Cosmic update: 4.18.14 upstream stable release

Bug #1801986 reported by Stefan Bader on 2018-11-06
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Cosmic
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.18.14 upstream stable release
       from git://git.kernel.org/

The following patches will be applied:
* perf/core: Add sanity check to deal with pinned event failure
* mm: migration: fix migration of huge PMD shared pages
* mm, thp: fix mlocking THP page with migration enabled
* mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly
* KVM: VMX: check for existence of secondary exec controls before accessing
* blk-mq: I/O and timer unplugs are inverted in blktrace
* pstore/ram: Fix failure-path memory leak in ramoops_init
* clocksource/drivers/timer-atmel-pit: Properly handle error cases
* fbdev/omapfb: fix omapfb_memory_read infoleak
* mmc: core: Fix debounce time to use microseconds
* mmc: slot-gpio: Fix debounce time to use miliseconds again
* mac80211: allocate TXQs for active monitor interfaces
* drm/amdgpu: Fix vce work queue was not cancelled when suspend
* drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set
* drm: fix use-after-free read in drm_mode_create_lease_ioctl()
* x86/vdso: Fix asm constraints on vDSO syscall fallbacks
* selftests/x86: Add clock_gettime() tests to test_vdso
* x86/vdso: Only enable vDSO retpolines when enabled and supported
* x86/vdso: Fix vDSO syscall fallback asm constraint regression
* Revert "UBUNTU: SAUCE: PCI: Reprogram bridge prefetch registers on resume"
* PCI: Reprogram bridge prefetch registers on resume
* mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
* PM / core: Clear the direct_complete flag on errors
* dm mpath: fix attached_handler_name leak and dangling hw_handler_name pointer
* dm cache metadata: ignore hints array being too small during resize
* dm cache: fix resize crash if user doesn't reload cache table
* xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
* usb: xhci-mtk: resume USB3 roothub first
* USB: serial: simple: add Motorola Tetra MTP6550 id
* USB: serial: option: improve Quectel EP06 detection
* USB: serial: option: add two-endpoints device-id flag
* usb: cdc_acm: Do not leak URB buffers
* tty: Drop tty->count on tty_reopen() failure
* of: unittest: Disable interrupt node tests for old world MAC systems
* powerpc: Avoid code patching freed init sections
* powerpc/lib: fix book3s/32 boot failure due to code patching
* ARC: clone syscall to setp r25 as thread pointer
* f2fs: fix invalid memory access
* tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
* ucma: fix a use-after-free in ucma_resolve_ip()
* ubifs: Check for name being NULL while mounting
* rds: rds_ib_recv_alloc_cache() should call alloc_percpu_gfp() instead
* ath10k: fix scan crash due to incorrect length calculation
* Linux 4.18.14

Stefan Bader (smb) on 2018-11-06
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Cosmic):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
Stefan Bader (smb) wrote :

Skipped "KVM: x86: fix L1TF's MMIO GFN calculation" as it is already applied for bug #1798427.

Skipped "xen-netback: fix input validation in xenvif_set_hash_mapping()" because is was already applied for XSA-270 / CVE-2018-15471.

Reverted and replaced UBUNTU SAUCE patch with upstream version (PCI: Reprogram bridge prefetch registers on resume).

description: updated
Changed in linux (Ubuntu Cosmic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (39.7 KiB)

This bug was fixed in the package linux - 4.18.0-12.13

---------------
linux (4.18.0-12.13) cosmic; urgency=medium

  * linux: 4.18.0-12.13 -proposed tracker (LP: #1802743)

  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.

  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts

  * CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs

  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()

  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages

  * Add checksum offload and T...

Changed in linux (Ubuntu Cosmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers