This bug was fixed in the package linux - 3.13.0-141.190
---------------
linux (3.13.0-141.190) trusty; urgency=low
* linux: 3.13.0-141.190 -proposed tracker (LP: #1744308)
* ubuntu_32_on_64 test crash Trusty 3.13.0-140 amd64 system (LP: #1744199) //
test_too_early_vsyscall from ubuntu_qrt_kernel_panic crashes Trusty
3.13.0-140 amd64 system (LP: #1744226) // CVE-2017-5715 // CVE-2017-5753
- SAUCE: x86/entry: Fixup 32bit compat call locations
* CVE-2017-5715 // CVE-2017-5753
- SAUCE: x86/cpuid: Fix ordering of scattered feature list
- SAUCE: KVM: Fix spec_ctrl CPUID support for guests
* CVE-2017-5754
- kaiser: Set _PAGE_NX only if supported
- kaiser: Set _PAGE_NX only if supported
linux (3.13.0-140.189) trusty; urgency=low
* linux: 3.13.0-140.189 -proposed tracker (LP: #1743375)
[ Stefan Bader ]
* CVE-2017-5715 // CVE-2017-5753
- x86, microcode: Share native MSR accessing variants
- x86: Add another set of MSR accessor functions
- x86/cpuid: Provide get_scattered_cpuid_leaf()
- kvm: vmx: Scrub hardware GPRs at VM-exit
- SAUCE: locking/barriers: introduce new memory barrier gmb()
- SAUCE: uvcvideo: prevent speculative execution
- SAUCE: carl9170: prevent speculative execution
- SAUCE: p54: prevent speculative execution
- SAUCE: qla2xxx: prevent speculative execution
- SAUCE: cw1200: prevent speculative execution
- SAUCE: userns: prevent speculative execution
- SAUCE: fs: prevent speculative execution
- SAUCE: udf: prevent speculative execution
- SAUCE: x86/feature: Enable the x86 feature to control Speculation
- SAUCE: x86/feature: Report presence of IBPB and IBRS control
- SAUCE: x86/enter: MACROS to set/clear IBRS and set IBPB
- SAUCE: x86/enter: Use IBRS on syscall and interrupts
- SAUCE: x86/idle: Disable IBRS entering idle and enable it on wakeup
- SAUCE: x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup
- SAUCE: x86/mm: Set IBPB upon context switch
- SAUCE: x86/mm: Only set IBPB when the new thread cannot ptrace current
thread
- SAUCE: x86/entry: Stuff RSB for entry to kernel for non-SMEP platform
- SAUCE: x86/kvm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD to kvm
- SAUCE: x86/kvm: Set IBPB when switching VM
- SAUCE: x86/kvm: Toggle IBRS on VM entry and exit
- SAUCE: x86/kvm: Pad RSB on VM transition
- SAUCE: x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature
- SAUCE: x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb
control
- SAUCE: x86/entry: Use retpoline for syscall's indirect calls
- SAUCE: x86/cpu/AMD: Add speculative control support for AMD
- SAUCE: x86/microcode: Extend post microcode reload to support IBPB feature
- SAUCE: KVM: SVM: Do not intercept new speculative control MSRs
- SAUCE: x86/svm: Set IBRS value on VM entry and exit
- SAUCE: x86/svm: Set IBPB when running a different VCPU
- SAUCE: KVM: x86: Add speculative control CPUID support for guests
- SAUCE: x86/svm: Add code to clobber the RSB on VM exit
- SAUCE: x86/cpu/AMD: Make the LFENCE instruction serialized
- SAUCE: x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature
- SAUCE: x86/kvm: Fix stuff_RSB() for 32-bit
- SAUCE: arm64: no gmb() implementation yet
- SAUCE: arm: no gmb() implementation yet
- SAUCE: powerpc: no gmb() implementation yet
* Do not duplicate changelog entries assigned to more than one bug or CVE
(LP: #1743383)
- [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
-- Stefan Bader <stefan.ba...@canonical.com> Fri, 19 Jan 2018 13:23:30
+0100
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1744226
Title:
test_too_early_vsyscall from ubuntu_qrt_kernel_panic crashes Trusty
3.13.0-140 amd64 system
Status in linux package in Ubuntu:
Invalid
Status in linux source package in Trusty:
Fix Released
Bug description:
This is a potential regression.
The system will hang when running the test_too_early_vsyscall from
ubuntu_qrt_kernel_panic test suite with the proposed 3.13.0-140
kernel.
Steps:
1. Deploy a Trusty amd64 node (node pepe in this case)
2. sudo apt-get install git python-minimal -y
3. git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest-client-tests
-b master-next
4. git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest
5. rm -fr autotest/client/tests
6. ln -sf ~/autotest-client-tests autotest/client/tests
7. Monitor the syslog with tail -f /var/log/syslog
8. AUTOTEST_PATH=/home/ubuntu/autotest sudo -E autotest/client/autotest-local
--verbose autotest/client/tests/ubuntu_qrt_kernel_panic/control
Results:
* The system will hang, no output from syslog. This test can pass with
3.13.0-139
Output with 3.13.0-140
ubuntu@onibi:~$ AUTOTEST_PATH=/home/ubuntu/autotest sudo -E
autotest/client/autotest-local --verbose
autotest/client/tests/ubuntu_qrt_kernel_panic/control
06:39:30 INFO | Writing results to
/home/ubuntu/autotest/client/results/default
06:39:30 DEBUG| Initializing the state engine
06:39:30 DEBUG| Persistent state client.steps now set to []
06:39:30 DEBUG| Persistent option harness now set to None
06:39:30 DEBUG| Persistent option harness_args now set to None
06:39:30 DEBUG| Selected harness: standalone
06:39:31 INFO | START ---- ---- timestamp=1516343971 localtime=Jan
19 06:39:31
06:39:31 DEBUG| Persistent state client._record_indent now set to 1
06:39:31 INFO | START ubuntu_qrt_kernel_panic.setup
ubuntu_qrt_kernel_panic.setup timestamp=1516343971 localtime=Jan 19
06:39:31
06:39:31 DEBUG| Persistent state client._record_indent now set to 2
06:39:31 DEBUG| Persistent state client.unexpected_reboot now set to
('ubuntu_qrt_kernel_panic.setup', 'ubuntu_qrt_kernel_panic.setup')
06:39:31 DEBUG| Running 'apt-get install --yes --force-yes git
build-essential libcap2-bin gawk execstack exim4 libcap-dev libkeyutils-dev
gcc-multilib'
06:39:31 DEBUG| [stdout] Reading package lists...
06:39:33 DEBUG| [stdout] Building dependency tree...
06:39:33 DEBUG| [stdout] Reading state information...
06:39:33 DEBUG| [stdout] build-essential is already the newest version.
06:39:33 DEBUG| [stdout] execstack is already the newest version.
06:39:33 DEBUG| [stdout] gawk is already the newest version.
06:39:33 DEBUG| [stdout] gcc-multilib is already the newest version.
06:39:33 DEBUG| [stdout] libcap-dev is already the newest version.
06:39:33 DEBUG| [stdout] libcap2-bin is already the newest version.
06:39:33 DEBUG| [stdout] libkeyutils-dev is already the newest version.
06:39:33 DEBUG| [stdout] exim4 is already the newest version.
06:39:33 DEBUG| [stdout] git is already the newest version.
06:39:33 DEBUG| [stdout] 0 upgraded, 0 newly installed, 0 to remove and 0 not
upgraded.
06:39:33 DEBUG| Running 'which gcc'
06:39:33 DEBUG| [stdout] /usr/bin/gcc
06:39:33 INFO | GOOD ubuntu_qrt_kernel_panic.setup
ubuntu_qrt_kernel_panic.setup timestamp=1516343973 localtime=Jan 19
06:39:33 completed successfully
06:39:33 INFO | END GOOD ubuntu_qrt_kernel_panic.setup
ubuntu_qrt_kernel_panic.setup timestamp=1516343973 localtime=Jan 19
06:39:33
06:39:33 DEBUG| Persistent state client._record_indent now set to 1
06:39:33 DEBUG| Persistent state client.unexpected_reboot deleted
06:39:33 INFO | START ubuntu_qrt_kernel_panic.test-kernel-panic.py
ubuntu_qrt_kernel_panic.test-kernel-panic.py timestamp=1516343973
localtime=Jan 19 06:39:33
06:39:33 DEBUG| Persistent state client._record_indent now set to 2
06:39:33 DEBUG| Persistent state client.unexpected_reboot now set to
('ubuntu_qrt_kernel_panic.test-kernel-panic.py',
'ubuntu_qrt_kernel_panic.test-kernel-panic.py')
06:39:33 DEBUG| Running 'apt-get install --yes --force-yes git
build-essential libcap2-bin gawk execstack exim4 libcap-dev libkeyutils-dev
gcc-multilib'
06:39:33 DEBUG| [stdout] Reading package lists...
06:39:33 DEBUG| [stdout] Building dependency tree...
06:39:34 DEBUG| [stdout] Reading state information...
06:39:34 DEBUG| [stdout] build-essential is already the newest version.
06:39:34 DEBUG| [stdout] execstack is already the newest version.
06:39:34 DEBUG| [stdout] gawk is already the newest version.
06:39:34 DEBUG| [stdout] gcc-multilib is already the newest version.
06:39:34 DEBUG| [stdout] libcap-dev is already the newest version.
06:39:34 DEBUG| [stdout] libcap2-bin is already the newest version.
06:39:34 DEBUG| [stdout] libkeyutils-dev is already the newest version.
06:39:34 DEBUG| [stdout] exim4 is already the newest version.
06:39:34 DEBUG| [stdout] git is already the newest version.
06:39:34 DEBUG| [stdout] 0 upgraded, 0 newly installed, 0 to remove and 0 not
upgraded.
06:39:34 DEBUG| Running 'which gcc'
06:39:34 DEBUG| [stdout] /usr/bin/gcc
06:39:34 DEBUG| Running 'python ./test-kernel-panic.py -v'
06:39:34 DEBUG| [stdout] Running test: './test-kernel-panic.py' distro:
'Ubuntu 14.04' kernel: '3.13.0-140.189 (Ubuntu 3.13.0-140.189-generic
3.13.11-ckt39)' arch: 'amd64' uid: 0/0 SUDO_USER: 'ubuntu')
06:39:34 ERROR| [stderr] test_cve_2013_2094 (__main__.KernelPanicTest)
06:39:35 ERROR| [stderr] test linux kernel perf out-of-bounds access
(CVE-2013-2094) ... ok
06:39:35 ERROR| [stderr] test_cve_2015_7550 (__main__.KernelPanicTest)
06:39:36 DEBUG| [stdout] Skipping private tests
06:39:36 DEBUG| [stdout]
06:43:24 ERROR| [stderr] test linux kernel keyctl race (CVE-2015-7550) ... ok
06:43:24 ERROR| [stderr] test_too_early_vsyscall (__main__.KernelPanicTest)
It stops here.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-3.13.0-140-generic 3.13.0-140.189
ProcVersionSignature: User Name 3.13.0-140.189-generic 3.13.11-ckt39
Uname: Linux 3.13.0-140-generic x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Jan 19 06:49 seq
crw-rw---- 1 root audio 116, 33 Jan 19 06:49 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.14.1-0ubuntu3.27
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
CurrentDmesg:
[ 24.461736]
[ 24.461818] IPv6: ADDRCONF(NETDEV_CHANGE): eno1: link becomes ready
[ 28.192436] init: plymouth-upstart-bridge main process ended, respawning
Date: Fri Jan 19 06:56:51 2018
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
MachineType: Dell Inc. PowerEdge R310
PciMultimedia:
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-140-generic
root=UUID=ded56b2d-3057-4d58-a1e5-422853291ffd ro
RelatedPackageVersions:
linux-restricted-modules-3.13.0-140-generic N/A
linux-backports-modules-3.13.0-140-generic N/A
linux-firmware 1.127.24
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 08/17/2011
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.8.2
dmi.board.name: 05XKKK
dmi.board.vendor: Dell Inc.
dmi.board.version: A05
dmi.chassis.type: 23
dmi.chassis.vendor: Dell Inc.
dmi.modalias:
dmi:bvnDellInc.:bvr1.8.2:bd08/17/2011:svnDellInc.:pnPowerEdgeR310:pvr:rvnDellInc.:rn05XKKK:rvrA05:cvnDellInc.:ct23:cvr:
dmi.product.name: PowerEdge R310
dmi.sys.vendor: Dell Inc.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1744226/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
