Xenial update to 4.4.148 stable release

Bug #1792174 reported by Stefan Bader on 2018-09-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Stefan Bader

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.4.148 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.



The following patches from the 4.4.148 stable release shall be applied:
* ext4: fix check to prevent initializing reserved inodes
* tpm: fix race condition in tpm_common_write()
* ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
* fork: unconditionally clear stack on fork
* parisc: Enable CONFIG_MLONGCALLS by default
* parisc: Define mb() and add memory barriers to assembler unlock sequences
* xen/netfront: don't cache skb_shinfo()
* ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
* scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
* root dentries need RCU-delayed freeing
* fix mntput/mntput race
* fix __legitimize_mnt()/mntput() race
* IB/core: Make testing MR flags for writability a static inline function
* IB/mlx4: Mark user MR as writable if actual virtual memory is writable
* IB/ocrdma: fix out of bounds access to local buffer
* ARM: dts: imx6sx: fix irq for pcie bridge
* kprobes/x86: Fix %p uses in error messages
* x86/irqflags: Provide a declaration for native_save_fl
* UBUNTU: SAUCE: Sync pgtable_64.h with upstream stable
* mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
* UBUNTU: SAUCE: Sync pgtable-3level.h with upstream stable
* UBUNTU: SAUCE: Sync pgtable.h with upstream stable
* mm: Add vm_insert_pfn_prot()
* mm: fix cache mode tracking in vm_insert_mixed()
* x86/mm/kmmio: Make the tracer robust against L1TF
* x86/init: fix build with CONFIG_SWAP=n
* Linux 4.4.148

Stefan Bader (smb) on 2018-09-12
tags: added: kernel-stable-tracking-bug
Stefan Bader (smb) on 2018-09-12
Changed in linux (Ubuntu Xenial):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
Stefan Bader (smb) wrote :

* "x86/paravirt: Fix spectre-v2 mitigations for paravirt
  guests (CVE-2018-15594)
* "x86/speculation: Protect against userspace-userspace
  spectreRSB" (CVE-2018-15572)

Skipped patches from L1TF (CVE-2018-3620, CVE-2018-3646):
* "x86/speculation/l1tf: Increase 32bit PAE
* "x86/mm: Move swap offset/type up in PTE to work around
* "x86/mm: Fix swap entry comment and macro"
* "x86/speculation/l1tf: Change order of offset/type in
  swap entry"
* "x86/speculation/l1tf: Protect swap entries against L1TF"
* "x86/speculation/l1tf: Protect PROT_NONE PTEs against
* "x86/speculation/l1tf: Make sure the first page is
  always reserved"
* "x86/speculation/l1tf: Add sysfs reporting for l1tf"
* "x86/speculation/l1tf: Disallow non privileged high MMIO
  PROT_NONE mappings"
* "x86/speculation/l1tf: Limit swap file size to MAX_PA/2"
* "x86/bugs: Move the l1tf function and define pr_fmt
* "x86/speculation/l1tf: Extend 64bit swap file size limit"
* "x86/cpufeatures: Add detection of L1D cache flush
* "x86/speculation/l1tf: Protect PAE swap entries against
* "x86/speculation/l1tf: Fix up pte->pfn conversion for
* "x86/speculation/l1tf: Invert all not present mappings"
* "x86/speculation/l1tf: Make pmd/pud_mknotpresent()
* "x86/mm/pat: Make set_memory_np() L1TF safe"
* "x86/speculation/l1tf: Fix up CPU feature flags"
* "x86/speculation/l1tf: Unbreak
  !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures"

Modified "mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1" to do the changes to arch/x86/include/asm/pgtable_types.h only (because changes to arch/x86/include/asm/pgtable_64.h were already present).

Stefan Bader (smb) on 2018-09-12
description: updated
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (28.0 KiB)

This bug was fixed in the package linux - 4.4.0-138.164

linux (4.4.0-138.164) xenial; urgency=medium

  * linux: 4.4.0-138.164 -proposed tracker (LP: #1795582)

  * Linux 4.4.155 stable release build is broken on ppc64 (LP: #1795662)
    - powerpc/fadump: Return error when fadump registration fails

  * Kernel hang on drive pull caused by regression introduced by commit
    287922eb0b18 (LP: #1791790)
    - block: Fix a race between blk_cleanup_queue() and timeout handling

  * qeth: use vzalloc for QUERY OAT buffer (LP: #1793086)
    - s390/qeth: use vzalloc for QUERY OAT buffer

  * Page leaking in cachefiles_read_backing_file while vmscan is active
    (LP: #1793430)
    - SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan
      is active

  * Bugfix for handling of shadow doorbell buffer (LP: #1788222)
    - nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event

  * Xenial update to 4.4.155 stable release (LP: #1792419)
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - net: lan78xx: Fix misplaced tasklet_schedule() call
    - spi: davinci: fix a NULL pointer dereference
    - drm/i915/userptr: reject zero user_size
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
    - 9p/virtio: fix off-by-one error in sg list bounds check
    - net/9p/client.c: version pointer uninitialized
    - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
    - dm cache metadata: save in-core policy_hint_size to on-disk superblock
    - iio: ad9523: Fix displayed phase
    - iio: ad9523: Fix return value for ad952x_store()
    - vmw_balloon: fix inflation of 64-bit GFNs
    - vmw_balloon: do not use 2MB without batching
    - vmw_balloon: VMCI_DOORBELL_SET does not check status
    - vmw_balloon: fix VMCI use when balloon built into kernel
    - tracing: Do not call start/stop() functions when tracing_on does not change
    - tracing/blktrace: Fix to allow setting same value
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - uprobes: Use synchronize_rcu() not synchronize_sched()
    - 9p: fix multiple NULL-pointer-dereferences
    - PM / sleep: wakeup: Fix build error caused by missing SRCU support
    - pnfs/blocklayout: off by one in bl_map_stripe()
    - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - iommu/vt-d: Add definitions for PFSID
    - iommu/vt-d: Fix dev iotlb pfsid use
    - osf_getdomainname(): use copy_to_user()
    - sys: don't hold uts_sem while accessing userspace memory
    - userns: move user access out of the mutex
    - ubifs: Fix memory leak in lprobs self-check
    - Revert "UBIFS: Fix potential integer overflow in allocation"
    - ubifs: Check data node size before truncate
    - ubifs: Fix synced_i_size calculation for xattr inodes
    - pwm: ti...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers