Bug #1586418 “exercising ptys causes a kernel oops” : Bugs : linux package : Ubuntu

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-05-27:

#1

dmesg log of boot + oops Edit (51.2 KiB, text/plain)

description:

updated

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-05-27:

#2

More concerning is that once one logs out, no more ptys are available, so one cannot log back in

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-06-10:

#3

Weird, fails on the following kernel in a VM:

Linux version 4.4.0-23-generic (buildd@lcy01-25) (gcc version 5.3.1 20160413 (Ubuntu 5.3.1-14ubuntu2) ) #41-Ubuntu SMP Mon May 16 23:03:32 UTC 2016 (Ubuntu 4.4.0-23.41-generic 4.4.10)

Does not fail on:

Linux version 4.4.0-23-generic (buildd@lcy01-26) (gcc version 5.3.1 20160413 (Ubuntu 5.3.1-14ubuntu2) ) #41-Ubuntu SMP Mon May 16 23:04:25 UTC 2016 (Ubuntu 4.4.0-23.41-generic 4.4.10)

I'm not sure why my kernel in my VM is different to the one on my X220 test laptop.

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-06-10:

#4

commit 20bafb3d23d108bc0a896eb8b7c1501f4f649b77
Author: Peter Hurley <email address hidden>
Date: Sat Jun 15 10:21:19 2013 -0400

n_tty: Move buffers into n_tty_data

Reduce pointer reloading and improve locality-of-reference;
allocate read_buf and echo_buf within struct n_tty_data.

Signed-off-by: Peter Hurley <email address hidden>
Signed-off-by: Greg Kroah-Hartman <email address hidden>

...

@@ -1715,7 +1713,8 @@ static int n_tty_open(struct tty_struct *tty)
{
struct n_tty_data *ldata;

- ldata = kzalloc(sizeof(*ldata), GFP_KERNEL);
+ /* Currently a malloc failure here can panic */
+ ldata = vmalloc(sizeof(*ldata));
if (!ldata)
goto err;

So I'm hitting a vmalloc failure and as the comment says, a failure there causes a panic. Nice.

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-06-21:

#5

Waiting for my fix to be ack'd by upstream, will SRU this later.

Changed in linux (Ubuntu):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Colin Ian King (colin-king)

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-06-30:

#6

Landed in linux-next, 5353ed8deedee9e5acb9f896e9032158f5d998de, hopefully should land in linux in a week or so

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-07-05:

#7

Landed in linux, commit 5353ed8deedee9e5acb9f896e9032158f5d998de

Colin Ian King (colin-king) on 2016-07-05

description:	updated
information type:	Private Security → Public Security
information type:	Public Security → Public

Kamal Mostafa (kamalmostafa) on 2016-07-06

Changed in linux (Ubuntu Yakkety):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status:	New → Fix Committed

Kamal Mostafa (kamalmostafa) on 2016-07-06

Changed in linux (Ubuntu Wily):
status:	New → Fix Committed
Changed in linux (Ubuntu Vivid):
status:	New → Fix Committed

Kamal Mostafa (kamalmostafa) on 2016-07-06

Changed in linux (Ubuntu Trusty):
status:	New → Fix Committed

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2016-07-11:

#8

No further updates are planned for Wily's kernel.

Changed in linux (Ubuntu Wily):
status:	Fix Committed → Won't Fix

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-07-25:

#9

Download full text (14.6 KiB)

This bug was fixed in the package linux - 4.4.0-33.52

---------------
linux (4.4.0-33.52) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
- LP: #1605709

  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
- LP: #1604443

  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

* changelog: add CVEs as first class citizens (LP: #1604344)
- use CVE numbers in changelog

  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

* CVE-2016-4470
- KEYS: potential uninitialized variable

* integer overflow in xt_alloc_table_info (LP: #1555353)
- netfilter: x_tables: check for size overflow

* CVE-2016-3135:
- Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

* CVE-2016-4440 (LP: #1584192)
- kvm:vmx: more complete state update on APICv on/off

  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

* Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
- Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

  * Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG
    - sit: correct IP protocol used in ipip6_err
    - esp: Fix ESN generation under UDP encapsulation
    - netem: fix a use after free
    - ipmr/ip6mr: Initialize the last assert time of mfc entries.
    - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address
    - sock_diag: do not broadcast raw socket destruction
    - bpf, perf...

This bug was fixed in the package linux - 4.4.0-33.52

---------------
linux (4.4.0-33.52) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
    - LP: #1605709

* [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
    - LP: #1604443

* thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

* changelog: add CVEs as first class citizens (LP: #1604344)
    - use CVE numbers in changelog

* [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

* CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

* CVE-2016-4470
    - KEYS: potential uninitialized variable

* integer overflow in xt_alloc_table_info (LP: #1555353)
    - netfilter: x_tables: check for size overflow

* CVE-2016-3135:
    - Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

* CVE-2016-4440 (LP: #1584192)
    - kvm:vmx: more complete state update on APICv on/off

* the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

* Add proper  palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

* Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
    - Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

* CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

* Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG
    - sit: correct IP protocol used in ipip6_err
    - esp: Fix ESN generation under UDP encapsulation
    - netem: fix a use after free
    - ipmr/ip6mr: Initialize the last assert time of mfc entries.
    - Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address
    - sock_diag: do not broadcast raw socket destruction
    - bpf, perf: delay release of BPF prog after grace period
    - neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit()
    - net: macb: fix default configuration for GMAC on AT91
    - net: alx: Work around the DMA RX overflow issue
    - bpf: try harder on clones when writing into skb
    - AX.25: Close socket connection on session completion
    - crypto: ux500 - memmove the right size
    - crypto: user - re-add size check for CRYPTO_MSG_GETALG
    - USB: uas: Fix slave queue_depth not being set
    - usb: quirks: Fix sorting
    - usb: quirks: Add no-lpm quirk for Acer C120 LED Projector
    - usb: musb: only restore devctl when session was set in backup
    - usb: musb: Stop bulk endpoint while queue is rotated
    - usb: musb: Ensure rx reinit occurs for shared_fifo endpoints
    - usb: musb: host: correct cppi dma channel for isoch transfer
    - usb: xhci-plat: properly handle probe deferral for devm_clk_get()
    - USB: xhci: Add broken streams quirk for Frescologic device id 1009
    - xhci: Fix handling timeouted commands on hosts in weird states.
    - USB: mos7720: delete parport
    - usb: gadget: fix spinlock dead lock in gadgetfs
    - usb: host: ehci-tegra: Grab the correct UTMI pads reset
    - usb: dwc3: exynos: Fix deferred probing storm.
    - Linux 4.4.15

* qeth: delete napi struct when removing a qeth device (LP: #1601831)
    - qeth: delete napi struct when removing a qeth device

* Adjust KBL PCI-ID's (LP: #1600124)
    - drm/i915: Add more Kabylake PCI IDs.
    - drm/i915: Removing PCI IDs that are no longer listed as Kabylake.

* [i915_bpo] Rebase driver to v4.7-rc6 + gen9 workarounds + KBP PCH support
    (LP: #1599109)
    - drm/kms_helper: Add a common place to call init and exit functions.
    - drm: Add helper for DP++ adaptors
    - GPU-DRM: Delete unnecessary checks before drm_property_unreference_blob()
    - drm: introduce pipe color correction properties
    - drm: fix blob pointer check
    - drm: atomic helper: do not unreference error pointer
    - drm: fix lut value extraction function
    - drm/dsi: Add a helper to get bits per pixel of MIPI DSI pixel format
    - SAUCE: drm: Introduce drm_malloc_gfp()
    - SAUCE: i915_bpo: Rebase to v4.7-rc6
    - SAUCE: i915_bpo: Add backported workarounds for gen9
    - SAUCE: i915_bpo: Revert "drm/i915: Get panel_type from OpRegion panel
      details"
    - SAUCE: i915_bpo: Introduce Kabypoint PCH for Kabylake H/DT.

* Baytrail-I got black screen with HDMI output (LP: #1599379)
    - drm/i915: Only ignore eDP ports that are connected
    - drm/i915: Check VBT for port presence in addition to the strap on VLV/CHV

* [Hyper-V] storvsc messages for CD-ROM medium not present tray closed
    (LP: #1590655)
    - SAUCE: (no-up) scsi: storvsc: Filter out storvsc messages CD-ROM medium not
      present

* Hotplug device addition issue - missing patches on Xenial kernel
    (LP: #1599250)
    - Revert "UBUNTU: SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early()"
    - Revert "powerpc/eeh: Fix crash in eeh_add_device_early() on Cell"
    - powerpc/iommu: Remove the dependency on EEH struct in DDW mechanism
    - powerpc/pseries: Fix PCI config address for DDW

* kernel: signal return with invalid floating-point control (LP: #1597971)
    - s390: fix test_fp_ctl inline assembly contraints

* [Toshiba P50W-B00F] Touchscreen no longer working (LP: #1498667)
    - SAUCE: (no-up) usb: quirks: Add no-lpm quirk for Elan Microelectronics
      Touchpad

* [yakkety] d-i does not support (ehci_msm) Qualcomm  On-Chip EHCI Host
    Controller (LP: #1599347)
    - d-i: Add ehci_msm to usb-modules

* [Bug] Legacy audio couldn't work after S3 resume on Kabylake (LP: #1596871)
    - ALSA: hda - Skip ELD notification during PM process
    - ALSA: hda - hdmi add wmb barrier for audio component
    - ALSA: hda - hdmi defer to register acomp eld notifier

* sync spl  0.6.5.6-0ubuntu4 changes into Xenial kernel source (LP: #1599257)
    - SAUCE: (noup) Update spl to 0.6.5.6-0ubuntu4

* Config: missing AMD Seattle platform support (LP: #1597574)
    - [Config] Enable the AMD Seattle platform

* Network installer fails to detect network on AMD Overdrive (ARM64)
    (LP: #1597573)
    - [Config] Add amd-xgbe to nic-modules udeb

* exercising ptys causes a kernel oops (LP: #1586418)
    - devpts: fix null pointer dereference on failed memory allocation

* Regression (constant vibration of device) in xpad driver in Ubuntu 16.04
    (LP: #1574102)
    - Input: xpad - move pending clear to the correct location

* thunderx nics fail to establish link (LP: #1597867)
    - net: thunderx: Fix link status reporting

* Xenial update to v4.4.14 stable release (LP: #1596575)
    - scsi_lib: correctly retry failed zero length REQ_TYPE_FS commands
    - scsi: Add QEMU CD-ROM to VPD Inquiry Blacklist
    - netlink: Fix dump skb leak/double free
    - tipc: fix nametable publication field in nl compat
    - switchdev: pass pointer to fib_info instead of copy
    - tuntap: correctly wake up process during uninit
    - udp: prevent skbs lingering in tunnel socket queues
    - uapi glibc compat: fix compilation when !__USE_MISC in glibc
    - sfc: on MC reset, clear PIO buffer linkage in TXQs
    - team: don't call netdev_change_features under team->lock
    - vxlan: Accept user specified MTU value when create new vxlan link
    - tcp: record TLP and ER timer stats in v6 stats
    - bridge: Don't insert unnecessary local fdb entry on changing mac address
    - l2tp: fix configuration passed to setup_udp_tunnel_sock()
    - ipv6: Skip XFRM lookup if dst_entry in socket cache is valid
    - vxlan: Relax MTU constraints
    - geneve: Relax MTU constraints
    - vxlan, gre, geneve: Set a large MTU on ovs-created tunnel devices
    - KVM: x86: fix OOPS after invalid KVM_SET_DEBUGREGS
    - KVM: irqfd: fix NULL pointer dereference in kvm_irq_map_gsi
    - ALSA: hda - Add PCI ID for Kabylake
    - ALSA: hda - Fix headset mic detection problem for Dell machine
    - ALSA: hda/realtek - ALC256 speaker noise issue
    - ALSA: hda/realtek - Add support for new codecs ALC700/ALC701/ALC703
    - ALSA: hda/realtek: Add T560 docking unit fixup
    - ARM: fix PTRACE_SETVFPREGS on SMP systems
    - gpio: bcm-kona: fix bcm_kona_gpio_reset() warnings
    - s390/bpf: fix recache skb->data/hlen for skb_vlan_push/pop
    - s390/bpf: reduce maximum program size to 64 KB
    - irqchip/gic-v3: Fix ICC_SGI1R_EL1.INTID decoding mask
    - crypto: public_key: select CRYPTO_AKCIPHER
    - crypto: ccp - Fix AES XTS error for request sizes above 4096
    - arm64: Provide "model name" in /proc/cpuinfo for PER_LINUX32 tasks
    - arm64: mm: always take dirty state from new pte in ptep_set_access_flags
    - powerpc/pseries/eeh: Handle RTAS delay requests in configure_bridge
    - powerpc: Fix definition of SIAR and SDAR registers
    - powerpc: Use privileged SPR number for MMCR2
    - powerpc/pseries: Add POWER8NVL support to ibm,client-architecture-support
      call
    - pinctrl: mediatek: fix dual-edge code defect
    - parisc: Fix pagefault crash in unaligned __get_user() call
    - memcg: add RCU locking around css_for_each_descendant_pre() in
      memcg_offline_kmem()
    - wext: Fix 32 bit iwpriv compatibility issue with 64 bit Kernel
    - x86/entry/traps: Don't force in_interrupt() to return true in IST handlers
    - fix d_walk()/non-delayed __d_free() race
    - sparc: Fix system call tracing register handling.
    - sparc64: Fix bootup regressions on some Kconfig combinations.
    - sparc64: Fix numa node distance initialization
    - sparc64: Fix sparc64_set_context stack handling.
    - sparc/PCI: Fix for panic while enabling SR-IOV
    - sparc64: Reduce TLB flushes during hugepte changes
    - sparc64: Take ctx_alloc_lock properly in hugetlb_setup().
    - sparc: Harden signal return frame checks.
    - sparc64: Fix return from trap window fill crashes.
    - MIPS: Fix 64k page support for 32 bit kernels.
    - crypto: qat - fix adf_ctl_drv.c:undefined reference to adf_init_pf_wq
    - drm/core: Do not preserve framebuffer on rmfb, v4.
    - Linux 4.4.14

* [Hyper-V] Rebase Hyper-V to 4.6 kernel (LP: #1583357)
    - hv_netvsc: rework link status change handling
    - hv_netvsc: Resize some of the variables in hv_netvsc_packet
    - hv_netvsc: Rearrange the hv_negtvsc_packet to be space efficient
    - hv_netvsc: Eliminate the channel field in hv_netvsc_packet structure
    - hv_netvsc: Eliminate rndis_msg pointer from hv_netvsc_packet structure
    - hv_netvsc: Eliminatte the data field from struct hv_netvsc_packet
    - hv_netvsc: Eliminate send_completion from struct hv_netvsc_packet
    - hv_netvsc: Eliminate send_completion_ctx from struct hv_netvsc_packet
    - hv_netvsc: Don't ask for additional head room in the skb
    - hv_netvsc: move subchannel existence check to netvsc_select_queue()
    - hv_netvsc: remove locking in netvsc_send()
    - hv_netvsc: Eliminate page_buf from struct hv_netvsc_packet
    - hv_netvsc: Eliminate send_completion_tid from struct hv_netvsc_packet
    - hv_netvsc: Eliminate is_data_pkt from struct hv_netvsc_packet
    - hv_netvsc: Eliminate completion_func from struct hv_netvsc_packet
    - hv_netvsc: Eliminate xmit_more from struct hv_netvsc_packet
    - hv_netvsc: Eliminate status from struct hv_netvsc_packet
    - hv_netvsc: Eliminate vlan_tci from struct hv_netvsc_packet
    - storvsc: add logging for error/warning messages
    - hv_netvsc: Fix race condition on Multi-Send Data field
    - kvm/x86: split ioapic-handled and EOI exit bitmaps
    - kvm/x86: per-vcpu apicv deactivation support
    - kvm/x86: Hyper-V synthetic interrupt controller
    - kvm/x86: Hyper-V kvm exit
    - kvm/x86: Rearrange func's declarations inside Hyper-V header
    - kvm/x86: Added Hyper-V vcpu_to_hv_vcpu()/hv_vcpu_to_vcpu() helpers
    - kvm/x86: Hyper-V internal helper to read MSR HV_X64_MSR_TIME_REF_COUNT
    - kvm/x86: Hyper-V SynIC message slot pending clearing at SINT ack
    - kvm/x86: Hyper-V SynIC timers
    - storvsc: Fix a bug in the layout of the hv_fc_wwn_packet
    - storvsc: Properly support Fibre Channel devices
    - storvsc: Refactor the code in storvsc_channel_init()
    - storvsc: Tighten up the interrupt path
    - storvsc: Fix typo in MODULE_PARM_DESC
    - Revert "hv_netvsc: use skb_get_hash() instead of a homegrown implementation"
    - hv_netvsc: use skb_get_hash() instead of a homegrown implementation
    - hv_netvsc: Fix book keeping of skb during batching process
    - storvsc: Install the storvsc specific timeout handler for FC devices
    - storvsc: Use the specified target ID in device lookup
    - Revert "Drivers: hv: vmbus: Cleanup vmbus_set_event()"
    - Drivers: hv: vmbus: Cleanup vmbus_set_event()
    - Revert "Drivers: hv: vmbus: Eliminate the spin lock on the read path"
    - Drivers: hv: vmbus: Eliminate the spin lock on the read path
    - Revert "hv_netvsc: cleanup netdev feature flags for netvsc"
    - hv_netvsc: cleanup netdev feature flags for netvsc
    - hv_netvsc: Restore needed_headroom request
    - kvm/x86: Rename Hyper-V long spin wait hypercall
    - hv_netvsc: add software transmit timestamp support
    - hv_netvsc: add ethtool support for set and get of settings
    - hv_netvsc: Fix accessing freed memory in netvsc_change_mtu()
    - hv_netvsc: Fix the array sizes to be max supported channels
    - hv_netvsc: Fix the order of num_sc_offered decrement
    - x86/hyperv: Avoid reporting bogus NMI status for Gen2 instances
    - Drivers: hv: vmbus: Fix signaling logic in hv_need_to_signal_on_read()
    - Drivers: hv: kvp: fix IP Failover

-- Seth Forshee <seth.forshee@canonical.com>  Fri, 22 Jul 2016 13:10:08 -0500

Changed in linux (Ubuntu Yakkety):
status:	Fix Committed → Fix Released

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-07-28:

#10

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:	added: verification-needed-vivid
tags:	added: verification-needed-xenial

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-07-28:

#11

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Colin Ian King (colin-king) on 2016-07-28

Changed in linux (Ubuntu Xenial):
assignee:	nobody → Colin Ian King (colin-king)
importance:	Undecided → Medium

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-07-28:

#12

I've exhaustively exercised this and cannot reproduce the issue with the -proposed 4.4.0-34-generic #53 kernel. Marking it as verification-done

tags:

added: verification-done-xenial
removed: verification-needed-xenial

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-07-28:

#13

I've exhaustively exercised this and cannot reproduce the issue with the -proposed 3.19.0-66-generic #74 kernel. Marking it as verification-done

tags:

added: verification-done-vivid
removed: verification-needed-vivid

Revision history for this message

Seth Forshee (sforshee) wrote on 2016-08-02:

#14

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-trusty

Revision history for this message

Colin Ian King (colin-king) wrote on 2016-08-02:

#15

Even though I'm on vacation I still managed to squeeze in some time to test this on trusty before the 5 days deadline ran out. I have exercised the kernel with a 20 minutes soak test and was unable to trip the bug with the trusty -proposed kernel. Without the fix, the issue can be triggered, with the fix, I can't trigger the issue.

Marking it as verification-done-trusty

tags:

added: verification-done-trusty
removed: verification-needed-trusty

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-08-08:

#16

Download full text (15.0 KiB)

This bug was fixed in the package linux - 4.4.0-34.53

---------------
linux (4.4.0-34.53) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
- LP: #1606960

  * [APL][SAUCE] Slow system response time due to a monitor bug (LP: #1606147)
    - x86/cpu/intel: Introduce macros for Intel family numbers
    - SAUCE: x86/cpu: Add workaround for MONITOR instruction erratum on Goldmont
      based CPUs

linux (4.4.0-33.52) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
- LP: #1605709

  * [regression] NFS client: access problems after updating to kernel
    4.4.0-31-generic (LP: #1603719)
    - SAUCE: (namespace) Bypass sget() capability check for nfs

linux (4.4.0-32.51) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
- LP: #1604443

  * thinkpad yoga 260 wacom touchscreen not working (LP: #1603975)
    - HID: wacom: break out parsing of device and registering of input
    - HID: wacom: Initialize hid_data.inputmode to -1
    - HID: wacom: Support switching from vendor-defined device mode on G9 and G11

* changelog: add CVEs as first class citizens (LP: #1604344)
- use CVE numbers in changelog

  * [Xenial] Include Huawei PCIe SSD hio kernel driver (LP: #1603483)
    - SAUCE: import Huawei ES3000_V2 (2.1.0.23)
    - SAUCE: hio: bio_endio() no longer takes errors arg
    - SAUCE: hio: blk_queue make_request_fn now returns a blk_qc_t
    - SAUCE: hio: use alloc_cpumask_var to avoid -Wframe-larger-than
    - SAUCE: hio: fix mask maybe-uninitialized warning
    - [config] enable CONFIG_HIO (Huawei ES3000_V2 PCIe SSD driver)
    - SAUCE: hio: Makefile and Kconfig

  * CVE-2016-5243 (LP: #1589036)
    - tipc: fix an infoleak in tipc_nl_compat_link_dump
    - tipc: fix nl compat regression for link statistics

* CVE-2016-4470
- KEYS: potential uninitialized variable

* integer overflow in xt_alloc_table_info (LP: #1555353)
- netfilter: x_tables: check for size overflow

* CVE-2016-3135:
- Revert "UBUNTU: SAUCE: (noup) netfilter: x_tables: check for size overflow"

* CVE-2016-4440 (LP: #1584192)
- kvm:vmx: more complete state update on APICv on/off

  * the system hangs in the dma driver when reboot or shutdown on a baytrail-m
    laptop (LP: #1602579)
    - dmaengine: dw: platform: power on device on shutdown
    - ACPI / LPSS: override power state for LPSS DMA device

  * Add proper palm detection support for MS Precision Touchpad (LP: #1593124)
    - Revert "HID: multitouch: enable palm rejection if device implements
      confidence usage"
    - HID: multitouch: enable palm rejection for Windows Precision Touchpad

* Add support for Intel 8265 Bluetooth ([8087:0A2B]) (LP: #1599068)
- Bluetooth: Add support for Intel Bluetooth device 8265 [8087:0a2b]

  * CVE-2016-4794 (LP: #1581871)
    - percpu: fix synchronization between chunk->map_extend_work and chunk
      destruction
    - percpu: fix synchronization between synchronous map extension and chunk
      destruction

  * Xenial update to v4.4.15 stable release (LP: #1601952)
    - net_sched: fix pfifo_head_drop behavior vs backlog
    - net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC...

This bug was fixed in the package linux - 4.4.0-34.53

---------------
linux (4.4.0-34.53) xenial; urgency=low

[ Seth Forshee ]

* Release Tracking Bug
    - LP: #1606960

* [APL][SAUCE] Slow system response time due to a monitor bug (LP: #1606147)
    - x86/cpu/intel: Introduce macros for Intel family numbers
    - SAUCE: x86/cpu: Add workaround for MONITOR instruction erratum on Goldmont
      based CPUs