UbuntuUpdates.org

Package "linux-azure-cvm"




Name: linux-azure-cvm

Description:

Base kernel used to build the final CVM kernels. Use linux-azure or linux-azure-fde instead.

Latest version: *DELETED*
Release: focal (20.04)
Level: proposed
Repository: universe
Head package: linux-meta-azure-cvm

Links


Download "linux-azure-cvm"


Other versions of "linux-azure-cvm" in Focal

Repository Area Version
updates main 5.4.0-1063.66+cvm3
proposed main 5.4.0.1064.62
PPA: Canonical Kernel Team 5.4.0.1064.62

Changelog

Version: *DELETED* 2021-11-25 17:06:21 UTC
No changelog for deleted or moved packages.

Version: 5.4.0.1064.62 2021-11-23 15:06:21 UTC
No changelog available yet.

Version: *DELETED* 2021-10-28 12:06:25 UTC
No changelog for deleted or moved packages.

Version: 5.4.0-1063.66+cvm2 2021-10-27 23:06:28 UTC

  linux-azure-cvm (5.4.0-1063.66+cvm2) focal; urgency=medium

  * focal/linux-azure-cvm: 5.4.0-1063.66+cvm2 -proposed tracker (LP: #1947232)

  * linux-azure-cvm: Create a 5.4 based kernel (LP: #1948057)
    - Revert "UBUNTU: [Packaging] linux-azure-cvm: Disable UEFI signed kernel
      image"

  * Backport commits required for confidential VMs (LP: #1915146)
    - SAUCE: x86/hyperv: Load/save the Isolation Configuration leaf
    - SAUCE: x86/Hyper-V: Add visibility parameter for vmbus_establish_gpadl()
    - SAUCE: x86/Hyper-V: Add new hvcall guest address host visibility support
    - SAUCE: HV: Get Hyper-V Isolated VM capability
    - SAUCE: HV: Add Write/Read MSR registers via ghcb
    - SAUCE: HV: Add ghcb hvcall support for SNP VM
    - SAUCE: HV/Vmbus: Add SNP support for VMbus channel initiate message
    - SAUCE: hv/vmbus: Initialize VMbus ring buffer for Isolated VM
    - SAUCE: x86/Hyper-V: Initialize bounce buffer page cache and list
    - SAUCE: x86/Hyper-V: Add new parameter for
      vmbus_sendpacket_pagebuffer()/mpb_desc()
    - SAUCE: x86/Hyper-V: Copy data from/to bounce buffer during IO operation.
    - SAUCE: HV/Netvsc: Add SNP support for netvsc driver
    - SAUCE: HV/Storvsc: Add bounce buffer support for Storvsc
    - hv_netvsc: Remove unnecessary round_up for recv_completion_cnt
    - hv_netvsc: Add validation for untrusted Hyper-V values
    - drivers: hv: vmbus: Introduce latency testing
    - Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening
    - scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus
      hardening
    - hv_netvsc: Use vmbus_requestor to generate transaction IDs for VMBus
      hardening
    - SAUCE: Drivers: hv: vmbus: Copy packets sent by Hyper-V out of the ring
      buffer
    - SAUCE: hv_utils: Add validation for untrusted Hyper-V values
    - SAUCE: Drivers: hv: vmbus: Initialize memory to be sent to the host
    - Drivers: hv: copy from message page only what's needed
    - Drivers: hv: check VMBus messages lengths
    - Drivers: hv: allocate the exact needed memory for messages
    - SAUCE: Drivers: hv: vmbus: Reduce number of references to message in
      vmbus_on_msg_dpc()
    - Drivers: hv: make sure that 'struct vmbus_channel_message_header' compiles
      correctly
    - SAUCE: Drivers: hv: vmbus: Resolve race condition in vmbus_onoffer_rescind()
    - SAUCE: scsi: storvsc: Fix max_outstanding_req_per_channel for Win8 and newer
    - SAUCE: scsi: storvsc: Resolve data race in storvsc_probe()
    - SAUCE: scsi: storvsc: Validate length of incoming packet in
      storvsc_on_channel_callback()
    - SAUCE: hv_netvsc: Add (more) validation for untrusted Hyper-V values
    - Drivers: hv: vmbus: Introduce table of VMBus protocol versions
    - Drivers: hv: vmbus: Enable VMBus protocol versions 4.1, 5.1 and 5.2
    - SAUCE: Drivers: hv: vmbus: Restrict vmbus_devices on isolated guests
    - SAUCE: Drivers: hv: vmbus: Enforce 'VMBus version >= 5.2' on isolated guests
    - SAUCE: hv_netvsc: Restrict configurations on isolated guests
    - SAUCE: hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer
    - SAUCE: HV/Bounce buffer: Add SMP support in the bounce buffer code
    - SAUCE: HV/IVM: Disable interrupt when read ghcb
    - SAUCE: HV/Netvsc: Unmap recv_buf and send buf in extra address space
    - SAUCE: HV: Set gpadl buffer not visible to host when return buffer back to
      system
    - SAUCE: Stovsc: Reserve bounce buffer for storvsc subchannel
    - hv_netvsc: Validate number of allocated sub-channels
    - SAUCE: Drivers: hv: vmbus: Copy the hv_message in vmbus_on_msg_dpc()
    - SAUCE: hv_netvsc: Allocate the recv_buf buffers after
      NVSP_MSG1_TYPE_SEND_RECV_BUF
    - SAUCE: hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info
    - SAUCE: HV/Netvsc: Fix dropping package during high network throughput
    - SAUCE: Netvsc: Fix race condition with skb
    - SAUCE: HV/IVM: Add support for new AMD GHCB spec
    - [Config] azure: CONFIG_HYPERV_TESTING=y
    - Drivers: hv: vmbus: Use after free in __vmbus_open()
    - hv_netvsc: Cache the current data path to avoid duplicate call and message
    - hv_netvsc: Wait for completion on request SWITCH_DATA_PATH
    - Drivers: hv: vmbus: Drop error message when 'No request id available'
    - SAUCE: Revert "UBUNTU: SAUCE: Drivers: hv: vmbus: Copy packets sent by
      Hyper-V out of the ring buffer"
    - SAUCE: Drivers: hv: vmbus: Copy packets sent by Hyper-V out of the ring
      buffer
    - SAUCE: scsi: storvsc: Use blk_mq_unique_tag() to generate requestIDs
    - SAUCE: HV/Storvsc: Adjust bounce buffer in on_channel_callback
    - SAUCE: move hv_init_channel_ivm before vmbus_device_register
    - SAUCE: vmbus: Fix reserve bounce buffer isn't released during unloading
      driver
    - SAUCE: scsi: storvsc: Fix validation for unsolicited incoming packets

  [ Ubuntu: 5.4.0-1063.66 ]

  * focal/linux-azure: 5.4.0-1063.66 -proposed tracker (LP: #1947235)
  * focal/linux: 5.4.0-90.101 -proposed tracker (LP: #1947260)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.10.18)
  * Add final-checks to check certificates (LP: #1947174)
    - [Packaging] Add system trusted and revocation keys final check
  * No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s
    Gen2 (LP: #1939052)
    - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
      15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
    - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s
      Gen2
  * CVE-2020-36385
    - RDMA/cma: Add missing locking to rdma_accept()
    - RDMA/ucma: Fix the locking of ctx->file
    - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
  * Focal update: v5.4.148 upstream stable release (LP: #1946802)
    - rtc: tps65910: Correct driver module alias
    - btrfs: wake up async_del

1948057 linux-azure-cvm: Create a 5.4 based kernel
1915146 Backport commits required for confidential VMs
1786013 Packaging resync
1947174 Add final-checks to check certificates
1939052 No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s Gen2
1946802 Focal update: v5.4.148 upstream stable release
1946795 Focal update: v5.4.147 upstream stable release
1896448 ip6gretap / erspan / ip6erspan in rtnetlink.sh from net of ubuntu_kernel_selftests failed on B-5.4-aws / B-5.4-gke / B-5.4-oracle / B-5.4-azure / B-5
1944586 kernel bug found when disconnecting one fiber channel interface on Cisco Chassis with fnic DRV_VERSION \
1944613 memfd from ubuntu_kernel_selftests failed to build on B-5.4 (unknown type name \u2018__u64\u2019)
1909814 Keyboard not working
1945180 vrf: fix refcnt leak with vxlan slaves
1945989 Check for changes relevant for security certifications
1945211 Fix cold plugged USB device on certain PCIe USB cards
1946024 Focal update: v5.4.146 upstream stable release
1920674 AMD A8-7680 (amdgpu): broken Xorg acceleration and hibernation
1945517 Focal update: v5.4.145 upstream stable release
1944756 Focal update: v5.4.144 upstream stable release
CVE-2020-36385 An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_l
CVE-2021-3428 integer overflow in ext4_es_cache_extent
CVE-2019-19449 In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f
CVE-2021-3759 unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks



About   -   Send Feedback to @ubuntu_updates