starlingx/integ
Code Issues Proposed changes
StarlingX Integration and packaging
851 Commits 24 Branches 10 Tags 52 MiB
Shell 33.1%
JavaScript 24.1%
Perl 14.3%
Python 10.3%
Makefile 6.6%
Other 11.5%
30788066d6
Go to file
zhiguo.zhang 30788066d6 Upgrade std kernel patch to CentOS7.6 3.10.0-957.12.2 
New set of CVEs was reported against Intel CPUs: CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091.
For these CVEs there are RH and CentOS updates available.

CVE-2018-12126:
Microarchitectural Store Buffer Data Sampling (MSBDS):
Store buffers on some microprocessors utilizing speculative
execution may allow an authenticated user to potentially
enable information disclosure via a side channel with local access.
A list of impacted products can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/
corporate-information/SA00233-microcode-update-guidance_05132019.pdf

CVE-2018-12127:
Microarchitectural Load Port Data Sampling (MLPDS):
Load ports on some microprocessors utilizing speculative execution
may allow an authenticated user to potentially enable information
disclosure via a side channel with local access. A list of impacted
products can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/
corporate-information/SA00233-microcode-update-guidance_05132019.pdf

CVE-2018-12130:
Microarchitectural Fill Buffer Data Sampling (MFBDS):
Fill buffers on some microprocessors utilizing speculative execution
may allow an authenticated user to potentially enable information
disclosure via a side channel with local access. A list of impacted
products can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/
corporate-information/SA00233-microcode-update-guidance_05132019.pdf

CVE-2019-11091:
Microarchitectural Data Sampling Uncacheable Memory(MDSUM):
Uncacheable memory on some microprocessors utilizing speculative
execution may allow an authenticated user to potentially enable
information disclosure via a side channel with local access.
A list of impacted products can be found here:
https://www.intel.com/content/dam/www/public/us/en/documents/
corporate-information/SA00233-microcode-update-guidance_05132019.pdf

These are from the http://cve.mitre.org website.
These are the MDS security CVEs.

The patch is modified as follows:
1.Delete the 929-931 line of the arch/x86/kernel/cpu/cacheinfo.c file,
  because starlingx's Porting-Cacheinfo-from-Kernel-4.10.17.patch
  removes the ici_cpuid4_info structure.

2.The build-logic-and-sources-for-TiC.patch version number
  has been modified.

3.In addition to the modifications in the files in 1 and 2,
  other patches only modify the line number.

Closes-Bug: 1830487
Depends-On: https://review.opendev.org/663071
Change-Id: I4cad783311ed4a6c60b4f69bdad75d773d0cd23d
Signed-off-by: zhiguo.zhang <zhiguox.zhang@intel.com>
2019-06-11 11:09:32 +08:00
base de-fuzz fuzzy patch in systemd 2019-06-02 10:15:51 +08:00
ceph Ceph build script improvements to prevent needless rebuilds 2019-05-24 13:10:28 -04:00
config puppet-ceph: osd use filestore and configured id 2019-04-26 00:33:52 +00:00
config-files Add /var/log/armada/ to logrotate 2019-06-06 13:43:05 -04:00
database Remove pike/master files 2019-04-03 22:30:59 -04:00
devstack Followup opendev cleanup and test jobs 2019-04-21 09:23:19 -05:00
doc Clean up and standardize landing pages 2018-12-27 17:06:20 -08:00
filesystem Add notices to Intel authored files. 2019-03-20 10:31:10 -06:00
grub Fix pxe boot fail, for incorrect folder access /pxe/EFI/ on controller-0 2019-02-12 05:06:53 +08:00
kernel Upgrade std kernel patch to CentOS7.6 3.10.0-957.12.2 2019-06-11 11:09:32 +08:00
kubernetes Add two sriov docker images to the stable docker image build. 2019-05-28 13:58:00 -04:00
ldap Add notices to Intel authored files. 2019-03-20 10:31:10 -06:00
logging Fix bug in logmgmt start check 2019-05-03 14:48:56 -04:00
monitoring Fix the runtime requirements for collectd-extensions 2019-06-07 14:47:32 -05:00
networking Create OVS docker image with version 2.11.0 2019-06-04 02:34:14 +08:00
python replace python-gunicorn srpm with rpm 2019-04-23 00:51:41 +00:00
releasenotes Update config 2019-01-30 16:40:20 -08:00
security Fix RPM release name "el7" misspelled problem 2019-03-29 08:59:43 +08:00
storage-drivers Add hooks for python wheel generation 2018-10-23 10:35:32 -04:00
tools hostdata-collectors: collect mgr-restful-plugin data 2019-04-26 08:56:44 +00:00
utilities Fix for pci-irq-affinity-agent failing to start in AIO 2019-05-15 09:14:46 +00:00
virt libvirt and qemu patch reduction 2019-04-23 15:37:42 -04:00
.gitignore Add Docker Registry Token Server 2019-01-08 11:42:04 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:31 +00:00
.zuul.yaml Followup opendev cleanup and test jobs 2019-04-21 09:23:19 -05:00
centos_guest_image_rt.inc Split image.inc across git repos 2018-08-15 16:45:36 -04:00
centos_guest_image.inc Split image.inc across git repos 2018-08-15 16:45:36 -04:00
centos_iso_image.inc Include SRIOV i40evf-rt, ixgbevf-rt modules 2019-05-14 13:20:52 -05:00
centos_pkg_dirs Implement Pci Interrupt Affinity Agent 2019-05-10 01:43:27 +00:00
centos_pkg_dirs_installer Relocate anaconda to stx-integ/base/anaconda 2018-08-01 15:37:12 -04:00
centos_pkg_dirs_rt Relocate drbd to stx-integ/kernel/kernel-modules/drbd 2018-08-01 15:31:44 -04:00
centos_stable_docker_images.inc Create OVS docker image with version 2.11.0 2019-06-04 02:34:14 +08:00
centos_stable_wheels.inc Add libvirt module to stable wheels for image build 2019-04-04 22:54:04 -04:00
CONTRIBUTORS.wrs StarlingX open source release updates 2018-05-31 07:36:35 -07:00
LICENSE StarlingX open source release updates 2018-05-31 07:36:35 -07:00
pylint.rc Adding a pylint tox and zuul job for stx-integ 2019-01-08 11:14:46 -06:00
README.rst Followup opendev cleanup and test jobs 2019-04-21 09:23:19 -05:00
test-requirements.txt Add default test framework 2018-06-11 13:45:22 -05:00
tox.ini Enable Non-Occurring Flake8 Errors 2019-06-03 11:32:06 -04:00

README.rst

integ

StarlingX Integration