Cosmic update: 4.18.15 upstream stable release

Bug #1802082 reported by Stefan Bader on 2018-11-07
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Stefan Bader

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.18.15 upstream stable release
       from git://

The following patches will be applied:
* bnxt_en: Fix TX timeout during netpoll.
* bnxt_en: free hwrm resources, if driver probe fails.
* bonding: avoid possible dead-lock
* ip6_tunnel: be careful when accessing the inner header
* ip_tunnel: be careful when accessing the inner header
* ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
* ipv6: take rcu lock in rawv6_send_hdrinc()
* net: dsa: bcm_sf2: Call setup during switch resume
* net: hns: fix for unmapping problem when SMMU is on
* net: ipv4: update fnhe_pmtu when first hop's MTU changes
* net/ipv6: Display all addresses in output of /proc/net/if_inet6
* netlabel: check for IPV4MASK in addrinfo_get
* net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
* net: mvpp2: fix a txq_done race condition
* net: sched: Add policy validation for tc attributes
* net: sched: cls_u32: fix hnode refcounting
* net: systemport: Fix wake-up interrupt race during resume
* net/usb: cancel pending work when unbinding smsc75xx
* qlcnic: fix Tx descriptor corruption on 82xx devices
* qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
* rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
* sctp: update dst pmtu with the correct daddr
* team: Forbid enslaving team device to itself
* tipc: fix flow control accounting for implicit connect
* udp: Unbreak modules that rely on external __skb_recv_udp() availability
* net: qualcomm: rmnet: Skip processing loopback packets
* net: qualcomm: rmnet: Fix incorrect allocation flag in transmit
* net: qualcomm: rmnet: Fix incorrect allocation flag in receive path
* tun: remove unused parameters
* tun: initialize napi_mutex unconditionally
* tun: napi flags belong to tfile
* net: stmmac: Fixup the tail addr setting in xmit path
* net/packet: fix packet drop as of virtio gso
* net: dsa: bcm_sf2: Fix unbind ordering
* net/mlx5e: Set vlan masks for all offloaded TC rules
* net: aquantia: memory corruption on jumbo frames
* net/mlx5: E-Switch, Fix out of bound access when setting vport rate
* bonding: pass link-local packets to bonding master also.
* bonding: fix warning message
* net: stmmac: Rework coalesce timer and fix multi-queue races
* nfp: avoid soft lockups under control message storm
* bnxt_en: don't try to offload VLAN 'modify' action
* net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN
* net: phy: phylink: fix SFP interface autodetection
* sfp: fix oops with ethtool -m
* tcp/dccp: fix lockdep issue when SYN is backlogged
* inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
* net: dsa: b53: Keep CPU port as tagged in all VLANs
* rtnetlink: Fail dump if target netnsid is invalid
* bnxt_en: Fix VNIC reservations on the PF.
* net: ipv4: don't let PMTU updates increase route MTU
* net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ
* bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request
* bnxt_en: get the reduced max_irqs by the ones used by RDMA
* net/ipv6: Remove extra call to ip6_convert_metrics for multipath case
* net/ipv6: stop leaking percpu memory in fib6 info
* net: mscc: fix the frame extraction into the skb
* qed: Fix shmem structure inconsistency between driver and the mfw.
* r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO
* r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips
* vxlan: fill ttl inherit info
* ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs
* ASoC: max98373: Added speaker FS gain cotnrol register to volatile.
* ASoC: rt5514: Fix the issue of the delay volume applied again
* selftests: android: move config up a level
* selftests: kselftest: Remove outdated comment
* ASoC: max98373: Added 10ms sleep after amp software reset
* ASoC: wm8804: Add ACPI support
* ASoC: sigmadsp: safeload should not have lower byte limit
* ASoC: q6routing: initialize data correctly
* selftests: add headers_install to
* selftests/efivarfs: add required kernel configs
* selftests: memory-hotplug: add required configs
* ASoC: rsnd: adg: care clock-frequency size
* ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER
* hwmon: (nct6775) Fix access to fan pulse registers
* Fix cg_read_strcmp()
* ASoC: AMD: Ensure reset bit is cleared before configuring
* drm/pl111: Make sure of_device_id tables are NULL terminated
* Bluetooth: SMP: Fix trying to use non-existent local OOB data
* Bluetooth: Use correct tfm to generate OOB data
* Bluetooth: hci_ldisc: Free rw_semaphore on close
* mfd: omap-usb-host: Fix dts probe of children
* KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size
* scsi: iscsi: target: Don't use stack buffer for scatterlist
* scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted()
* sound: enable interrupt after dma buffer initialization
* sound: don't call skl_init_chip() to reset intel skl soc
* bpf: btf: Fix end boundary calculation for type section
* bpf: use __GFP_COMP while allocating page
* hwmon: (nct6775) Fix virtual temperature sources for NCT6796D
* hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D
* stmmac: fix valid numbers of unicast filter entries
* hwmon: (nct6775) Use different register to get fan RPM for fan7
* net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency
* net: macb: disable scatter-gather for macb on sama5d3
* ARM: dts: at91: add new compatibility string for macb on sama5d3
* PCI: hv: support reporting serial number as slot information
* clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail
* clk: x86: Stop marking clocks as CLK_IS_CRITICAL
* pinctrl: cannonlake: Fix gpio base for GPP-E
* x86/kvm/lapic: always disable MMIO interface in x2APIC mode
* drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
* drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9
* drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs
* mm: slowly shrink slabs with a relatively small number of objects
* mm/vmstat.c: fix outdated vmstat_text
* afs: Fix afs_server struct leak
* afs: Fix clearance of reply
* MIPS: VDSO: Always map near top of user memory
* mach64: detect the dot clock divider correctly on sparc
* vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers
* percpu: stop leaking bitmap metadata blocks
* perf script python: Fix occasional failure
* perf script python: Fix sample columns
* s390/cio: Fix how vfio-ccw checks pinned pages
* dm cache: destroy migration_cache if cache target registration failed
* dm: fix report zone remapping to account for partition offset
* dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled
* dm linear: fix linear_end_io conditional definition
* cgroup: Fix dom_cgrp propagation when enabling threaded mode
* Input: xpad - add support for Xbox1 PDP Camo series gamepad
* drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect()
* mmc: block: avoid multiblock reads for the last sector in SPI mode
* pinctrl: mcp23s08: fix irq and irqchip setup order
* arm64: perf: Reject stand-alone CHAIN events for PMUv3
* mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE
* mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2
* filesystem-dax: Fix dax_layout_busy_page() livelock
* mm: Preserve _PAGE_DEVMAP across mprotect() calls
* i2c: i2c-scmi: fix for i2c_smbus_write_block_data
* KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault
* Linux 4.18.15

Stefan Bader (smb) on 2018-11-07
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Cosmic):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
Stefan Bader (smb) wrote :

Skip "rtnetlink: fix rtnl_fdb_dump() for ndmsg header" because it was already applied for bug #1796748.

Stefan Bader (smb) on 2018-11-07
description: updated
Changed in linux (Ubuntu Cosmic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (39.7 KiB)

This bug was fixed in the package linux - 4.18.0-12.13

linux (4.18.0-12.13) cosmic; urgency=medium

  * linux: 4.18.0-12.13 -proposed tracker (LP: #1802743)

  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.

  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts

  * CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs

  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()

  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages

  * Add checksum offload and T...

Changed in linux (Ubuntu Cosmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers