Bug 49476 – linux: Multiple issues (4.4)

Bug 49476 - linux: Multiple issues (4.4)


Summary:	linux: Multiple issues (4.4)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.4
Hardware:	All Linux

Importance:	P3 normal (vote)
Target Milestone:	UCS 4.4-0-errata
Assigned To:	Quality Assurance
QA Contact:	Philipp Hahn

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2019-05-15 10:03 CEST by Quality Assurance
Modified:	2019-05-15 14:52 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:	6.5 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Quality Assurance

2019-05-15 10:03:58 CEST

New Debian linux 4.9.168-1+deb9u2 fixes:
This update addresses the following issues:
* Microarchitectural Store Buffer Data Sampling (MSBDS) (CVE-2018-12126)
* Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)  (CVE-2018-12127)
* Microarchitectural Fill Buffer Data Sampling (MFBDS) (CVE-2018-12130)
* Microarchitectural Data Sampling Uncacheable Memory (MDSUM)  (CVE-2019-11091)

Comment 1 Quality Assurance

2019-05-15 10:29:17 CEST

--- mirror/ftp/4.4/unmaintained/component/4.4-0-errata/source/univention-kernel-image-signed_5.0.0-2A~4.4.0.201904301047.dsc
+++ apt/ucs_4.4-0-errata4.4-0/source/univention-kernel-image-signed_5.0.0-3A~4.4.0.201905151019.dsc
@@ -1,8 +1,12 @@
-5.0.0-2A~4.4.0.201904301047 [Tue, 30 Apr 2019 10:47:38 +0200] Univention builddaemon <buildd@univention.de>:
+5.0.0-3A~4.4.0.201905151019 [Wed, 15 May 2019 10:19:55 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. No patches were applied to the original source package
 
+5.0.0-3 [Wed, 15 May 2019 10:18:00 +0200] Philipp Hahn <hahn@univention.de>:
+
+  * Bug #49476: Update to linux-4.9.168-1+deb9u2
+
 5.0.0-2 [Tue, 30 Apr 2019 09:02:54 +0200] Philipp Hahn <hahn@univention.de>:
 
-  * Bug #49364: Update to linux-4.9.168-1
+  * Bug #49377: Update to linux-4.9.168-1
 

<http://10.200.17.11/4.4-0/#620945926114612164>

Comment 2 Quality Assurance

2019-05-15 10:29:22 CEST

--- mirror/ftp/4.4/unmaintained/component/4.4-0-errata/source/linux_4.9.168-1.dsc
+++ apt/ucs_4.4-0-errata4.4-0/source/linux_4.9.168-1+deb9u2.dsc
@@ -1,3 +1,100 @@
+4.9.168-1+deb9u2 [Mon, 13 May 2019 21:59:18 +0100] Ben Hutchings <ben@decadent.org.uk>:
+
+  [ Salvatore Bonaccorso ]
+  * Revert "block/loop: Use global lock for ioctl() operation."
+    (Closes: #928125)
+
+4.9.168-1+deb9u1 [Mon, 13 May 2019 21:51:01 +0100] Ben Hutchings <ben@decadent.org.uk>:
+
+  * [x86] Update speculation mitigations:
+    - x86/MCE: Save microcode revision in machine check records
+    - x86/cpufeatures: Hide AMD-specific speculation flags
+    - x86/bugs: Add AMD's variant of SSB_NO
+    - x86/bugs: Add AMD's SPEC_CTRL MSR usage
+    - x86/bugs: Switch the selection of mitigation from CPU vendor to CPU
+      features
+    - x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR
+    - x86/microcode/intel: Add a helper which gives the microcode revision
+    - x86/microcode/intel: Check microcode revision before updating sibling
+      threads
+    - x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
+    - x86/microcode: Update the new microcode revision unconditionally
+    - x86/mm: Use WRITE_ONCE() when setting PTEs
+    - bitops: avoid integer overflow in GENMASK(_ULL)
+    - x86/speculation: Simplify the CPU bug detection logic
+    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
+      new <linux/bits.h> file
+    - x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
+    - x86/cpu: Sanitize FAM6_ATOM naming
+    - Documentation/l1tf: Fix small spelling typo
+    - x86/speculation: Apply IBPB more strictly to avoid cross-process data
+      leak
+    - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
+    - x86/speculation: Propagate information about RSB filling mitigation to
+      sysfs
+    - x86/speculation/l1tf: Drop the swap storage limit restriction when
+      l1tf=off
+    - x86/speculation: Update the TIF_SSBD comment
+    - x86/speculation: Clean up spectre_v2_parse_cmdline()
+    - x86/speculation: Remove unnecessary ret variable in cpu_show_common()
+    - x86/speculation: Move STIPB/IBPB string conditionals out of
+      cpu_show_common()
+    - x86/speculation: Disable STIBP when enhanced IBRS is in use
+    - x86/speculation: Rename SSBD update functions
+    - x86/speculation: Reorganize speculation control MSRs update
+    - x86/Kconfig: Select SCHED_SMT if SMP enabled
+    - sched: Add sched_smt_active()
+    - x86/speculation: Rework SMT state change
+    - x86/l1tf: Show actual SMT state
+    - x86/speculation: Reorder the spec_v2 code
+    - x86/speculation: Mark string arrays const correctly
+    - x86/speculataion: Mark command line parser data __initdata
+    - x86/speculation: Unify conditional spectre v2 print functions
+    - x86/speculation: Add command line control for indirect branch speculation
+    - x86/speculation: Prepare for per task indirect branch speculation control
+    - x86/process: Consolidate and simplify switch_to_xtra() code
+    - x86/speculation: Avoid __switch_to_xtra() calls
+    - x86/speculation: Prepare for conditional IBPB in switch_mm()
+    - x86/speculation: Split out TIF update
+    - x86/speculation: Prepare arch_smt_update() for PRCTL mode
+    - x86/speculation: Prevent stale SPEC_CTRL msr content
+    - x86/speculation: Add prctl() control for indirect branch speculation
+    - x86/speculation: Enable prctl mode for spectre_v2_user
+    - x86/speculation: Add seccomp Spectre v2 user space protection mode
+    - x86/speculation: Provide IBPB always command line options
+    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
+    - x86/msr-index: Cleanup bit defines
+    - x86/speculation: Consolidate CPU whitelists
+    - Documentation: Move L1TF to separate directory
+    - cpu/speculation: Add 'mitigations=' cmdline option
+    - x86/speculation: Support 'mitigations=' cmdline option
+    - x86/speculation/mds: Add 'mitigations=' support for MDS
+    - x86/cpu/bugs: Use __initconst for 'const' init data
+  * [x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
+    (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091):
+    - x86/speculation/mds: Add basic bug infrastructure for MDS
+    - x86/speculation/mds: Add BUG_MSBDS_ONLY
+    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
+    - x86/speculation/mds: Add mds_clear_cpu_buffers()
+    - x86/speculation/mds: Clear CPU buffers on exit to user
+    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
+    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
+    - x86/speculation/mds: Add mitigation control for MDS
+    - x86/speculation/mds: Add sysfs reporting for MDS
+    - x86/speculation/mds: Add mitigation mode VMWERV
+    - Documentation: Add MDS vulnerability documentation
+    - x86/speculation/mds: Add mds=full,nosmt cmdline option
+    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
+    - x86/speculation/mds: Add SMT warning message
+    - x86/speculation/mds: Fix comment
+    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
+    - x86/mds: Add MDSUM variant to the MDS documentation
+    - Documentation: Correct the possible MDS sysfs values
+    - x86/speculation/mds: Fix documentation typo
+  * [x86] msr-index: Remove dependency on <linux/bits.h>
+  * [rt] Update patches to apply on top of the speculation mitigation changes
+  * [x86] mce, tlb: Ignore ABI changes
+
 4.9.168-1 [Fri, 12 Apr 2019 15:52:49 +0200] Salvatore Bonaccorso <carnil@debian.org>:
 
   * New upstream stable update:

<http://10.200.17.11/4.4-0/#620945926114612164>

Comment 3 Philipp Hahn

2019-05-15 11:47:03 CEST

[4.4-0] a1671ff2dd Bug #49476: Update to linux-4.9.168-1+deb9u2
 .../debian/changelog                               |   6 ++++++
 .../univention-kernel-image-signed/debian/control  |   4 ++--
 .../vmlinuz-4.9.0-9-amd64.efi.signed               | Bin 4249200 -> 4253296 bytes
 3 files changed, 8 insertions(+), 2 deletions(-)

Package: univention-kernel-image-signed
Version: 5.0.0-3A~4.4.0.201905151019
Branch: ucs_4.4-0
Scope: errata4.4-0

OK: apt install linux-image-4.9.0-9-amd64-signed=5.0.0-3A~4.4.0.201905151019 linux-image-4.9.0-9-amd64=4.9.168-1+deb9u2
OK: amd64 @ kvm + SeaBIOS
OK: amd64 @ kvm + OVMF + SB
 cat /sys/kernel/security/securelevel
OK: amd64 @ xen16

OK: apt install linux-image-4.9.0-9-686-pae=4.9.168-1+deb9u2
OK: i386 @ kvm

OK: uname -a
OK: diff <(exec ./linux-dmesg-norm 4.9.0-9-amd64) <(exec ./linux-dmesg-norm 4.9.0-9-amd64.2)
 MDS: Vulnerable: Clear CPU buffers attempted, no microcode
~OK: cat /sys/devices/system/cpu/vulnerabilities/mds
 Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown

OK: http://10.200.17.11/4.4-0/#620945926114612164

Comment 4 Arvid Requate

2019-05-15 14:52:36 CEST

<http://errata.software-univention.de/ucs/4.4/97.html>
<http://errata.software-univention.de/ucs/4.4/98.html>