"
Was incorrectly backported.
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Tim Gardner ]
* [Debian] config-check and prepare using ${DEBIAN}/config/annotations
Makes the LTS update script work better.
linux (4.2.0-15.17) wily; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1503016
* rebase to v4.2.3
[ Andrew Donnellan ]
* SAUCE: cxl: fix leak of IRQ names in cxl_free_afu_irqs()
* SAUCE: cxl: fix leak of ctx->irq_bitmap when releasing context via
kernel API
* SAUCE: cxl: fix leak of ctx->mapping when releasing kernel API contexts
[ Ben Hutchings ]
* SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()
- CVE-2015-7312
[ Dan Carpenter ]
* SAUCE: (noup) cxlflash: a couple off by one bugs
- LP: #1499849
[ John Johansen ]
* SAUCE: (no-up) apparmor: fix mount not handling disconnected paths
- LP: #1496430
[ Manoj Kumar ]
* SAUCE: (noup) cxlflash: Fix to avoid invalid port_sel value
- LP: #1499849
* SAUCE: (noup) cxlflash: Replace magic numbers with literals
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix read capacity timeout
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to double the delay each time
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to escalate to LINK_RESET on login timeout
- LP: #1499849
[ Matthew R. Ochs ]
* SAUCE: (noup) cxlflash: Fix potential oops following LUN removal
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix data corruption when vLUN used over
multiple cards
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid sizeof(bool)
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix context encode mask width
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid CXL services during EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct naming of limbo state and waitq
- LP: #1499849
* SAUCE: (noup) cxlflash: Make functions static
- LP: #1499849
* SAUCE: (noup) cxlflash: Refine host/device attributes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid spamming the kernel log
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid stall while waiting on TMF
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix location of setting resid
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix host link up event handling
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix async interrupt bypass logic
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove dual port online dependency
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix AFU version access/storage and add check
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct usage of scsi_host_put()
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent workq from accessing freed
memory
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct behavior in device reset handler
following EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Remove unnecessary scsi_block_requests
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix function prolog parameters and return codes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix MMIO and endianness errors
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent EEH recovery failure
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct spelling, grammar, and alignment
mistakes
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to prevent stale AFU RRQ
- LP: #1499849
* SAUCE: (noup) MAINTAINERS: Add cxlflash driver
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid corrupting adapter fops
- LP: #1499849
* SAUCE: (noup) cxlflash: Correct trace string
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid potential deadlock on EEH
- LP: #1499849
* SAUCE: (noup) cxlflash: Fix to avoid leaving dangling interrupt
resources
- LP: #1499849
[ Philippe Bergheaud ]
* SAUCE: cxl: Workaround malformed pcie packets on some cards
[ Tim Gardner ]
* [Config] CONFIG_CC_STACKPROTECTOR_STRONG=y
- LP: #1380025
* [Config] Add MMC modules sufficient for net booting
- LP: #1502772
[ Upstream Kernel Changes ]
* Initialize msg/shm IPC objects before doing ipc_addid()
* RDS: verify the underlying transport exists before creating a
connection
* cxl: abort cxl_pci_enable_device_hook() if PCI channel is offline
* cxl: Fix build failure due to -Wunused-variable behaviour change
* cxl: Fix lockdep warning while creating afu_err_buff attribute
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- CVE-2015-2925
* hv_netvsc: Add support to set MTU reservation from guest side
- LP: #1494431
* hv_netvsc: Add close of RNDIS filter into change mtu call
- LP: #1494431
-- Tim Gardner <tim.gardner@xxxxxxxxxxxxx> Thu, 08 Oct 2015 08:37:53
-0400
** Changed in: linux (Ubuntu Wily)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7312
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1499089
Title:
Please enable kconfig X86_LEGACY_VM86 for i386
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Wily:
Fix Released
Bug description:
In order for dosemu to reach maximum performance (a > 10x speedup) please enable kconfig X86_LEGACY_VM86 in the kernel. As of this commit http://www.spinics.net/lists/linux-tip-commits/msg30360.html
the overzealous kconfig message that seemed to suggest that the vm86() syscall was a security hazard in itself has been revised to reflect reality. Also please note that even if this kconfig option is enabled the runtime default is still off as vm86 is only actually enabled if the sysctl vm.mmap_min_addr is set to 0. That said, allowing vm.mmap_min_addr=0 is a known security risk and enabling the vm86() syscall to operate additionally would add little value to any potential attacker.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1499089/+subscriptions
References
