Bug #1314274 “BUG in nf_nat_cleanup_conntrack” : Bugs : linux package : Ubuntu

Revision history for this message

Steve Conklin (sconklin) wrote on 2014-04-29:

#1

AlsaInfo.txt Edit (65.0 KiB, text/plain; charset="utf-8")
BootDmesg.txt Edit (60.1 KiB, text/plain; charset="utf-8")
CRDA.txt Edit (322 bytes, text/plain; charset="utf-8")
CurrentDmesg.txt Edit (4.9 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (3.1 KiB, text/plain; charset="utf-8")
IwConfig.txt Edit (173 bytes, text/plain; charset="utf-8")
Lspci.txt Edit (8.5 KiB, text/plain; charset="utf-8")
Lsusb.txt Edit (783 bytes, text/plain; charset="utf-8")
ProcCpuinfo.txt Edit (8.0 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (103 bytes, text/plain; charset="utf-8")
ProcInterrupts.txt Edit (3.3 KiB, text/plain; charset="utf-8")
ProcModules.txt Edit (5.7 KiB, text/plain; charset="utf-8")
PulseList.txt Edit (39.9 KiB, text/plain; charset="utf-8")
UdevDb.txt Edit (202.4 KiB, text/plain; charset="utf-8")
UdevLog.txt Edit (457.5 KiB, text/plain; charset="utf-8")
WifiSyslog.txt Edit (105.7 KiB, text/plain; charset="utf-8")

Revision history for this message

Steve Conklin (sconklin) wrote on 2014-04-29:

#2

NOTE: This bug was not reported from the affected machine, but from a workstation running the same kernel.

This bug appears after adding then removing a number of LXC containers

Revision history for this message

Chris J Arges (arges) wrote on 2014-04-29:

#3

Link to upstream bug: https://bugzilla.kernel.org/show_bug.cgi?id=65191

Changed in linux (Ubuntu):
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

Steve Conklin (sconklin) wrote on 2014-04-29:

#4

Download full text (4.0 KiB)

The problem also occurs with the mainline v3.15-rc2-trusty build:

[17345307.967478] BUG: unable to handle kernel paging request at ffffc90003777a70
[17345307.967497] IP: [<ffffffffa013f0b6>] nf_nat_cleanup_conntrack+0x46/0x70 [nf_nat]
[17345307.967510] PGD 1b6425067 PUD 1b6426067 PMD 1b0aed067 PTE 0
[17345307.967519] Oops: 0002 [#1] SMP
[17345307.967525] Modules linked in: xt_nat veth tcp_diag inet_diag xt_CHECKSUM iptable_mangle ipt_MASQUERADE iptable_nat nf_nat_ipv4 nf_nat bridge stp llc xt_owner isofs ipt_REJECT xt_LOG xt_limit nf_conntrack_ipv4 nf_defrag_ipv4 xt_tcpudp xt_conntrack nf_conntrack iptable_filter ip_tables x_tables dm_crypt microcode raid10 raid456 async_memcpy async_raid6_recov async_pq async_xor async_tx xor raid6_pq raid1 raid0 multipath linear
[17345307.967578] CPU: 0 PID: 6 Comm: kworker/u16:0 Not tainted 3.15.0-031500rc2-generic #201404201435
[17345307.967591] Workqueue: netns cleanup_net
[17345307.967596] task: ffff8801b39d0000 ti: ffff8801b39cc000 task.ti: ffff8801b39cc000
[17345307.967601] RIP: e030:[<ffffffffa013f0b6>] [<ffffffffa013f0b6>] nf_nat_cleanup_conntrack+0x46/0x70 [nf_nat]
[17345307.967611] RSP: e02b:ffff8801b39cdc48 EFLAGS: 00010246
[17345307.967617] RAX: 0000000000000000 RBX: ffff8801b1cf7b10 RCX: ffff880003110000
[17345307.967624] RDX: ffffc90003777a70 RSI: 0000000000000200 RDI: ffffffffa01434e0
[17345307.967630] RBP: ffff8801b39cdc58 R08: 0000000058690aeb R09: 00000000e834b0f3
[17345307.967636] R10: ffff880003110070 R11: 0000000000000002 R12: ffff8801b1cf7a80
[17345307.967643] R13: ffff880003110000 R14: 0000000000000000 R15: 0000000000000000
[17345307.967655] FS: 00007fd6682cc740(0000) GS:ffff8801bec00000(0000) knlGS:0000000000000000
[17345307.967662] CS: e033 DS: 0000 ES: 0000 CR0: 000000008005003b
[17345307.967667] CR2: ffffc90003777a70 CR3: 00000000058f9000 CR4: 0000000000002660
[17345307.967673] Stack:
[17345307.967677] ffffffff8176ce52 0000000000000001 ffff8801b39cdc88 ffffffffa00d1013
[17345307.967686] 0000000000000000 ffff880003110000 ffff8800ca7b8000 ffffffffa00e5140
[17345307.967694] ffff8801b39cdca8 ffffffffa00c867e ffff880003110000 ffff8800ca7b8000
[17345307.967703] Call Trace:
[17345307.967712] [<ffffffff8176ce52>] ? _raw_spin_lock+0x12/0x50
[17345307.967726] [<ffffffffa00d1013>] __nf_ct_ext_destroy+0x43/0x60 [nf_conntrack]
[17345307.967736] [<ffffffffa00c867e>] nf_conntrack_free+0x2e/0x70 [nf_conntrack]
[17345307.967746] [<ffffffffa00c946e>] destroy_conntrack+0x9e/0xf0 [nf_conntrack]
[17345307.967756] [<ffffffffa00cdc40>] ? nf_conntrack_helper_fini+0x30/0x30 [nf_conntrack]
[17345307.967766] [<ffffffff81686617>] nf_conntrack_destroy+0x17/0x20
[17345307.967775] [<ffffffffa00c9358>] nf_ct_iterate_cleanup+0x78/0xb0 [nf_conntrack]
[17345307.967786] [<ffffffffa00cdd1d>] nf_ct_l3proto_pernet_unregister+0x1d/0x20 [nf_conntrack]
[17345307.967796] [<ffffffffa00e355d>] ipv4_net_exit+0x1d/0x60 [nf_conntrack_ipv4]
[17345307.967804] [<ffffffff8164b918>] ops_exit_list.isra.1+0x38/0x60
[17345307.967811] [<ffffffff8164c222>] cleanup_net+0x112/0x230
[17345307.967820] [<ffffffff81085e2f>] process_one_work+0x17f/0x4c0
[17345307.967827] [<ffffffff81086d7b>] worker_thread+0x11b/0x3d0
[1734...

Chris,

I work with Steve and was able to reproduce with the lockdep debugging, the output as follows:

[18075576.538133] BUG: unable to handle kernel paging request at ffffc900038ebac8
[18075576.538153] IP: [<ffffffffa013d1a1>] nf_nat_cleanup_conntrack+0x41/0x70 [nf_nat]
[18075576.538166] PGD 1b6428067 PUD 1b6429067 PMD 152eae067 PTE 0
[18075576.538176] Oops: 0002 [#1] SMP 
[18075576.538183] Modules linked in: xt_nat veth tcp_diag inet_diag xt_CHECKSUM iptable_mangle ipt_MASQUERADE iptable_nat nf_nat_ipv4 nf_nat bridge stp llc xt_owner isofs ipt_REJECT xt_LOG xt_limit nf_conntrack_ipv4 nf_defrag_ipv4 xt_tcpudp xt_conntrack nf_conntrack iptable_filter ip_tables x_tables dm_crypt microcode raid10 raid456 async_memcpy async_raid6_recov async_pq async_xor async_tx xor raid6_pq raid1 raid0 multipath linear
[18075576.538246] CPU: 6 PID: 6 Comm: kworker/u16:0 Not tainted 3.15.0-0-generic #1~lp1314274
[18075576.538260] Workqueue: netns cleanup_net
[18075576.538267] task: ffff8801b3a04440 ti: ffff8801b3a0a000 task.ti: ffff8801b3a0a000
[18075576.538274] RIP: e030:[<ffffffffa013d1a1>]  [<ffffffffa013d1a1>] nf_nat_cleanup_conntrack+0x41/0x70 [nf_nat]
[18075576.538285] RSP: e02b:ffff8801b3a0bc00  EFLAGS: 00010246
[18075576.538291] RAX: 0000000000000000 RBX: ffff8800eee261b0 RCX: 00000000040003fe
[18075576.538299] RDX: ffffc900038ebac8 RSI: 000000000000035c RDI: ffffffffa0141100
[18075576.538305] RBP: ffff8801b3a0bc08 R08: 0000000000000000 R09: 0000000000000000
[18075576.538312] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8800eee26100
[18075576.538319] R13: ffff8801b238c000 R14: 000000000004c2b8 R15: ffff8801b238c048
[18075576.538330] FS:  00007f3bdf8d8740(0000) GS:ffff8801bed80000(0000) knlGS:0000000000000000
[18075576.538337] CS:  e033 DS: 0000 ES: 0000 CR0: 000000008005003b
[18075576.538343] CR2: ffffc900038ebac8 CR3: 000000008c774000 CR4: 0000000000002660
[18075576.538350] Stack:
[18075576.538354]  0000000000000001 ffff8801b3a0bc38 ffffffffa00ce852 ffffffffa00ce813
[18075576.538364]  ffff8801b238c000 ffff8801b20b8000 ffff8801b238c000 ffff8801b3a0bc58
[18075576.538374]  ffffffffa00c5415 ffff8801b238c000 ffff8801b20b8000 ffff8801b3a0bc80
[18075576.538384] Call Trace:
[18075576.538399]  [<ffffffffa00ce852>] __nf_ct_ext_destroy+0x72/0xa0 [nf_conntrack]
[18075576.538413]  [<ffffffffa00ce813>] ? __nf_ct_ext_destroy+0x33/0xa0 [nf_conntrack]
[18075576.538424]  [<ffffffffa00c5415>] nf_conntrack_free+0x25/0x60 [nf_conntrack]
[18075576.538435]  [<ffffffffa00c706d>] destroy_conntrack+0xdd/0x130 [nf_conntrack]
[18075576.538447]  [<ffffffffa00c6fb7>] ? destroy_conntrack+0x27/0x130 [nf_conntrack]
[18075576.538458]  [<ffffffff8167df55>] nf_conntrack_destroy+0x45/0x70
[18075576.538466]  [<ffffffff8167df15>] ? nf_conntrack_destroy+0x5/0x70
[18075576.538477]  [<ffffffffa00cb190>] ? nf_conntrack_helper_fini+0x30/0x30 [nf_conntrack]
[18075576.538488]  [<ffffffffa00c6b53>] nf_ct_iterate_cleanup+0x203/0x230 [nf_conntrack]
[18075576.538501]  [<ffffffffa00cb32d>] nf_ct_l3proto_pernet_unregister+0x1d/0x20 [nf_conntrack]
[18075576.538512]  [<ffffffffa00b62f9>] ipv4_net_exit+0x19/0x50 [nf_conntrack_ipv4]
[18075576.538522]  [<ffffffff81642539>] ops_exit_list.isra.1+0x39/0x60
[18075576.538530]  [<ffffffff81642f28>] cleanup_net+0x108/0x1e0
[18075576.538541]  [<ffffffff810838e4>] process_one_work+0x1f4/0x510
[18075576.538548]  [<ffffffff81083882>] ? process_one_work+0x192/0x510
[18075576.538556]  [<ffffffff810845f1>] worker_thread+0x121/0x3a0
[18075576.538566]  [<ffffffff810844d0>] ? manage_workers.isra.24+0x2a0/0x2a0
[18075576.538574]  [<ffffffff8108affc>] kthread+0xfc/0x120
[18075576.538581]  [<ffffffff8108af00>] ? kthread_create_on_node+0x230/0x230
[18075576.538590]  [<ffffffff8176da7c>] ret_from_fork+0x7c/0xb0
[18075576.538596]  [<ffffffff8108af00>] ? kthread_create_on_node+0x230/0x230
[18075576.538601] Code: 0f b7 58 12 66 85 db 74 45 48 01 c3 74 40 48 83 7b 10 00 74 39 48 c7 c7 00 11 14 a0 e8 29 6e 62 e1 48 8b 03 48 8b 53 08 48 85 c0 <48> 89 02 74 04 48 89 50 08 48 b8 00 02 20 00 00 00 ad de 48 c7 
[18075576.538659] RIP  [<ffffffffa013d1a1>] nf_nat_cleanup_conntrack+0x41/0x70 [nf_nat]
[18075576.538668]  RSP <ffff8801b3a0bc00>
[18075576.538672] CR2: ffffc900038ebac8
[18075576.538682] ---[ end trace 0fff0eb21b543ad6 ]---
[18075576.538687] Kernel panic - not syncing: Fatal exception in interrupt

Revision history for this message

Chris J Arges (arges) wrote on 2014-05-07:

#9

I assume there wasn't anything else interesting in the kernel logs... this just looks similar to the existing bug.
Can you get a proper crash dump when this issue occurs?
https://wiki.ubuntu.com/Kernel/CrashdumpRecipe

Revision history for this message

Rodrigo Vaz (rodrigo-vaz) wrote on 2014-05-18:

#10

lockdep.txt Edit (84.3 KiB, text/plain)

I still wasn't able to get a kdump loaded for a crashdump on this ec2 instance although I was able to capture lockdep with the container running and when it get killed that is just before the crash happens.

Revision history for this message

Rodrigo Vaz (rodrigo-vaz) wrote on 2014-06-10:

#11

upstream workaround patch Edit (1.3 KiB, text/plain)

I still didn't had luck generating a crashdump but with small change on the patch posted on the upstream bug I can confirm the crash doesn't happen anymore, tested on ubuntu trusty kernel 3.13.0-24-generic.

Ubuntu Foundations Team Bug Bot (crichton) on 2014-06-10

tags:

added: patch

Revision history for this message

Chris J Arges (arges) wrote on 2014-06-10:

#12

Also noticed a newer patch here:
http://patchwork.ozlabs.org/patch/357147/raw/

And I see someone has already built a test package with that patch:
https://github.com/gdm85/tenku/releases/tag/v0.2.0

It may be good to verify that as well in the upstream bug.

Revision history for this message

Rodrigo Vaz (rodrigo-vaz) wrote on 2014-06-11:

#13

Chris, I've tested this patch too and it prevent the crash on our test case as well. The new patch applied clean on ubuntu kernel.

Chris J Arges (arges) on 2014-06-16

Changed in linux (Ubuntu):
assignee:	nobody → Chris J Arges (arges)

Chris J Arges (arges) on 2014-06-16

Changed in linux (Ubuntu Trusty):
assignee:	nobody → Chris J Arges (arges)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu):
status:	Confirmed → In Progress

Revision history for this message

Chris J Arges (arges) wrote on 2014-06-16:

#14

I've backported the patch to trusty and utopic. It would be swell if people can test and then I can start the SRU process.
Thanks,

http://people.canonical.com/~arges/lp1314274.trusty/
http://people.canonical.com/~arges/lp1314274.utopic/

Revision history for this message

Chris J Arges (arges) wrote on 2014-06-26:

#15

Looks like there is confirmation on the upstream bug and patch is upstream:
945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f

Revision history for this message

Chris J Arges (arges) wrote on 2014-06-26:

#16

Request for stable inclusion sent:
http://www.spinics.net/lists/netdev/msg287462.html

Chris J Arges (arges) on 2014-06-30

description:

updated

Revision history for this message

Rodrigo Vaz (rodrigo-vaz) wrote on 2014-06-30:

#17

I can confirm the test kernels are good. Couldn't reproduce the bug on our environment.

Tim Gardner (timg-tpi) on 2014-07-01

Changed in linux (Ubuntu Trusty):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Utopic):
status:	In Progress → Fix Released

Revision history for this message

Luis Henriques (henrix) wrote on 2014-07-10:

#18

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-trusty

Revision history for this message

Rodrigo Vaz (rodrigo-vaz) wrote on 2014-07-10:

#19

I verified the kernel on -proposed (3.13.0-32-generic) and could not reproduce the bug using our test case. No crashes.

Chris J Arges (arges) on 2014-07-11

tags:

added: verification-done-trusty
removed: verification-needed-trusty

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-07-16:

#20

Download full text (35.8 KiB)

This bug was fixed in the package linux - 3.13.0-32.57

---------------
linux (3.13.0-32.57) trusty; urgency=low

[ Upstream Kernel Changes ]

  * l2tp: Privilege escalation in ppp over l2tp sockets
    - LP: #1341472
    - CVE-2014-4943

linux (3.13.0-32.56) trusty; urgency=low

[ Luis Henriques ]

  * Merged back Ubuntu-3.13.0-30.55 security release
  * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
    - LP: #1337339
  * Release Tracking Bug
    - LP: #1338524

[ Upstream Kernel Changes ]

  * ptrace,x86: force IRET path after a ptrace_stop()
    - LP: #1337339
    - CVE-2014-4699
  * hpsa: add new Smart Array PCI IDs (May 2014)
    - LP: #1337516

linux (3.13.0-31.55) trusty; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
- LP: #1336278

[ Andy Whitcroft ]

  * [Config] switch hyper-keyboard to virtual
    - LP: #1325306
  * [Packaging] linux-udeb-flavour -- standardise on linux prefix

[ dann frazier ]

* [Config] CONFIG_GPIO_DWAPB=m
- LP: #1334823

[ Feng Kan ]

  * SAUCE: (no-up) arm64: dts: Add Designware GPIO dts binding to APM
    X-Gene platform
    - LP: #1334823

[ John Johansen ]

* SAUCE: (no-up) apparmor: fix apparmor spams log with warning message
- LP: #1308761

[ Kamal Mostafa ]

* [Config] updateconfigs ACPI_PROCFS_POWER=y after v3.13.11.4 rebase

[ Loc Ho ]

* SAUCE: (no-up) phy-xgene: Use correct tuning for Mustang
- LP: #1335636

[ Michael Ellerman ]

  * SAUCE: (no-up) powerpc/perf: Ensure all EBB register state is cleared
    on fork()
    - LP: #1328914

[ Ming Lei ]

* Revert "SAUCE: (no-up) rtc: Add X-Gene SoC Real Time Clock Driver"
- LP: #1274305

[ Suman Tripathi ]

  * SAUCE: (no-up) libahci: Implement the function ahci_restart_engine to
    restart the port dma engine.
    - LP: #1335645
  * SAUCE: (no-up) ata: Fix the dma state machine lockup for the IDENTIFY
    DEVICE PIO mode command.
    - LP: #1335645

[ Tim Gardner ]

  * [Config] CONFIG_POWERNV_CPUFREQ=y for powerpc, ppc64el
    - LP: #1324571
  * [Debian] Add UTS_UBUNTU_RELEASE_ABI to utsrelease.h
    - LP: #1327619
  * [Config] CONFIG_HAVE_MEMORYLESS_NODES=y
    - LP: #1332063
  * [Config] CONFIG_HID_RMI=m
    - LP: #1305522

[ Upstream Kernel Changes ]

  * Revert "offb: Add palette hack for little endian"
    - LP: #1333430
  * Revert "net: mvneta: fix usage as a module on RGMII configurations"
    - LP: #1333837
  * Revert "USB: serial: add usbid for dell wwan card to sierra.c"
    - LP: #1333837
  * Revert "macvlan : fix checksums error when we are in bridge mode"
    - LP: #1333838
  * serial: uart: add hw flow control support configuration
    - LP: #1328295
  * mm/numa: Remove BUG_ON() in __handle_mm_fault()
    - LP: #1323165
  * Tools: hv: Handle the case when the target file exists correctly
    - LP: #1306215
  * Documentation/devicetree/bindings: add documentation for the APM X-Gene
    SoC RTC DTS binding
    - LP: #1274305
  * drivers/rtc: add APM X-Gene SoC RTC driver
    - LP: #1274305
  * arm64: add APM X-Gene SoC RTC DTS entry
    - LP: #1274305
  * powerpc/perf: Add Power8 cache & TLB events
    - LP: #1328914
  * powerpc/perf: Configure BH...

This bug was fixed in the package linux - 3.13.0-32.57

---------------
linux (3.13.0-32.57) trusty; urgency=low

[ Upstream Kernel Changes ]

* l2tp: Privilege escalation in ppp over l2tp sockets
    - LP: #1341472
    - CVE-2014-4943

linux (3.13.0-32.56) trusty; urgency=low

[ Luis Henriques ]

* Merged back Ubuntu-3.13.0-30.55 security release
  * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)"
    - LP: #1337339
  * Release Tracking Bug
    - LP: #1338524

[ Upstream Kernel Changes ]

* ptrace,x86: force IRET path after a ptrace_stop()
    - LP: #1337339
    - CVE-2014-4699
  * hpsa: add new Smart Array PCI IDs (May 2014)
    - LP: #1337516

linux (3.13.0-31.55) trusty; urgency=low

[ Luis Henriques ]

* Release Tracking Bug
    - LP: #1336278

[ Andy Whitcroft ]

* [Config] switch hyper-keyboard to virtual
    - LP: #1325306
  * [Packaging] linux-udeb-flavour -- standardise on linux prefix

[ dann frazier ]

* [Config] CONFIG_GPIO_DWAPB=m
    - LP: #1334823

[ Feng Kan ]

* SAUCE: (no-up) arm64: dts: Add Designware GPIO dts binding to APM
    X-Gene platform
    - LP: #1334823

[ John Johansen ]

* SAUCE: (no-up) apparmor: fix apparmor spams log with warning message
    - LP: #1308761

[ Kamal Mostafa ]

* [Config] updateconfigs ACPI_PROCFS_POWER=y after v3.13.11.4 rebase

[ Loc Ho ]

* SAUCE: (no-up) phy-xgene: Use correct tuning for Mustang
    - LP: #1335636

[ Michael Ellerman ]

* SAUCE: (no-up) powerpc/perf: Ensure all EBB register state is cleared
    on fork()
    - LP: #1328914

[ Ming Lei ]

* Revert "SAUCE: (no-up) rtc: Add X-Gene SoC Real Time Clock Driver"
    - LP: #1274305

[ Suman Tripathi ]

* SAUCE: (no-up) libahci: Implement the function ahci_restart_engine to
    restart the port dma engine.
    - LP: #1335645
  * SAUCE: (no-up) ata: Fix the dma state machine lockup for the IDENTIFY
    DEVICE PIO mode command.
    - LP: #1335645

[ Tim Gardner ]

* [Config] CONFIG_POWERNV_CPUFREQ=y for powerpc, ppc64el
    - LP: #1324571
  * [Debian] Add UTS_UBUNTU_RELEASE_ABI to utsrelease.h
    - LP: #1327619
  * [Config] CONFIG_HAVE_MEMORYLESS_NODES=y
    - LP: #1332063
  * [Config] CONFIG_HID_RMI=m
    - LP: #1305522

[ Upstream Kernel Changes ]

* Revert "offb: Add palette hack for little endian"
    - LP: #1333430
  * Revert "net: mvneta: fix usage as a module on RGMII configurations"
    - LP: #1333837
  * Revert "USB: serial: add usbid for dell wwan card to sierra.c"
    - LP: #1333837
  * Revert "macvlan : fix checksums error when we are in bridge mode"
    - LP: #1333838
  * serial: uart: add hw flow control support configuration
    - LP: #1328295
  * mm/numa: Remove BUG_ON() in __handle_mm_fault()
    - LP: #1323165
  * Tools: hv: Handle the case when the target file exists correctly
    - LP: #1306215
  * Documentation/devicetree/bindings: add documentation for the APM X-Gene
    SoC RTC DTS binding
    - LP: #1274305
  * drivers/rtc: add APM X-Gene SoC RTC driver
    - LP: #1274305
  * arm64: add APM X-Gene SoC RTC DTS entry
    - LP: #1274305
  * powerpc/perf: Add Power8 cache & TLB events
    - LP: #1328914
  * powerpc/perf: Configure BHRB filter before enabling PMU interrupts
    - LP: #1328914
  * powerpc/perf: Define perf_event_print_debug() to print PMU register
    values
    - LP: #1328914
  * powerpc: Add a cpu feature CPU_FTR_PMAO_BUG
    - LP: #1328914
  * powerpc/perf: Add lost exception workaround
    - LP: #1328914
  * powerpc/perf: Reject EBB events which specify a sample_type
    - LP: #1328914
  * powerpc/perf: Clean up the EBB hash defines a little
    - LP: #1328914
  * powerpc/perf: Avoid mutating event in power8_get_constraint()
    - LP: #1328914
  * powerpc/perf: Add BHRB constraint and IFM MMCRA handling for EBB
    - LP: #1328914
  * powerpc/perf: Enable BHRB access for EBB events
    - LP: #1328914
  * powerpc/perf: Fix handling of L3 events with bank == 1
    - LP: #1328914
  * Bluetooth: Add support for Intel Bluetooth device [8087:0a2a]
    - LP: #1329184
  * iwlwifi: mvm: disable beacon filtering
    - LP: #1293569
  * SUNRPC: Ensure that call_connect times out correctly
    - LP: #1322407
  * SUNRPC: Ensure call_connect_status() deals correctly with SOFTCONN
    tasks
    - LP: #1322407
  * bitops: Fix signedness of compile-time hweight implementations
    - LP: #1321791
  * cpumask.h: silence warning with -Wsign-compare
    - LP: #1321791
  * fbdev/fb.h: silence warning with -Wsign-compare
    - LP: #1321791
  * rtlwifi: make MSI support a module parameter
    - LP: #1296591
  * rtlwifi: rtl8188ee: add msi module parameter
    - LP: #1296591
  * rtlwifi: rtl8723be: add msi module parameter
    - LP: #1296591
  * net: avoid dependency of net_get_random_once on nop patching
    - LP: #1330671
  * x86-64, modify_ldt: Make support for 16-bit segments a runtime option
    - LP: #1328965
  * ALSA: usb-audio: Prevent printk ratelimiting from spamming kernel log
    while DEBUG not defined
    - LP: #1319457
  * btrfs: fix defrag 32-bit integer overflow
    - LP: #1324953
  * dell-laptop: Only install the i8042 filter when rfkill is active
    - LP: #1289238
  * kthread: ensure locality of task_struct allocations
    - LP: #1332063
  * slub: search partial list on numa_mem_id(), instead of numa_node_id()
    - LP: #1332063
  * powerpc/numa: Enable USE_PERCPU_NUMA_NODE_ID
    - LP: #1332063
  * powerpc/numa: Enable CONFIG_HAVE_MEMORYLESS_NODES
    - LP: #1332063
  * drm/i915: Allow user modes to exceed DVI 165MHz limit
    - LP: #1332220
  * HID: rmi: introduce RMI driver for Synaptics touchpads
    - LP: #1305522
  * HID: rmi: do not stop the device at the end of probe
    - LP: #1305522
  * HID: rmi: check for the existence of some optional queries before
    reading query 12
    - LP: #1305522
  * HID: rmi: do not fetch more than 16 bytes in a query
    - LP: #1305522
  * HID: rmi: fix wrong struct field name
    - LP: #1305522
  * HID: rmi: fix masks for x and w_x data
    - LP: #1305522
  * HID: rmi: do not handle touchscreens through hid-rmi
    - LP: #1305522
  * ipv6: Fix regression caused by efe4208 in udp_v6_mcast_next()
    - LP: #1332420
  * HID: core: do not scan constant input report
    - LP: #1333837
  * drm/radeon: fix audio pin counts for DCE6+ (v2)
    - LP: #1333837
  * mac80211: fix software remain-on-channel implementation
    - LP: #1333837
  * mac80211: exclude AP_VLAN interfaces from tx power calculation
    - LP: #1333837
  * iwlwifi: add new 7265 HW IDs
    - LP: #1333837
  * parisc: fix epoll_pwait syscall on compat kernel
    - LP: #1333837
  * iwlwifi: add MODULE_FIRMWARE for 7265
    - LP: #1333837
  * dma: edma: fix incorrect SG list handling
    - LP: #1333837
  * ALSA: hda/realtek - Add support of ALC288 codec
    - LP: #1333837
  * xen/spinlock: Don't enable them unconditionally.
    - LP: #1333837
  * tick-common: Fix wrong check in tick_check_replacement()
    - LP: #1333837
  * tick-sched: Check tick_nohz_enabled in tick_nohz_switch_to_nohz()
    - LP: #1333837
  * ALSA: hda - add headset mic detect quirk for a Dell laptop
    - LP: #1297581, #1333837
  * ALSA: hda/realtek - Add headset Mic support for Dell machine
    - LP: #1333837
  * staging: r8188eu: Calling rtw_get_stainfo() with a NULL sta_addr will
    return NULL
    - LP: #1333837
  * cifs: Wait for writebacks to complete before attempting write.
    - LP: #1333837
  * mlx4_en: don't use napi_synchronize inside mlx4_en_netpoll
    - LP: #1333837
  * mei: ignore client writing state during cb completion
    - LP: #1333837
  * staging: r8712u: Fix case where ethtype was never obtained and always
    be checked against 0
    - LP: #1333837
  * staging: r8188eu: Fix case where ethtype was never obtained and always
    be checked against 0
    - LP: #1333837
  * USB: serial: ftdi_sio: add id for Brainboxes serial cards
    - LP: #1333837
  * usb: option driver, add support for Telit UE910v2
    - LP: #1333837
  * USB: cp210x: Add 8281 (Nanotec Plug & Drive)
    - LP: #1333837
  * USB: pl2303: add ids for Hewlett-Packard HP POS pole displays
    - LP: #1333837
  * USB: usb_wwan: fix handling of missing bulk endpoints
    - LP: #1333837
  * USB: fix crash during hotplug of PCI USB controller card
    - LP: #1333837
  * USB: cdc-acm: Remove Motorola/Telit H24 serial interfaces from ACM
    driver
    - LP: #1333837
  * Drivers: hv: vmbus: Negotiate version 3.0 when running on ws2012r2
    hosts
    - LP: #1333837
  * serial: omap: Fix missing pm_runtime_resume handling by simplifying
    code
    - LP: #1333837
  * drm/radeon: disable mclk dpm on R7 260X
    - LP: #1333837
  * drm/radeon: fix runpm handling on APUs (v4)
    - LP: #1333837
  * drm/radeon: add support for newer mc ucode on SI (v2)
    - LP: #1333837
  * drm/radeon: add support for newer mc ucode on CI (v2)
    - LP: #1333837
  * drm/radeon: re-enable mclk dpm on R7 260X asics
    - LP: #1333837
  * drm/radeon: memory leak on bo reservation failure. v2
    - LP: #1333837
  * drm/radeon/si: make sure mc ucode is loaded before checking the size
    - LP: #1333837
  * drm/radeon/ci: make sure mc ucode is loaded before checking the size
    - LP: #1333837
  * init/Kconfig: move the trusted keyring config option to general setup
    - LP: #1333837
  * mm/hugetlb.c: add cond_resched_lock() in return_unused_surplus_pages()
    - LP: #1333837
  * thp: close race between split and zap huge pages
    - LP: #1333837
  * coredump: fix va_list corruption
    - LP: #1333837
  * powerpc/tm: Disable IRQ in tm_recheckpoint
    - LP: #1333837
  * ACPI / EC: Process rather than discard events in acpi_ec_clear
    - LP: #1333837
  * ath9k: Fix sequence number assignment for non-data frames
    - LP: #1333837
  * xhci: Switch Intel Lynx Point ports to EHCI on shutdown.
    - LP: #1333837
  * iio: adc: at91_adc: Repair broken platform_data support
    - LP: #1333837
  * iio: querying buffer scan_mask should return 0/1
    - LP: #1333837
  * iio: cm36651: Fix i2c client leak and possible NULL pointer dereference
    - LP: #1333837
  * libata: Update queued trim blacklist for M5x0 drives
    - LP: #1333837
  * pata_at91: fix ata_host_activate() failure handling
    - LP: #1333837
  * ext4: avoid possible overflow in ext4_map_blocks()
    - LP: #1333837
  * ext4: FIBMAP ioctl causes BUG_ON due to handle EXT_MAX_BLOCKS
    - LP: #1333837
  * ext4: note the error in ext4_end_bio()
    - LP: #1333837
  * ext4: fix jbd2 warning under heavy xattr load
    - LP: #1333837
  * ext4: move ext4_update_i_disksize() into mpage_map_and_submit_extent()
    - LP: #1333837
  * ext4: use i_size_read in ext4_unaligned_aio()
    - LP: #1333837
  * locks: allow __break_lease to sleep even when break_time is 0
    - LP: #1333837
  * usb: gadget: zero: Fix SuperSpeed enumeration for alternate setting 1
    - LP: #1333837
  * ahci: do not request irq for dummy port
    - LP: #1333837
  * genirq: Allow forcing cpu affinity of interrupts
    - LP: #1333837
  * irqchip: Gic: Support forced affinity setting
    - LP: #1333837
  * clocksource: Exynos_mct: Use irq_force_affinity() in cpu bringup
    - LP: #1333837
  * clocksource: Exynos_mct: Register clock event after request_irq()
    - LP: #1333837
  * nfsd: set timeparms.to_maxval in setup_callback_client
    - LP: #1333837
  * ahci: Do not receive interrupts sent by dummy ports
    - LP: #1333837
  * libata/ahci: accommodate tag ordered controllers
    - LP: #1333837
  * drm/radeon: disable dpm on rv770 by default
    - LP: #1333837
  * Input: synaptics - add min/max quirk for ThinkPad T431s, L440, L540, S1
    Yoga and X1
    - LP: #1333837
  * drm/radeon: fix count in cik_sdma_ring_test()
    - LP: #1333837
  * drm/radeon: properly unregister hwmon interface (v2)
    - LP: #1333837
  * drm/radeon/pm: don't walk the crtc list before it has been initialized
    (v2)
    - LP: #1333837
  * drm/radeon: fix ATPX detection on non-VGA GPUs
    - LP: #1333837
  * drm/radeon: don't allow runpm=1 on systems with out ATPX
    - LP: #1333837
  * mm: make fixup_user_fault() check the vma access rights too
    - LP: #1333837
  * ARM: 8027/1: fix do_div() bug in big-endian systems
    - LP: #1333837
  * ARM: 8030/1: ARM : kdump : add arch_crash_save_vmcoreinfo
    - LP: #1333837
  * ARM: pxa: hx4700.h: include "irqs.h" for PXA_NR_BUILTIN_GPIO
    - LP: #1333837
  * ARM: tegra: remove UART5/UARTE from tegra124.dtsi
    - LP: #1333837
  * USB: serial: fix sysfs-attribute removal deadlock
    - LP: #1333837
  * 8250_core: Fix unwanted TX chars write
    - LP: #1333837
  * serial: 8250: Fix thread unsafe __dma_tx_complete function
    - LP: #1333837
  * Btrfs: fix inode caching vs tree log
    - LP: #1333837
  * xhci: For streams the css flag most be read from the stream-ctx on ep
    stop
    - LP: #1333837
  * usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb
    - LP: #1333837
  * USB: io_ti: fix firmware download on big-endian machines
    - LP: #1333837
  * usb: qcserial: add Sierra Wireless EM7355
    - LP: #1333837
  * usb: qcserial: add Sierra Wireless MC73xx
    - LP: #1333837
  * usb: qcserial: add Sierra Wireless MC7305/MC7355
    - LP: #1333837
  * usb: option: add Olivetti Olicard 500
    - LP: #1333837
  * usb: option: add Alcatel L800MA
    - LP: #1333837
  * usb: option: add and update a number of CMOTech devices
    - LP: #1333837
  * word-at-a-time: avoid undefined behaviour in zero_bytemask macro
    - LP: #1333837
  * s390/chsc: fix SEI usage on old FW levels
    - LP: #1333837
  * irqchip: armada-370-xp: fix invalid cast of signed value into unsigned
    variable
    - LP: #1333837
  * irqchip: armada-370-xp: implement the ->check_device() msi_chip
    operation
    - LP: #1333837
  * irqchip: armada-370-xp: Fix releasing of MSIs
    - LP: #1333837
  * ASoC: dapm: Fix widget double free with auto-disable DAPM kcontrol
    - LP: #1333837
  * drm/i915: Don't check gmch state on inherited configs
    - LP: #1333837
  * drm/vmwgfx: Make sure user-space can't DMA across buffer object
    boundaries v2
    - LP: #1333837
  * of/irq: do irq resolution in platform_get_irq
    - LP: #1333837
  * s390/bpf,jit: initialize A register if 1st insn is BPF_S_LDX_B_MSH
    - LP: #1333837
  * drm/i915: Don't WARN nor handle unexpected hpd interrupts on gmch
    platforms
    - LP: #1333837
  * module: remove warning about waiting module removal.
    - LP: #1333837
  * ALSA: hda - add headset mic detect quirk for a Dell laptop
    - LP: #1297581, #1333837
  * arm: KVM: fix possible misalignment of PGDs and bounce page
    - LP: #1333837
  * KVM: ARM: vgic: Fix sgi dispatch problem
    - LP: #1333837
  * KVM: async_pf: mm->mm_users can not pin apf->mm
    - LP: #1333837
  * ftrace/module: Hardcode ftrace_module_init() call into load_module()
    - LP: #1333837
  * [SCSI] mpt2sas: Don't disable device twice at suspend.
    - LP: #1333837
  * [SCSI] virtio-scsi: Skip setting affinity on uninitialized vq
    - LP: #1333837
  * drivercore: deferral race condition fix
    - LP: #1333837
  * hrtimer: Prevent all reprogramming if hang detected
    - LP: #1333837
  * hrtimer: Prevent remote enqueue of leftmost timers
    - LP: #1333837
  * timer: Prevent overflow in apply_slack
    - LP: #1333837
  * ARC: !PREEMPT: Ensure Return to kernel mode is IRQ safe
    - LP: #1333837
  * aio: fix potential leak in aio_run_iocb().
    - LP: #1333837
  * dm cache: fix writethrough mode quiescing in cache_map
    - LP: #1333837
  * fix races between __d_instantiate() and checks of dentry flags
    - LP: #1333837
  * net: Fix ns_capable check in sock_diag_put_filterinfo
    - LP: #1333837
  * rt2x00: fix beaconing on USB
    - LP: #1333837
  * rtlwifi: rtl8188ee: initialize packet_beacon
    - LP: #1333837
  * Input: synaptics - add min/max quirk for ThinkPad Edge E431
    - LP: #1333837
  * Input: atkbd - fix keyboard not working on some LG laptops
    - LP: #1333837
  * Bluetooth: Fix triggering BR/EDR L2CAP Connect too early
    - LP: #1333837
  * drm/i915: Break encoder->crtc link separately in intel_sanitize_crtc()
    - LP: #1333837
  * iio:imu:mpu6050: Fixed segfault in Invensens MPU driver due to null
    dereference
    - LP: #1333837
  * ALSA: hda - add headset mic detect quirk for a Dell laptop
    - LP: #1297581, #1333837
  * rtlwifi: rtl8192se: Fix regression due to commit 1bf4bbb
    - LP: #1333837
  * rtl8192cu: Fix unbalanced irq enable in error path of rtl92cu_hw_init()
    - LP: #1333837
  * drm/radeon/uvd: use lower clocks on old UVD to boot v2
    - LP: #1333837
  * drm/radeon: use pflip irq on R600+ v2
    - LP: #1333837
  * drm/radeon: check buffer relocation offset
    - LP: #1333837
  * drm/nouveau/acpi: allow non-optimus setups to load vbios from acpi
    - LP: #1333837
  * drm/nouveau: fix another lock unbalance in nouveau_crtc_page_flip
    - LP: #1333837
  * ALSA: usb-audio: work around corrupted TEAC UD-H01 feedback data
    - LP: #1333837
  * USB: OHCI: fix problem with global suspend on ATI controllers
    - LP: #1333837
  * usb: qcserial: add a number of Dell devices
    - LP: #1333837
  * usb: storage: shuttle_usbat: fix discs being detected twice
    - LP: #1333837
  * fsl-usb: do not test for PHY_CLK_VALID bit on controller version 1.6
    - LP: #1333837
  * tty: serial: 8250_core.c Bug fix for Exar chips.
    - LP: #1333837
  * drivers/tty/hvc: don't free hvc_console_setup after init
    - LP: #1333837
  * tty: Fix lockless tty buffer race
    - LP: #1333837
  * USB: Nokia 305 should be treated as unusual dev
    - LP: #1333837
  * USB: Nokia 5300 should be treated as unusual dev
    - LP: #1333837
  * HID: add NO_INIT_REPORTS quirk for Synaptics Touch Pad V 103S
    - LP: #1333837
  * ALSA: hda - hdmi: Set converter channel count even without sink
    - LP: #1333837
  * Input: elantech - fix touchpad initialization on Gigabyte U2442
    - LP: #1333837
  * posix_acl: handle NULL ACL in posix_acl_equiv_mode
    - LP: #1333837
  * mm/page-writeback.c: fix divide by zero in pos_ratio_polynom
    - LP: #1333837
  * mm: compaction: detect when scanners meet in isolate_freepages
    - LP: #1333837
  * mm/compaction: make isolate_freepages start at pageblock boundary
    - LP: #1333837
  * autofs: fix lockref lookup
    - LP: #1333837
  * libata: Blacklist queued trim for Crucial M500
    - LP: #1333837
  * Linux 3.13.11.3
    - LP: #1333837
  * net: sctp: wake up all assocs if sndbuf policy is per socket
    - LP: #1333838
  * net: sctp: test if association is dead in sctp_wake_up_waiters
    - LP: #1333838
  * l2tp: take PMTU from tunnel UDP socket
    - LP: #1333838
  * net: core: don't account for udp header size when computing seglen
    - LP: #1333838
  * bonding: Remove debug_fs files when module init fails
    - LP: #1333838
  * bridge: Fix double free and memory leak around br_allowed_ingress
    - LP: #1333838
  * ipv6: Limit mtu to 65575 bytes
    - LP: #1333838
  * gre: don't allow to add the same tunnel twice
    - LP: #1333838
  * vti: don't allow to add the same tunnel twice
    - LP: #1333838
  * ipv4: return valid RTA_IIF on ip route get
    - LP: #1333838
  * filter: prevent nla extensions to peek beyond the end of the message
    - LP: #1333838
  * ip6_gre: don't allow to remove the fb_tunnel_dev
    - LP: #1333838
  * vlan: Fix lockdep warning when vlan dev handle notification
    - LP: #1333838
  * net: Find the nesting level of a given device by type.
    - LP: #1333838
  * net: Allow for more then a single subclass for netif_addr_lock
    - LP: #1333838
  * vlan: Fix lockdep warning with stacked vlan devices.
    - LP: #1333838
  * macvlan: Fix lockdep warnings with stacked macvlan devices
    - LP: #1333838
  * tg3: update rx_jumbo_pending ring param only when jumbo frames are
    enabled
    - LP: #1333838
  * net: sctp: cache auth_enable per endpoint
    - LP: #1333838
  * rtnetlink: Warn when interface's information won't fit in our packet
    - LP: #1333838
  * rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF
    is set
    - LP: #1333838
  * ipv6: fib: fix fib dump restart
    - LP: #1333838
  * bridge: Handle IFLA_ADDRESS correctly when creating bridge device
    - LP: #1333838
  * sctp: reset flowi4_oif parameter on route lookup
    - LP: #1333838
  * net: qmi_wwan: add Sierra Wireless EM7355
    - LP: #1333838
  * net: qmi_wwan: add Sierra Wireless MC73xx
    - LP: #1333838
  * net: qmi_wwan: add Sierra Wireless MC7305/MC7355
    - LP: #1333838
  * net: qmi_wwan: add Olivetti Olicard 500
    - LP: #1333838
  * net: qmi_wwan: add Alcatel L800MA
    - LP: #1333838
  * net: qmi_wwan: add a number of CMOTech devices
    - LP: #1333838
  * net: qmi_wwan: add a number of Dell devices
    - LP: #1333838
  * slip: fix spinlock variant
    - LP: #1333838
  * net: sctp: Potentially-Failed state should not be reached from
    unconfirmed state
    - LP: #1333838
  * net: sctp: Don't transition to PF state when transport has exhausted
    'Path.Max.Retrans'.
    - LP: #1333838
  * mactap: Fix checksum errors for non-gso packets in bridge mode
    - LP: #1333838
  * tcp_cubic: fix the range of delayed_ack
    - LP: #1333838
  * vsock: Make transport the proto owner
    - LP: #1333838
  * net: cdc_ncm: fix buffer overflow
    - LP: #1333838
  * ip_tunnel: Set network header properly for IP_ECN_decapsulate()
    - LP: #1333838
  * net: cdc_mbim: __vlan_find_dev_deep need rcu_read_lock
    - LP: #1333838
  * net: ipv4: ip_forward: fix inverted local_df test
    - LP: #1333838
  * net: ipv6: send pkttoobig immediately if orig frag size > mtu
    - LP: #1333838
  * ipv4: fib_semantics: increment fib_info_cnt after fib_info allocation
    - LP: #1333838
  * net: cdc_mbim: handle unaccelerated VLAN tagged frames
    - LP: #1333838
  * macvlan: Don't propagate IFF_ALLMULTI changes on down interfaces.
    - LP: #1333838
  * sfc: fix calling of free_irq with already free vector
    - LP: #1333838
  * ip6_tunnel: fix potential NULL pointer dereference
    - LP: #1333838
  * net: filter: x86: fix JIT address randomization
    - LP: #1333838
  * net: filter: s390: fix JIT address randomization
    - LP: #1333838
  * ipv6: fix calculation of option len in ip6_append_data
    - LP: #1333838
  * rtnetlink: wait for unregistering devices in rtnl_link_unregister()
    - LP: #1333838
  * net: gro: make sure skb->cb[] initial content has not to be zero
    - LP: #1333838
  * batman-adv: fix reference counting imbalance while sending fragment
    - LP: #1333838
  * batman-adv: increase orig refcount when storing ref in gw_node
    - LP: #1333838
  * batman-adv: fix local TT check for outgoing arp requests in DAT
    - LP: #1333838
  * ip_tunnel: Initialize the fallback device properly
    - LP: #1333838
  * ipv4: initialise the itag variable in __mkroute_input
    - LP: #1333838
  * net-gro: reset skb->truesize in napi_reuse_skb()
    - LP: #1333838
  * netfilter: ipv4: defrag: set local_df flag on defragmented skb
    - LP: #1333838
  * ima: introduce ima_kernel_read()
    - LP: #1333838
  * ima: audit log files opened with O_DIRECT flag
    - LP: #1333838
  * percpu: make pcpu_alloc_chunk() use pcpu_mem_free() instead of kfree()
    - LP: #1333838
  * workqueue: fix bugs in wq_update_unbound_numa() failure path
    - LP: #1333838
  * [media] fc2580: fix tuning failure on 32-bit arch
    - LP: #1333838
  * memory: mvebu-devbus: fix the conversion of the bus width
    - LP: #1333838
  * ARM: orion5x: fix target ID for crypto SRAM window
    - LP: #1333838
  * workqueue: make rescuer_thread() empty wq->maydays list before exiting
    - LP: #1333838
  * workqueue: fix a possible race condition between rescuer and
    pwq-release
    - LP: #1333838
  * spi: core: Ignore unsupported Dual/Quad Transfer Mode bits
    - LP: #1333838
  * device_cgroup: rework device access check and exception checking
    - LP: #1333838
  * PCI: mvebu: fix off-by-one in the computed size of the mbus windows
    - LP: #1333838
  * bus: mvebu-mbus: allow several windows with the same target/attribute
    - LP: #1333838
  * PCI: mvebu: split PCIe BARs into multiple MBus windows when needed
    - LP: #1333838
  * ARM: mvebu: fix NOR bus-width in Armada XP GP Device Tree
    - LP: #1333838
  * ARM: mvebu: fix NOR bus-width in Armada XP DB Device Tree
    - LP: #1333838
  * ARM: mvebu: fix NOR bus-width in Armada XP OpenBlocks AX3 Device Tree
    - LP: #1333838
  * crypto: caam - add allocation failure handling in SPRINTFCAT macro
    - LP: #1333838
  * ARM: common: edma: Fix xbar mapping
    - LP: #1333838
  * clk: Fix double free due to devm_clk_register()
    - LP: #1333838
  * [media] media-device: fix infoleak in ioctl media_enum_entities()
    - LP: #1333838
  * ARM: dts: kirkwood: fix mislocated pcie-controller nodes
    - LP: #1333838
  * device_cgroup: check if exception removal is allowed
    - LP: #1333838
  * md: avoid possible spinning md thread at shutdown.
    - LP: #1333838
  * ACPI: Remove Kconfig symbol ACPI_PROCFS
    - LP: #1333838
  * ACPI: Revert "ACPI: Remove CONFIG_ACPI_PROCFS_POWER and cm_sbsc.c"
    - LP: #1333838
  * ACPI: Revert "ACPI / Battery: Remove battery's proc directory"
    - LP: #1333838
  * NFSd: Move default initialisers from create_client() to alloc_client()
    - LP: #1333838
  * NFSd: call rpc_destroy_wait_queue() from free_client()
    - LP: #1333838
  * genirq: Provide irq_force_affinity fallback for non-SMP
    - LP: #1333838
  * libata: clean up ZPODD when a port is detached
    - LP: #1333838
  * ACPI / blacklist: Add dmi_enable_osi_linux quirk for Asus EEE PC 1015PX
    - LP: #1333838
  * ACPI: Revert "ACPI / AC: convert ACPI ac driver to platform bus"
    - LP: #1333838
  * ACPI / processor: do not mark present at boot but not onlined CPU as
    onlined
    - LP: #1333838
  * NFSD: Call ->set_acl with a NULL ACL structure if no entries
    - LP: #1333838
  * ALSA: hda - add headset mic detect quirks for three Dell laptops
    - LP: #1297581, #1333838
  * gpio: mcp23s08: Bug fix of SPI device tree registration.
    - LP: #1333838
  * drm/i915/vlv: reset VLV media force wake request register
    - LP: #1333838
  * ARM: dts: i.MX53: Fix ipu register space size
    - LP: #1333838
  * mm, thp: close race between mremap() and split_huge_page()
    - LP: #1333838
  * intel_pstate: Set turbo VID for BayTrail
    - LP: #1333838
  * powerpc/powernv: Reset root port in firmware
    - LP: #1333838
  * hrtimer: Set expiry time before switch_hrtimer_base()
    - LP: #1333838
  * hwmon: (emc1403) fix inverted store_hyst()
    - LP: #1333838
  * hwmon: (emc1403) Fix resource leak on module unload
    - LP: #1333838
  * hwmon: (emc1403) Support full range of known chip revision numbers
    - LP: #1333838
  * iommu/amd: Fix interrupt remapping for aliased devices
    - LP: #1333838
  * ASoC: wm8962: Update register CLASS_D_CONTROL_1 to be non-volatile
    - LP: #1333838
  * [media] V4L2: ov7670: fix a wrong index, potentially Oopsing the kernel
    from user-space
    - LP: #1333838
  * [media] V4L2: fix VIDIOC_CREATE_BUFS in 64- / 32-bit compatibility mode
    - LP: #1333838
  * x86, mm, hugetlb: Add missing TLB page invalidation for hugetlb_cow()
    - LP: #1333838
  * i2c: designware: Mask all interrupts during i2c controller enable
    - LP: #1333838
  * i2c: s3c2410: resume race fix
    - LP: #1333838
  * i2c: rcar: bail out on zero length transfers
    - LP: #1333838
  * dm crypt: fix cpu hotplug crash by removing per-cpu structure
    - LP: #1333838
  * metag: fix memory barriers
    - LP: #1333838
  * metag: Reduce maximum stack size to 256MB
    - LP: #1333838
  * drm/i915: restore backlight precision when converting from ACPI
    - LP: #1333838
  * drm/i915: Increase WM memory latency values on SNB
    - LP: #1333838
  * PCI: shpchp: Check bridge's secondary (not primary) bus speed
    - LP: #1333838
  * parisc: ratelimit userspace segfault printing
    - LP: #1333838
  * parisc: Improve LWS-CAS performance
    - LP: #1333838
  * Target/iser: Fix wrong connection requests list addition
    - LP: #1333838
  * Target/iser: Fix iscsit_accept_np and rdma_cm racy flow
    - LP: #1333838
  * iscsi-target: Change BUG_ON to REJECT in iscsit_process_nop_out
    - LP: #1333838
  * tcm_fc: Fix free-after-use regression in ft_free_cmd
    - LP: #1333838
  * target: Don't allow setting WC emulation if device doesn't support
    - LP: #1333838
  * arm: dts: Fix missing device_type="memory" for ste-ccu8540
    - LP: #1333838
  * mips: dts: Fix missing device_type="memory" property in memory nodes
    - LP: #1333838
  * arm64: fix pud_huge() for 2-level pagetables
    - LP: #1333838
  * libceph: fix corruption when using page_count 0 page in rbd
    - LP: #1333838
  * clk: tegra: use pll_ref as the pll_e parent
    - LP: #1333838
  * clk: tegra: Fix wrong value written to PLLE_AUX
    - LP: #1333838
  * target: fix memory leak on XCOPY
    - LP: #1333838
  * sysfs: make sure read buffer is zeroed
    - LP: #1333838
  * cfg80211: free sme on connection failures
    - LP: #1333838
  * sched: Sanitize irq accounting madness
    - LP: #1333838
  * sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO in cpupri check
    - LP: #1333838
  * mac80211: fix suspend vs. association race
    - LP: #1333838
  * mac80211: fix on-channel remain-on-channel
    - LP: #1333838
  * af_iucv: wrong mapping of sent and confirmed skbs
    - LP: #1333838
  * perf: Limit perf_event_attr::sample_period to 63 bits
    - LP: #1333838
  * perf: Prevent false warning in perf_swevent_add
    - LP: #1333838
  * drm/gf119-/disp: fix nasty bug which can clobber SOR0's clock setup
    - LP: #1333838
  * drm/radeon: also try GART for CPU accessed buffers
    - LP: #1333838
  * drm/radeon: handle non-VGA class pci devices with ATRM
    - LP: #1333838
  * drm/radeon: fix register typo on si
    - LP: #1333838
  * drm/radeon: avoid segfault on device open when accel is not working.
    - LP: #1333838
  * drm/radeon/pm: don't allow debugfs/sysfs access when PX card is off
    (v2)
    - LP: #1333838
  * can: peak_pci: prevent use after free at netdev removal
    - LP: #1333838
  * nfsd4: remove lockowner when removing lock stateid
    - LP: #1333838
  * nfsd4: warn on finding lockowner without stateid's
    - LP: #1333838
  * dma: mv_xor: Flush descriptors before activating a channel
    - LP: #1333838
  * dmaengine: fix dmaengine_unmap failure
    - LP: #1333838
  * hwpoison, hugetlb: lock_page/unlock_page does not match for handling a
    free hugepage
    - LP: #1333838
  * mm/memory-failure.c: fix memory leak by race between poison and
    unpoison
    - LP: #1333838
  * ARM: OMAP3: clock: Back-propagate rate change from cam_mclk to dpll4_m5
    on all OMAP3 platforms
    - LP: #1333838
  * dmaengine: dw: went back to plain {request,free}_irq() calls
    - LP: #1333838
  * ARM: omap5: hwmod_data: Correct IDLEMODE for McPDM
    - LP: #1333838
  * Input: synaptics - add min/max quirk for the ThinkPad W540
    - LP: #1333838
  * ARM: OMAP2+: nand: Fix NAND on OMAP2 and OMAP3 boards
    - LP: #1333838
  * futex: Add another early deadlock detection check
    - LP: #1333838
  * futex: Prevent attaching to kernel threads
    - LP: #1333838
  * ARM: OMAP4: Fix the boot regression with CPU_IDLE enabled
    - LP: #1333838
  * cpufreq: remove race while accessing cur_policy
    - LP: #1333838
  * cpufreq: cpu0: drop wrong devm usage
    - LP: #1333838
  * ARM: imx: fix error handling in ipu device registration
    - LP: #1333838
  * ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets
    - LP: #1333838
  * ARM: 8051/1: put_user: fix possible data corruption in put_user
    - LP: #1333838
  * ARM: 8064/1: fix v7-M signal return
    - LP: #1333838
  * Input: synaptics - T540p - unify with other LEN0034 models
    - LP: #1333838
  * drm/i915: Only copy back the modified fields to userspace from
    execbuffer
    - LP: #1333838
  * dm cache: always split discards on cache block boundaries
    - LP: #1333838
  * virtio_blk: don't crash, report error if virtqueue is broken.
    - LP: #1333838
  * virtio_blk: fix race between start and stop queue
    - LP: #1333838
  * powerpc: Fix 64 bit builds with binutils 2.24
    - LP: #1333838
  * powerpc, kexec: Fix "Processor X is stuck" issue during kexec from ST
    mode
    - LP: #1333838
  * rtmutex: Fix deadlock detector for real
    - LP: #1333838
  * drm/radeon: avoid crash if VM command submission isn't available
    - LP: #1333838
  * drm/radeon: don't allow RADEON_GEM_DOMAIN_CPU for command submission
    - LP: #1333838
  * iwlwifi: mvm: fix setting channel in monitor mode
    - LP: #1333838
  * Staging: speakup: Move pasting into a work item
    - LP: #1333838
  * USB: Avoid runtime suspend loops for HCDs that can't handle
    suspend/resume
    - LP: #1333838
  * can: only rename enabled led triggers when changing the netdev name
    - LP: #1333838
  * USB: io_ti: fix firmware download on big-endian machines (part 2)
    - LP: #1333838
  * USB: ftdi_sio: add NovaTech OrionLXm product ID
    - LP: #1333838
  * USB: serial: option: add support for Novatel E371 PCIe card
    - LP: #1333838
  * USB: cdc-wdm: properly include types.h
    - LP: #1333838
  * md: always set MD_RECOVERY_INTR when aborting a reshape or other
    "resync".
    - LP: #1333838
  * xhci: delete endpoints from bandwidth list before freeing whole device
    - LP: #1333838
  * md: always set MD_RECOVERY_INTR when interrupting a reshape thread.
    - LP: #1333838
  * ALSA: hda/analog - Fix silent output on ASUS A8JN
    - LP: #1333838
  * drm/radeon/dpm: resume fixes for some systems
    - LP: #1333838
  * drm/radeon: use the CP DMA on CIK
    - LP: #1333838
  * ALSA: hda/realtek - Correction of fixup codes for PB V7900 laptop
    - LP: #1333838
  * ALSA: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup
    - LP: #1333838
  * iser-target: Add missing target_put_sess_cmd for ImmedateData failure
    - LP: #1333838
  * iscsi-target: Fix wrong buffer / buffer overrun in
    iscsi_change_param_value()
    - LP: #1333838
  * percpu-refcount: fix usage of this_cpu_ops
    - LP: #1333838
  * target: Fix alua_access_state attribute OOPs for un-configured devices
    - LP: #1333838
  * mm: rmap: fix use-after-free in __put_anon_vma
    - LP: #1333838
  * mm: add !pte_present() check on existing hugetlb_entry callbacks
    - LP: #1333838
  * target: Fix NULL pointer dereference for XCOPY in target_put_sess_cmd
    - LP: #1333838
  * Linux 3.13.11.4
    - LP: #1333838
  * powerpc/powernv: Infrastructure to read opal messages in generic
    format.
    - LP: #1334268
  * powerpc/powernv: Infrastructure to support OPAL async completion
    - LP: #1334268
  * powerpc/powernv: Enable fetching of platform sensor data
    - LP: #1334268
  * powerpc/powernv: Fix endian issues with sensor code
    - LP: #1334268
  * powerpc/powernv: Add OPAL message log interface
    - LP: #1334268
  * powerpc/powernv: Fix kexec races going back to OPAL
    - LP: #1334268
  * powerpc/powernv: Fix little endian issues in OPAL flash code
    - LP: #1334268
  * powerpc/powernv: Fix little endian issues with opal_do_notifier calls
    - LP: #1334268
  * powerpc/powernv: Fix little endian issues in OPAL error log code
    - LP: #1334268
  * powerpc/powernv: Create OPAL sglist helper functions and fix endian
    issues
    - LP: #1334268
  * powerpc/powernv: Fix little endian issues in OPAL dump code
    - LP: #1334268
  * powerpc: Fix error return in rtas_flash module init
    - LP: #1334268
  * powerpc/powernv: Increase candidate fw image size
    - LP: #1334268
  * powerpc/powernv: Return secondary CPUs to firmware before FW update
    - LP: #1334268
  * powerpc/powernv: Pass buffer size to OPAL validate flash call
    - LP: #1334268
  * gpio: add a driver for the Synopsys DesignWare APB GPIO block
    - LP: #1334823
  * gpio: dwapb: drop irq_setup_generic_chip()
    - LP: #1334823
  * gpio: dwapb: use a second irq chip
    - LP: #1334823
  * lzo: properly check for overruns
    - LP: #1335313
    - CVE-2014-4608
  * lz4: ensure length does not wrap
    - LP: #1335314
    - CVE-2014-4611
  * netfilter: nf_nat: fix oops on netns removal
    - LP: #1314274
  * ALSA: hda - add device ID for Broadwell display audio controller
    - LP: #1188091
  * ALSA: hda - add codec ID for Broadwell display audio codec
    - LP: #1188091
  * ALSA: hda/hdmi - apply all Haswell fix-ups to Broadwell display codec
    - LP: #1188091
  * ALSA: hda - using POS_FIX_LPIB on Broadwell HDMI Audio
    - LP: #1188091
 -- Luis Henriques <luis.henriques@canonical.com>   Mon, 14 Jul 2014 10:03:44 +0100

Changed in linux (Ubuntu Trusty):
status:	Fix Committed → Fix Released

Ubuntu
linux package

BUG in nf_nat_cleanup_conntrack

Bug Description

Related branches

CVE References

Duplicates of this bug

Other bug subscribers

Patches

Bug attachments

Remote bug watches

	Status	Importance	Assigned to
Linux	Unknown	Unknown	linux-kernel-bugs #65191
linux (Ubuntu)	Fix Released	Medium	Chris J Arges
Trusty	Fix Released	Medium	Chris J Arges
Utopic	Fix Released	Medium	Chris J Arges

Ubuntulinux package

BUG in nf_nat_cleanup_conntrack

Bug Description

Related branches

CVE References

Duplicates of this bug

Other bug subscribers

Patches

Bug attachments

Remote bug watches

Ubuntu
linux package