This bug was fixed in the package linux - 6.11.0-7.7
---------------
linux (6.11.0-7.7) oracular; urgency=medium
* oracular/linux: 6.11.0-7.7 -proposed tracker (LP: #2079949)
* update apparmor and LSM stacking patch set (LP: #2028253)
- SAUCE: apparmor4.0.0 [1/99]: LSM: Infrastructure management of the sock
security
- SAUCE: apparmor4.0.0 [2/99]: LSM: Add the lsmblob data structure.
- SAUCE: apparmor4.0.0 [3/99]: LSM: Use lsmblob in security_audit_rule_match
- SAUCE: apparmor4.0.0 [4/99]: LSM: Call only one hook for audit rules
- SAUCE: apparmor4.0.0 [5/99]: LSM: Add lsmblob_to_secctx hook
- SAUCE: apparmor4.0.0 [6/99]: Audit: maintain an lsmblob in audit_context
- SAUCE: apparmor4.0.0 [7/99]: LSM: Use lsmblob in security_ipc_getsecid
- SAUCE: apparmor4.0.0 [8/99]: Audit: Update shutdown LSM data
- SAUCE: apparmor4.0.0 [9/99]: LSM: Use lsmblob in security_current_getsecid
- SAUCE: apparmor4.0.0 [10/99]: LSM: Use lsmblob in security_inode_getsecid
- SAUCE: apparmor4.0.0 [11/99]: Audit: use an lsmblob in audit_names
- SAUCE: apparmor4.0.0 [12/99]: LSM: Create new security_cred_getlsmblob LSM
hook
- SAUCE: apparmor4.0.0 [13/99]: Audit: Change context data from secid to
lsmblob
- SAUCE: apparmor4.0.0 [14/99]: Netlabel: Use lsmblob for audit data
- SAUCE: apparmor4.0.0 [15/99]: LSM: Ensure the correct LSM context releaser
- SAUCE: apparmor4.0.0 [16/99]: LSM: Use lsmcontext in
security_secid_to_secctx
- SAUCE: apparmor4.0.0 [17/99]: LSM: Use lsmcontext in
security_lsmblob_to_secctx
- SAUCE: apparmor4.0.0 [18/99]: LSM: Use lsmcontext in
security_inode_getsecctx
- SAUCE: apparmor4.0.0 [19/99]: LSM: lsmcontext in
security_dentry_init_security
- SAUCE: apparmor4.0.0 [20/99]: LSM: security_lsmblob_to_secctx module
selection
- SAUCE: apparmor4.0.0 [21/99]: Audit: Create audit_stamp structure
- SAUCE: apparmor4.0.0 [22/99]: Audit: Allow multiple records in an
audit_buffer
- SAUCE: apparmor4.0.0 [23/99]: Audit: Add record for multiple task security
contexts
- SAUCE: apparmor4.0.0 [24/99]: audit: multiple subject lsm values for
netlabel
- SAUCE: apparmor4.0.0 [25/99]: Audit: Add record for multiple object
contexts
- SAUCE: apparmor4.0.0 [26/99]: LSM: Remove unused lsmcontext_init()
- SAUCE: apparmor4.0.0 [27/99]: LSM: Improve logic in security_getprocattr
- SAUCE: apparmor4.0.0 [28/99]: LSM: secctx provider check on release
- SAUCE: apparmor4.0.0 [29/99]: LSM: Single calls in socket_getpeersec hooks
- SAUCE: apparmor4.0.0 [30/99]: LSM: Exclusive secmark usage
- SAUCE: apparmor4.0.0 [31/99]: LSM: Identify which LSM handles the context
string
- SAUCE: apparmor4.0.0 [32/99]: AppArmor: Remove the exclusive flag
- SAUCE: apparmor4.0.0 [33/99]: LSM: Add mount opts blob size tracking
- SAUCE: apparmor4.0.0 [34/99]: LSM: allocate mnt_opts blobs instead of
module
specific data
- SAUCE: apparmor4.0.0 [35/99]: LSM: Infrastructure management of the key
security blob
- SAUCE: apparmor4.0.0 [36/99]: LSM: Infrastructure management of the
mnt_opts
security blob
- SAUCE: apparmor4.0.0 [37/99]: LSM: Remove lsmblob scaffolding
- SAUCE: apparmor4.0.0 [38/99]: LSM: Allow reservation of netlabel
- SAUCE: apparmor4.0.0 [39/99]: LSM: restrict security_cred_getsecid() to a
single LSM
- SAUCE: apparmor4.0.0 [40/99]: Smack: Remove LSM_FLAG_EXCLUSIVE
- SAUCE: apparmor4.0.0 [41/99]: LSM stacking v39: UBUNTU: SAUCE:
apparmor4.0.0
[41/99]: add/use fns to print hash string hex value
- SAUCE: apparmor4.0.0 [42/99]: patch to provide compatibility with v2.x net
rules
- SAUCE: apparmor4.0.0 [43/99]: add unpriviled user ns mediation
- SAUCE: apparmor4.0.0 [44/99]: Add sysctls for additional controls of
unpriv
userns restrictions
- SAUCE: apparmor4.0.0 [45/99]: af_unix mediation
- SAUCE: apparmor4.0.0 [46/99]: Add fine grained mediation of posix mqueues
- SAUCE: apparmor4.0.0 [47/99] fixup inode_set_attr
- SAUCE: apparmor4.0.0 [48/99]: setup slab cache for audit data
- SAUCE: apparmor4.0.0 [49/99]: Improve debug print infrastructure
- SAUCE: apparmor4.0.0 [50/99]: add the ability for profiles to have a
learning cache
- SAUCE: apparmor4.0.0 [51/99]: enable userspace upcall for mediation
- SAUCE: apparmor4.0.0 [52/99]: prompt - lock down prompt interface
- SAUCE: apparmor4.0.0 [53/99]: prompt - allow controlling of caching of a
prompt response
- SAUCE: apparmor4.0.0 [54/99]: prompt - add refcount to audit_node in prep
or
reuse and delete
- SAUCE: apparmor4.0.0 [55/99]: prompt - refactor to moving caching to
uresponse
- SAUCE: apparmor4.0.0 [56/99]: prompt - Improve debug statements
- SAUCE: apparmor4.0.0 [57/99]: prompt - fix caching
- SAUCE: apparmor4.0.0 [58/99]: prompt - rework build to use append fn, to
simplify adding strings
- SAUCE: apparmor4.0.0 [59/99]: prompt - refcount notifications
- SAUCE: apparmor4.0.0 [60/99]: prompt - add the ability to reply with a
profile name
- SAUCE: apparmor4.0.0 [61/99]: prompt - fix notification cache when
updating
- SAUCE: apparmor4.0.0 [62/99]: prompt - add tailglob on name for cache
support
- SAUCE: apparmor4.0.0 [63/99]: prompt - allow profiles to set prompts as
interruptible
- SAUCE: apparmor4.0.0 [64/93] v6.8 prompt:fixup interruptible
- SAUCE: apparmor4.0.0 [65/99]: prompt - add support for advanced filtering
of
notifications
- SAUCE: apparmor4.0.0 [66/99]: userns - add the ability to reference a
global
variable for a feature value
- SAUCE: apparmor4.0.0 [67/99]: userns - make it so special unconfined
profiles can mediate user namespaces
- SAUCE: apparmor4.0.0 [68/99]: add io_uring mediation
- SAUCE: apparmor4.0.0 [69/99]: apparmor: fix oops when racing to retrieve
notification
- SAUCE: apparmor4.0.0 [70/99]: apparmor: fix notification header size
- SAUCE: apparmor4.0.0 [71/99]: apparmor: fix request field from a prompt
reply that denies all access
- SAUCE: apparmor4.0.0 [72/99]: apparmor: open userns related sysctl so lxc
can check if restriction are in place
- SAUCE: apparmor4.0.0 [73/99]: apparmor: cleanup attachment perm lookup to
use lookup_perms()
- SAUCE: apparmor4.0.0 [74/99]: apparmor: remove redundant unconfined check.
- SAUCE: apparmor4.0.0 [75/99]: apparmor: switch signal mediation to using
RULE_MEDIATES
- SAUCE: apparmor4.0.0 [76/99]: apparmor: ensure labels with more than one
entry have correct flags
- SAUCE: apparmor4.0.0 [77/99]: apparmor: remove explicit restriction that
unconfined cannot use change_hat
- SAUCE: apparmor4.0.0 [78/99]: apparmor: cleanup: refactor file_perm() to
provide semantics of some checks
- SAUCE: apparmor4.0.0 [79/99]: apparmor: carry mediation check on label
- SAUCE: apparmor4.0.0 [80/99]: apparmor: convert easy uses of unconfined()
to
label_mediates()
- SAUCE: apparmor4.0.0 [81/99]: apparmor: add additional flags to extended
permission.
- SAUCE: apparmor4.0.0 [82/99]: apparmor: add support for profiles to define
the kill signal
- SAUCE: apparmor4.0.0 [83/99]: apparmor: fix x_table_lookup when stacking
is
not the first entry
- SAUCE: apparmor4.0.0 [84/99]: apparmor: allow profile to be transitioned
when a user ns is created
- SAUCE: apparmor4.0.0 [85/99]: apparmor: add ability to mediate caps with
policy state machine
- SAUCE: apparmor4.0.0 [86/99]: fixup notify
- SAUCE: apparmor4.0.0 [87/99]: apparmor: add fine grained ipv4/ipv6
mediation
- SAUCE: apparmor4.0.0 [88/99]: apparmor: disable tailglob responses for now
- SAUCE: apparmor4.0.0 [89/99]: apparmor: Fix notify build warnings
- SAUCE: apparmor4.0.0 [90/99]: fix reserved mem for when we save ipv6
addresses
- SAUCE: apparmor4.0.0 [91/99]: fix address mapping for recvfrom
- SAUCE: apparmor4.0.0 [92/99]: apparmor: add support for 2^24 states to the
dfa state machine.
- SAUCE: apparmor4.0.0 [93/99]: apparmor: advertise to userspace support of
user upcall for file rules.
- SAUCE: apparmor4.0.0 [94/99]: apparmor: allocate xmatch for nullpdf inside
aa_alloc_null
- SAUCE: apparmor4.0.0 [95/99]: apparmor: properly handle cx/px lookup
failure
for complain
- SAUCE: apparmor4.0.0 [96/99]: apparmor: fix prompt failing during large
down
loads
- SAUCE: apparmor4.0.0 [97/99]: apparmor: fix allow field in notification
- SAUCE: apparmor4.0.0 [98/99]: fix build error with !CONFIG_SECURITY
- SAUCE: apparmor4.0.0 [99/99]: fix build error with in nfs4xdr
* Intel Lunar Lake / Battlemage enablement (LP: #2076209)
- drm/xe/lnl: Drop force_probe requirement
- drm/xe: Support 'nomodeset' kernel command-line option
- drm/i915/display: Plane capability for 64k phys alignment
- drm/xe: Align all VRAM scanout buffers to 64k physical pages when needed.
- drm/xe: Use separate rpm lockdep map for non-d3cold-capable devices
- drm/xe: Fix NPD in ggtt_node_remove()
- drm/xe/bmg: Drop force_probe requirement
- drm/xe/gsc: Fix FW status if the firmware is already loaded
- drm/xe/gsc: Track the platform in the compatibility version
- drm/xe/gsc: Wedge the device if the GSCCS reset fails
- drm/i915/bios: Update new entries in VBT BDB block definitions
- drm/xe/hwmon: Treat hwmon as a per-device concept
- drm/xe: s/xe_tile_migrate_engine/xe_tile_migrate_exec_queue
- drm/xe: Add xe_vm_pgtable_update_op to xe_vma_ops
- drm/xe: Add xe_exec_queue_last_fence_test_dep
- drm/xe: Add timeout to preempt fences
- drm/xe: Convert multiple bind ops into single job
- drm/xe: Update VM trace events
- drm/xe: Update PT layer with better error handling
- drm/xe: Add VM bind IOCTL error injection
- dma-buf: Split out dma fence array create into alloc and arm functions
- drm/xe: Invalidate media_gt TLBs in PT code
- drm/i915/display: Fix BMG CCS modifiers
- drm/xe: Use xe_pm_runtime_get in xe_bo_move() if reclaim-safe.
- drm/xe: Remove extra dma_fence_put on xe_sync_entry_add_deps failure
* [24.10 FEAT] [KRN1911] Vertical CPU Polarization Support Stage 2
(LP: #2072760)
- s390/wti: Introduce infrastructure for warning track interrupt
- s390/wti: Prepare graceful CPU pre-emption on wti reception
- s390/wti: Add wti accounting for missed grace periods
- s390/wti: Add debugfs file to display missed grace periods per cpu
- s390/topology: Add sysctl handler for polarization
- s390/topology: Add config option to switch to vertical during boot
- s390/smp: Add cpu capacities
- s390/hiperdispatch: Introduce hiperdispatch
- s390/hiperdispatch: Add steal time averaging
- s390/hiperdispatch: Add trace events
- s390/hiperdispatch: Add hiperdispatch sysctl interface
- s390/hiperdispatch: Add hiperdispatch debug attributes
- s390/hiperdispatch: Add hiperdispatch debug counters
- [Config] Initial set of new options HIPERDISPATCH_ON and
SCHED_TOPOLOGY_VERTICAL to yes for s390x
* Remove non-LPAE kernel flavor (LP: #2025265)
- [Packaging] Drop control.d/vars.generic-lpae
* generate and ship vmlinux.h to allow packages to build BPF CO-RE
(LP: #2050083)
- [Packaging] Don't call dh_all on linux-bpf-dev unless on master kernel
* Miscellaneous Ubuntu changes
- [Config] updateconfigs following v6.11-rc7 rebase
-- Timo Aaltonen <timo.aalto...@canonical.com> Mon, 09 Sep 2024
13:38:09 +0300
** Changed in: linux (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2059080
Title:
Add Real-time Linux Analysis tool (rtla) to linux-tools
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Noble:
Fix Released
Bug description:
[Impact]
The **rtla** is a meta-tool that includes a set of commands that aims
to analyze the real-time properties of Linux.
Considering the latest "low-latency" capabilities acquired by the
generic kernel and also considering the recent trend in Ubuntu to
focus on performance and observability (see for example
https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-
pointers-by-default), it makes sense to provide more tools that can
help to analyze timing/responsive performance, such as rtla.
[Test case]
Simple rtla usage to measure the timer irq / timer thread latency:
$ sudo rtla timerlat
[Fix]
Enable the build of the rtla binary during the kernel build and ship
it with linux-tools.
[Regression potential]
The only potential regression is an increased amount of size in the
linux-tools package, due to the extra binary.
However, the binary itself is really small, the kernel already has all
the required capabilities enabled and we don't need to introduce any
additional user-space dependency, therefore such extra space is
expected to be minimal.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2059080/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
