Ubuntu
linux package

Cosmic update to v4.17.3 stable release

Bug #1778997 reported by Seth Forshee on 2018-06-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Medium	Seth Forshee

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The v4.17.3 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

git://git.kernel.org/

TEST CASE: TBD

The following patches from the v4.17.3 stable release shall be applied:

net: aquantia: fix unsigned numvecs comparison with less than zero
bonding: re-evaluate force_primary when the primary slave name changes
cdc_ncm: avoid padding beyond end of skb
ipv6: allow PMTU exceptions to local routes
net: dsa: add error handling for pskb_trim_rcsum
net: phy: dp83822: use BMCR_ANENABLE instead of BMSR_ANEGCAPABLE for DP83620
net/sched: act_simple: fix parsing of TCA_DEF_DATA
tcp: verify the checksum of the first data segment in a new connection
tls: fix use-after-free in tls_push_record
tls: fix waitall behavior in tls_sw_recvmsg
socket: close race condition between sock_close() and sockfs_setattr()
udp: fix rx queue len reported by diag and proc interface
net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds vlan
hv_netvsc: Fix a network regression after ifdown/ifup
ACPICA: AML parser: attempt to continue loading table after error
ext4: fix hole length detection in ext4_ind_map_blocks()
ext4: update mtime in ext4_punch_hole even if no blocks are released
ext4: do not allow external inodes for inline data
ext4: bubble errors from ext4_find_inline_data_nolock() up to ext4_iget()
ext4: correctly handle a zero-length xattr with a non-zero e_value_offs
ext4: fix fencepost error in check for inode count overflow during resize
driver core: Don't ignore class_dir_create_and_add() failure.
Btrfs: allow empty subvol= again
Btrfs: fix clone vs chattr NODATASUM race
Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2()
btrfs: return error value if create_io_em failed in cow_file_range
btrfs: scrub: Don't use inode pages for device replace
ALSA: usb-audio: Disable the quirk for Nura headset
ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation
ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
ALSA: hda: add dock and led support for HP EliteBook 830 G5
ALSA: hda: add dock and led support for HP ProBook 640 G4
x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read()
smb3: fix various xid leaks
smb3: on reconnect set PreviousSessionId field
CIFS: 511c54a2f69195b28afb9dd119f03787b1625bb4 adds a check for session expiry
cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class
nbd: fix nbd device deletion
nbd: update size when connected
nbd: use bd_set_size when updating disk size
blk-mq: reinit q->tag_set_list entry only after grace period
bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue
cpufreq: Fix new policy initialization during limits updates via sysfs
cpufreq: ti-cpufreq: Fix an incorrect error return value
cpufreq: governors: Fix long idle detection logic in load calculation
libata: zpodd: small read overflow in eject_tray()
libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
nvme/pci: Sync controller reset for AER slot_reset
w1: mxc_w1: Enable clock before calling clk_get_rate() on it
x86/vector: Fix the args of vector_alloc tracepoint
x86/apic/vector: Prevent hlist corruption and leaks
x86/apic: Provide apic_ack_irq()
x86/ioapic: Use apic_ack_irq()
x86/platform/uv: Use apic_ack_irq()
irq_remapping: Use apic_ack_irq()
genirq/generic_pending: Do not lose pending affinity update
genirq/affinity: Defer affinity setting if irq chip is busy
genirq/migration: Avoid out of line call if pending is not set
x86/intel_rdt: Enable CMT and MBM on new Skylake stepping
media: uvcvideo: Prevent setting unavailable flags
media: rc: ensure input/lirc device can be opened after register
iwlwifi: fw: harden page loading code
orangefs: set i_size on new symlink
orangefs: report attributes_mask and attributes for statx
HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation
HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large
vhost: fix info leak due to uninitialized memory
mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
Linux 4.17.3

The following patches from the v4.17.3 stable release had already been applied:

ALSA: hda/realtek - Enable mic-mute hotkey for several Lenovo AIOs
fs/binfmt_misc.c: do not allow offset overflow

See original description

Tags:

Seth Forshee (sforshee) on 2018-06-27

tags:	added: kernel-stable-tracking-bug
description:	updated
Changed in linux (Ubuntu):
assignee:	nobody → Seth Forshee (sforshee)
importance:	Undecided → Medium
status:	New → In Progress

Seth Forshee (sforshee) on 2018-06-27

description:	updated
Changed in linux (Ubuntu):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-08-03:

Download full text (14.9 KiB)

This bug was fixed in the package linux - 4.17.0-6.7

---------------
linux (4.17.0-6.7) cosmic; urgency=medium

* linux: 4.17.0-6.7 -proposed tracker (LP: #1783396)

  * [Regression] EXT4-fs error (device sda2): ext4_validate_block_bitmap:383:
    comm stress-ng: bg 4705: bad block bitmap checksum (LP: #1781709)
    - SAUCE: Revert "UBUNTU: SAUCE: ext4: fix ext4_validate_inode_bitmap: comm
      stress-ng: Corrupt inode bitmap"
    - SAUCE: ext4: check for allocation block validity with block group locked

This bug was fixed in the package linux - 4.17.0-6.7

---------------
linux (4.17.0-6.7) cosmic; urgency=medium

* linux: 4.17.0-6.7 -proposed tracker (LP: #1783396)

* Cosmic update to 4.17.9 stable release (LP: #1783201)
    - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access
    - mm: hugetlb: yield when prepping struct pages
    - mm: teach dump_page() to correctly output poisoned struct pages
    - PCI / ACPI / PM: Resume bridges w/o drivers on suspend-to-RAM
    - ACPICA: Drop leading newlines from error messages
    - ACPI / battery: Safe unregistering of hooks
    - drm/amdgpu: Make struct amdgpu_atif private to amdgpu_acpi.c
    - tracing: Avoid string overflow
    - tracing: Fix missing return symbol in function_graph output
    - scsi: sg: mitigate read/write abuse
    - scsi: aacraid: Fix PD performance regression over incorrect qd being set
    - scsi: target: Fix truncated PR-in ReadKeys response
    - s390: Correct register corruption in critical section cleanup
    - drbd: fix access after free
    - vfio: Use get_user_pages_longterm correctly
    - ARM: dts: imx51-zii-rdu1: fix touchscreen pinctrl
    - ARM: dts: omap3: Fix am3517 mdio and emac clock references
    - ARM: dts: dra7: Disable metastability workaround for USB2
    - cifs: Fix use after free of a mid_q_entry
    - cifs: Fix memory leak in smb2_set_ea()
    - cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting
    - cifs: Fix infinite loop when using hard mount option
    - drm: Use kvzalloc for allocating blob property memory
    - drm/udl: fix display corruption of the last line
    - drm/amdgpu: Add amdgpu_atpx_get_dhandle()
    - drm/amdgpu: Dynamically probe for ATIF handle (v2)
    - jbd2: don't mark block as modified if the handle is out of credits
    - ext4: add corruption check in ext4_xattr_set_entry()
    - ext4: always verify the magic number in xattr blocks
    - ext4: make sure bitmaps and the inode table don't overlap with bg
      descriptors
    - ext4: always check block group bounds in ext4_init_block_bitmap()
    - ext4: only look at the bg_flags field if it is valid
    - ext4: verify the depth of extent tree in ext4_find_extent()
    - ext4: include the illegal physical block in the bad map ext4_error msg
    - ext4: clear i_data in ext4_inode_info when removing inline data
    - ext4: never move the system.data xattr out of the inode body
    - ext4: avoid running out of journal credits when appending to an inline file
    - ext4: add more inode number paranoia checks
    - ext4: add more mount time checks of the superblock
    - ext4: check superblock mapped prior to committing
    - HID: i2c-hid: Fix "incomplete report" noise
    - HID: hiddev: fix potential Spectre v1
    - HID: debug: check length before copy_to_user()
    - HID: core: allow concurrent registration of drivers
    - i2c: core: smbus: fix a potential missing-check bug
    - i2c: smbus: kill memory leak on emulated and failed DMA SMBus xfers
    - fs: allow per-device dax status checking for filesystems
    - dax: change bdev_dax_supported() to support boolean returns
    - dax: check for QUEUE_FLAG_DAX in bdev_dax_supported()
    - dm: prevent DAX mounts if not supported
    - mtd: cfi_cmdset_0002: Change definition naming to retry write operation
    - mtd: cfi_cmdset_0002: Change erase functions to retry for error
    - mtd: cfi_cmdset_0002: Change erase functions to check chip good only
    - netfilter: nf_log: don't hold nf_log_mutex during user access
    - staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
    - Revert mm/vmstat.c: fix vmstat_update() preemption BUG
    - Linux 4.17.6
    - bpf: reject passing modified ctx to helper functions
    - MIPS: Call dump_stack() from show_regs()
    - MIPS: Use async IPIs for arch_trigger_cpumask_backtrace()
    - MIPS: Fix ioremap() RAM check
    - drm/etnaviv: Check for platform_device_register_simple() failure
    - drm/etnaviv: Fix driver unregistering
    - drm/etnaviv: bring back progress check in job timeout handler
    - ACPICA: Clear status of all events when entering S5
    - mmc: sdhci-esdhc-imx: allow 1.8V modes without 100/200MHz pinctrl states
    - mmc: dw_mmc: fix card threshold control configuration
    - mmc: renesas_sdhi_internal_dmac: Cannot clear the RX_IN_USE in abort
    - ibmasm: don't write out of bounds in read handler
    - staging: rtl8723bs: Prevent an underflow in rtw_check_beacon_data().
    - staging: r8822be: Fix RTL8822be can't find any wireless AP
    - ata: Fix ZBC_OUT command block check
    - ata: Fix ZBC_OUT all bit handling
    - mei: discard messages from not connected client during power down.
    - mtd: spi-nor: cadence-quadspi: Fix direct mode write timeouts
    - tracing/kprobe: Release kprobe print_fmt properly
    - vmw_balloon: fix inflation with batching
    - ahci: Add Intel Ice Lake LP PCI ID
    - ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
    - thunderbolt: Notify userspace when boot_acl is changed
    - USB: serial: ch341: fix type promotion bug in ch341_control_in()
    - USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
    - USB: serial: keyspan_pda: fix modem-status error handling
    - USB: yurex: fix out-of-bounds uaccess in read handler
    - USB: serial: mos7840: fix status-register error handling
    - usb: quirks: add delay quirks for Corsair Strafe
    - xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
    - Fix up non-directory creation in SGID directories
    - mm: zero unavailable pages before memmap init
    - ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION
    - ALSA: hda - Handle pm failure during hotplug
    - mm: do not drop unused pages when userfaultd is running
    - fs/proc/task_mmu.c: fix Locked field in /proc/pid/smaps*
    - x86/purgatory: add missing FORCE to Makefile target
    - fs, elf: make sure to page align bss in load_elf_library
    - mm: do not bug_on on incorrect length in __mm_populate()
    - tracing: Reorder display of TGID to be after PID
    - kbuild: delete INSTALL_FW_PATH from kbuild documentation
    - acpi, nfit: Fix scrub idle detection
    - arm64: neon: Fix function may_use_simd() return error status
    - tools build: fix # escaping in .cmd files for future Make
    - IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values
    - i2c: tegra: Fix NACK error handling
    - i2c: recovery: if possible send STOP with recovery pulses
    - iw_cxgb4: correctly enforce the max reg_mr depth
    - xen: remove global bit from __default_kernel_pte_mask for pv guests
    - xen: setup pv irq ops vector earlier
    - bsg: fix bogus EINVAL on non-data commands
    - crypto: x86/salsa20 - remove x86 salsa20 implementations
    - uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
    - netfilter: nf_queue: augment nfqa_cfg_policy
    - crypto: don't optimize keccakf()
    - netfilter: x_tables: initialise match/target check parameter struct
    - loop: add recursion validation to LOOP_CHANGE_FD
    - xfs: fix inobt magic number check
    - PM / hibernate: Fix oops at snapshot_write()
    - RDMA/ucm: Mark UCM interface as BROKEN
    - loop: remember whether sysfs_create_group() was done
    - kvm: vmx: Nested VM-entry prereqs for event inj.
    - f2fs: give message and set need_fsck given broken node id
    - f2fs: avoid bug_on on corrupted inode
    - f2fs: sanity check on sit entry
    - f2fs: sanity check for total valid node blocks
    - ARM: dts: armada-38x: use the new thermal binding
    - Linux 4.17.7
    - mm: don't do zero_resv_unavail if memmap is not allocated
    - Linux 4.17.8
    - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
    - x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
    - x86/paravirt: Make native_save_fl() extern inline
    - pinctrl: sh-pfc: r8a77970: remove SH_PFC_PIN_CFG_DRIVE_STRENGTH flag
    - pinctrl: mt7622: fix error path on failing at groups building
    - pinctrl: mt7622: stop using the deprecated pinctrl_add_gpio_range
    - pinctrl: mt7622: fix a kernel panic when gpio-hog is being applied
    - alx: take rtnl before calling __alx_open from resume
    - atm: Preserve value of skb->truesize when accounting to vcc
    - atm: zatm: Fix potential Spectre v1
    - hv_netvsc: split sub-channel setup into async and sync
    - ipv6: sr: fix passing wrong flags to crypto_alloc_shash()
    - ipvlan: fix IFLA_MTU ignored on NEWLINK
    - ixgbe: split XDP_TX tail and XDP_REDIRECT map flushing
    - net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
    - net: dccp: switch rx_tstamp_last_feedback to monotonic clock
    - net: fix use-after-free in GRO with ESP
    - net: macb: Fix ptp time adjustment for large negative delta
    - net/mlx5e: Avoid dealing with vport representors if not being e-switch
      manager
    - net/mlx5e: Don't attempt to dereference the ppriv struct if not being
      eswitch manager
    - net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager
    - net/mlx5: Fix command interface race in polling mode
    - net/mlx5: Fix incorrect raw command length parsing
    - net/mlx5: Fix required capability for manipulating MPFS
    - net/mlx5: Fix wrong size allocation for QoS ETC TC regitster
    - net: mvneta: fix the Rx desc DMA address in the Rx path
    - net/packet: fix use-after-free
    - net/sched: act_ife: fix recursive lock and idr leak
    - net/sched: act_ife: preserve the action control in case of error
    - net_sched: blackhole: tell upper qdisc about dropped packets
    - net: sungem: fix rx checksum support
    - net/tcp: Fix socket lookups with SO_BINDTODEVICE
    - qede: Adverstise software timestamp caps when PHC is not available.
    - qed: Fix setting of incorrect eswitch mode.
    - qed: Fix use of incorrect size in memcpy call.
    - qed: Limit msix vectors in kdump kernel to the minimum required count.
    - qmi_wwan: add support for the Dell Wireless 5821e module
    - r8152: napi hangup fix after disconnect
    - s390/qeth: don't clobber buffer on async TX completion
    - stmmac: fix DMA channel hang in half-duplex mode
    - strparser: Remove early eaten to fix full tcp receive buffer stall
    - tcp: fix Fast Open key endianness
    - tcp: prevent bogus FRTO undos with non-SACK flows
    - vhost_net: validate sock before trying to put its fd
    - VSOCK: fix loopback on big-endian systems
    - hinic: reset irq affinity before freeing irq
    - nfp: flower: fix mpls ether type detection
    - net: macb: initialize bp->queues[0].bp for at91rm9200
    - net: use dev_change_tx_queue_len() for SIOCSIFTXQLEN
    - nfp: reject binding to shared blocks
    - xen-netfront: Fix mismatched rtnl_unlock
    - xen-netfront: Update features after registering netdev
    - enic: do not overwrite error code
    - i40e: split XDP_TX tail and XDP_REDIRECT map flushing
    - IB/mlx5: Avoid dealing with vport representors if not being e-switch manager
    - Revert "s390/qeth: use Read device to query hypervisor for MAC"
    - s390/qeth: avoid using is_multicast_ether_addr_64bits on (u8 *)[6]
    - s390/qeth: fix race when setting MAC address
    - sfc: correctly initialise filter rwsem for farch
    - virtio_net: split XDP_TX kick and XDP_REDIRECT map flushing
    - x86/kvm/Kconfig: Ensure CRYPTO_DEV_CCP_DD state at minimum matches KVM_AMD
    - net: cxgb3_main: fix potential Spectre v1
    - rtlwifi: Fix kernel Oops "Fw download fail!!"
    - rtlwifi: rtl8821ae: fix firmware is not ready to run
    - net: lan78xx: Fix race in tx pending skb size calculation
    - crypto: af_alg - Initialize sg_num_bytes in error code path
    - PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg()
    - netfilter: ebtables: reject non-bridge targets
    - reiserfs: fix buffer overflow with long warning messages
    - KEYS: DNS: fix parsing multiple options
    - tls: Stricter error checking in zerocopy sendmsg path
    - autofs: fix slab out of bounds read in getname_kernel()
    - nsh: set mac len based on inner packet
    - netfilter: ipv6: nf_defrag: drop skb dst before queueing
    - bdi: Fix another oops in wb_workfn()
    - bpf: reject any prog that failed read-only lock
    - rds: avoid unenecessary cong_update in loop transport
    - block: don't use blocking queue entered for recursive bio submits
    - bpf: sockmap, fix crash when ipv6 sock is added
    - bpf: sockmap, consume_skb in close path
    - bpf: don't leave partial mangled prog in jit_subprogs error path
    - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
    - ipvs: initialize tbl->entries after allocation
    - ipvs: initialize tbl->entries in ip_vs_lblc_init_svc()
    - arm/arm64: smccc: Add SMCCC-specific return codes
    - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
    - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
    - arm64: Add ARCH_WORKAROUND_2 probing
    - arm64: Add 'ssbd' command-line option
    - arm64: ssbd: Add global mitigation state accessor
    - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
    - arm64: ssbd: Restore mitigation status on CPU resume
    - arm64: ssbd: Introduce thread flag to control userspace mitigation
    - arm64: ssbd: Add prctl interface for per-thread mitigation
    - arm64: KVM: Add HYP per-cpu accessors
    - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
    - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
    - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
    - bpf: enforce correct alignment for instructions
    - bpf, arm32: fix to use bpf_jit_binary_lock_ro api
    - bpf: undo prog rejection on read-only lock failure
    - Linux 4.17.9

* linux 4.17.0-5 fails to build on ppc64el with gcc-8 (LP: #1783167)
    - kbuild: add macro for controlling warnings to linux/compiler.h
    - disable -Wattribute-alias warning for SYSCALL_DEFINEx()
    - powerpc/64: Fix strncpy() related build failures with GCC 8.1

* Kernel error "task zfs:pid blocked for more than 120 seconds" (LP: #1781364)
    - SAUCE: (noup) zfs to 0.7.9-3ubuntu4

* [Regression] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:99:
    comm stress-ng: Corrupt inode bitmap (LP: #1780137)
    - SAUCE: ext4: fix ext4_validate_inode_bitmap: comm stress-ng: Corrupt inode
      bitmap

* Miscellaneous Ubuntu changes
    - SAUCE: (noup) Update spl to 0.7.9-3ubuntu2, zfs to 0.7.9-3ubuntu3
    - ABI: ib_ucm is being dropped upstream
    - ABI: salsa20-{x86_64,i586} modules are no longer upstream
    - [Config] updateconfigs after applying stable fixes
    - [Config] retpoline -- review and accept retpoline changes

* Miscellaneous upstream changes
    - Revert "UBUNTU: [Config]: set CONFIG_EDAC_DEBUG=y for ARM64"

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Tue, 24 Jul 2018 16:02:30 -0300

Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

Brad Figg (brad-figg) on 2019-07-24

tags:

added: cscc

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

Cosmic update to v4.17.3 stable release

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
linux package