Bionic update: upstream stable patchset 2018-10-29

Bug #1800537 reported by Kamal Mostafa
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2018-10-29 (ported from v4.14.52 and v4.16.18)
       from git://

genirq/migration: Avoid out of line call if pending is not set
genirq/affinity: Defer affinity setting if irq chip is busy
genirq/generic_pending: Do not lose pending affinity update
irq_remapping: Use apic_ack_irq()
x86/platform/uv: Use apic_ack_irq()
x86/ioapic: Use apic_ack_irq()
x86/apic: Provide apic_ack_irq()
x86/apic/vector: Prevent hlist corruption and leaks
x86/vector: Fix the args of vector_alloc tracepoint
cpufreq: ti-cpufreq: Fix an incorrect error return value
net: phy: dp83822: use BMCR_ANENABLE instead of BMSR_ANEGCAPABLE for DP83620
mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large
HID: intel_ish-hid: ipc: register more pm callbacks to support hibernation
orangefs: report attributes_mask and attributes for statx
orangefs: set i_size on new symlink
iwlwifi: fw: harden page loading code
x86/intel_rdt: Enable CMT and MBM on new Skylake stepping
w1: mxc_w1: Enable clock before calling clk_get_rate() on it
libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
libata: zpodd: small read overflow in eject_tray()
cpufreq: governors: Fix long idle detection logic in load calculation
cpufreq: Fix new policy initialization during limits updates via sysfs
bdi: Move cgroup bdi_writeback to a dedicated low concurrency workqueue
blk-mq: reinit q->tag_set_list entry only after grace period
nbd: use bd_set_size when updating disk size
nbd: update size when connected
nbd: fix nbd device deletion
cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class
CIFS: 511c54a2f69195b28afb9dd119f03787b1625bb4 adds a check for session expiry
smb3: fix various xid leaks
x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read()
ALSA: hda: add dock and led support for HP ProBook 640 G4
ALSA: hda: add dock and led support for HP EliteBook 830 G5
ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
ALSA: hda/conexant - Add fixup for HP Z2 G4 workstation
btrfs: scrub: Don't use inode pages for device replace
btrfs: return error value if create_io_em failed in cow_file_range
Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2()
Btrfs: fix clone vs chattr NODATASUM race
driver core: Don't ignore class_dir_create_and_add() failure.
ext4: fix fencepost error in check for inode count overflow during resize
ext4: bubble errors from ext4_find_inline_data_nolock() up to ext4_iget()
ext4: update mtime in ext4_punch_hole even if no blocks are released
ext4: fix hole length detection in ext4_ind_map_blocks()
tls: fix use-after-free in tls_push_record
net: in virtio_net_hdr only add VLAN_HLEN to csum_start if payload holds vlan
udp: fix rx queue len reported by diag and proc interface
tcp: verify the checksum of the first data segment in a new connection
net/sched: act_simple: fix parsing of TCA_DEF_DATA
net: dsa: add error handling for pskb_trim_rcsum
ipv6: allow PMTU exceptions to local routes
cdc_ncm: avoid padding beyond end of skb
bonding: re-evaluate force_primary when the primary slave name changes

CVE References

tags: added: kernel-stable-tracking-bug
description: updated
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.1 KiB)

This bug was fixed in the package linux - 4.15.0-42.45

linux (4.15.0-42.45) bionic; urgency=medium

  * linux: 4.15.0-42.45 -proposed tracker (LP: #1803592)

  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - KVM: s390: reset crypto attributes for all vcpus
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - s390/zcrypt: remove VLA usage from the AP bus
    - s390/zcrypt: Remove deprecated ioctls.
    - s390/zcrypt: Remove deprecated zcrypt proc interface.
    - s390/zcrypt: Support up to 256 crypto adapters.
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.

  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts

  * CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs

  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

 -- Thadeu Lima de Souza Cascardo <email address hidden> Thu, 15 Nov 2018 17:01:46 ...


Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew)
Changed in linux (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers