This bug was fixed in the package linux - 4.10.0-37.41
---------------
linux (4.10.0-37.41) zesty; urgency=low
* CVE-2017-1000255
- SAUCE: powerpc/64s: Use emergency stack for kernel TM Bad Thing program
checks
- SAUCE: powerpc/tm: Fix illegal TM state in signal handler
linux (4.10.0-36.40) zesty; urgency=low
* linux: 4.10.0-36.40 -proposed tracker (LP: #1718143)
* Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
- sock: add sk_dst_pending_confirm flag
- net: add dst_pending_confirm flag to skbuff
- sctp: add dst_pending_confirm flag
- tcp: replace dst_confirm with sk_dst_confirm
- net: add confirm_neigh method to dst_ops
- net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
- net: pending_confirm is not used anymore
* SRIOV: warning if unload VFs (LP: #1715073)
- PCI: Lock each enable/disable num_vfs operation in sysfs
- PCI: Disable VF decoding before pcibios_sriov_disable() updates resources
* Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
- usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
* CVE-2017-14106
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
* [CIFS] Fix maximum SMB2 header size (LP: #1713884)
- CIFS: Fix maximum SMB2 header size
* Middle button of trackpoint doesn't work (LP: #1715271)
- Input: trackpoint - assume 3 buttons when buttons detection fails
* Drop GPL from of_node_to_nid() export to match other arches (LP: #1709179)
- powerpc: Drop GPL from of_node_to_nid() export to match other arches
* vhost guest network randomly drops under stress (kvm) (LP: #1711251)
- Revert "vhost: cache used event for better performance"
* arm64 arch_timer fixes (LP: #1713821)
- Revert "UBUNTU: SAUCE: arm64: arch_timer: Enable CNTVCT_EL0 trap if
workaround is enabled"
- arm64: arch_timer: Enable CNTVCT_EL0 trap if workaround is enabled
- clocksource/arm_arch_timer: Fix arch_timer_mem_find_best_frame()
- clocksource/drivers/arm_arch_timer: Fix read and iounmap of incorrect
variable
- clocksource/drivers/arm_arch_timer: Fix mem frame loop initialization
- clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace
is
enabled
* Touchpad not detected (LP: #1708852)
- Input: elan_i2c - add ELAN0608 to the ACPI table
-- Thadeu Lima de Souza Cascardo <casca...@canonical.com> Fri, 06 Oct
2017 16:45:48 -0300
** Changed in: linux (Ubuntu Zesty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000255
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14106
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1713821
Title:
arm64 arch_timer fixes
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Zesty:
Fix Released
Bug description:
[Impact]
This bug captures a few issues with the ARM arch_timer driver:
1) Some arm64 systems have hardware defects in their architected timer
implementations that require errata, which we workaround in the
kernel. However, it's possible that this workaround will not be
applied if the timer was reset w/ the user access bit set.
2) The Juno board fails to initialize a timer at boot:
arch_timer: Unable to map frame @ 0x0000000000000000
arch_timer: Frame missing phys irq.
Failed to initialize '/timer@2a810000': -22
3) Possible boot warning from arch_timer_mem_of_init():
'Trying to vfree() nonexistent vm area'
4) There's a theoretical problem where the first frame of a timer
could be used even though a better suited timer frame is available.
5) An infinite recursion loop will occur when enabling the function
tracer in builds with CONFIG_PREEMPT_TRACER=y. Ubuntu does not enable
CONFIG_PREEMPT_TRACER, so this will only be a problem if that changes.
[Test Case]
I've regression tested this on both a system w/ an errata workaround
(HiSilicon D05) and one that is not (Cavium ThunderX CRB1S). In both cases the
timer was initialized correctly. Verified by looking at the boot messages:
dannf@d05-3:~$ dmesg | grep arch_timer
[ 0.000000] arch_timer: Enabling global workaround for HiSilicon erratum
161010101
[ 0.000000] arch_timer: CPU0: Trapping CNTVCT access
[ 0.000000] arch_timer: cp15 timer(s) running at 50.00MHz (phys).
[ 0.194241] arch_timer: CPU1: Trapping CNTVCT access
[ 0.197305] arch_timer: CPU2: Trapping CNTVCT access
<.....>
[ 0.396228] arch_timer: CPU62: Trapping CNTVCT access
[ 0.399752] arch_timer: CPU63: Trapping CNTVCT access
ubuntu@grotrian:~$ dmesg | grep arch_timer
[ 0.000000] arch_timer: cp15 timer(s) running at 100.00MHz (phys).
[Regression Risk]
The regression risk is restricted to ARM systems, as this driver only applies
there. Regressions could lead to a timer failing to initialize, or a system
that requires errata not having the appropriate workaround applied. (Which are
also the conditions that the suggested backports are attempting to fix).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1713821/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
