Cosmic update: 4.18.15 upstream stable release

Bug #1802082 reported by Stefan Bader on 2018-11-07
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Cosmic
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       4.18.15 upstream stable release
       from git://git.kernel.org/

The following patches will be applied:
* bnxt_en: Fix TX timeout during netpoll.
* bnxt_en: free hwrm resources, if driver probe fails.
* bonding: avoid possible dead-lock
* ip6_tunnel: be careful when accessing the inner header
* ip_tunnel: be careful when accessing the inner header
* ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
* ipv6: take rcu lock in rawv6_send_hdrinc()
* net: dsa: bcm_sf2: Call setup during switch resume
* net: hns: fix for unmapping problem when SMMU is on
* net: ipv4: update fnhe_pmtu when first hop's MTU changes
* net/ipv6: Display all addresses in output of /proc/net/if_inet6
* netlabel: check for IPV4MASK in addrinfo_get
* net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
* net: mvpp2: fix a txq_done race condition
* net: sched: Add policy validation for tc attributes
* net: sched: cls_u32: fix hnode refcounting
* net: systemport: Fix wake-up interrupt race during resume
* net/usb: cancel pending work when unbinding smsc75xx
* qlcnic: fix Tx descriptor corruption on 82xx devices
* qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
* rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
* sctp: update dst pmtu with the correct daddr
* team: Forbid enslaving team device to itself
* tipc: fix flow control accounting for implicit connect
* udp: Unbreak modules that rely on external __skb_recv_udp() availability
* net: qualcomm: rmnet: Skip processing loopback packets
* net: qualcomm: rmnet: Fix incorrect allocation flag in transmit
* net: qualcomm: rmnet: Fix incorrect allocation flag in receive path
* tun: remove unused parameters
* tun: initialize napi_mutex unconditionally
* tun: napi flags belong to tfile
* net: stmmac: Fixup the tail addr setting in xmit path
* net/packet: fix packet drop as of virtio gso
* net: dsa: bcm_sf2: Fix unbind ordering
* net/mlx5e: Set vlan masks for all offloaded TC rules
* net: aquantia: memory corruption on jumbo frames
* net/mlx5: E-Switch, Fix out of bound access when setting vport rate
* bonding: pass link-local packets to bonding master also.
* bonding: fix warning message
* net: stmmac: Rework coalesce timer and fix multi-queue races
* nfp: avoid soft lockups under control message storm
* bnxt_en: don't try to offload VLAN 'modify' action
* net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN
* net: phy: phylink: fix SFP interface autodetection
* sfp: fix oops with ethtool -m
* tcp/dccp: fix lockdep issue when SYN is backlogged
* inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
* net: dsa: b53: Keep CPU port as tagged in all VLANs
* rtnetlink: Fail dump if target netnsid is invalid
* bnxt_en: Fix VNIC reservations on the PF.
* net: ipv4: don't let PMTU updates increase route MTU
* net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ
* bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request
* bnxt_en: get the reduced max_irqs by the ones used by RDMA
* net/ipv6: Remove extra call to ip6_convert_metrics for multipath case
* net/ipv6: stop leaking percpu memory in fib6 info
* net: mscc: fix the frame extraction into the skb
* qed: Fix shmem structure inconsistency between driver and the mfw.
* r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO
* r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips
* vxlan: fill ttl inherit info
* ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs
* ASoC: max98373: Added speaker FS gain cotnrol register to volatile.
* ASoC: rt5514: Fix the issue of the delay volume applied again
* selftests: android: move config up a level
* selftests: kselftest: Remove outdated comment
* ASoC: max98373: Added 10ms sleep after amp software reset
* ASoC: wm8804: Add ACPI support
* ASoC: sigmadsp: safeload should not have lower byte limit
* ASoC: q6routing: initialize data correctly
* selftests: add headers_install to lib.mk
* selftests/efivarfs: add required kernel configs
* selftests: memory-hotplug: add required configs
* ASoC: rsnd: adg: care clock-frequency size
* ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER
* hwmon: (nct6775) Fix access to fan pulse registers
* Fix cg_read_strcmp()
* ASoC: AMD: Ensure reset bit is cleared before configuring
* drm/pl111: Make sure of_device_id tables are NULL terminated
* Bluetooth: SMP: Fix trying to use non-existent local OOB data
* Bluetooth: Use correct tfm to generate OOB data
* Bluetooth: hci_ldisc: Free rw_semaphore on close
* mfd: omap-usb-host: Fix dts probe of children
* KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size
* scsi: iscsi: target: Don't use stack buffer for scatterlist
* scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted()
* sound: enable interrupt after dma buffer initialization
* sound: don't call skl_init_chip() to reset intel skl soc
* bpf: btf: Fix end boundary calculation for type section
* bpf: use __GFP_COMP while allocating page
* hwmon: (nct6775) Fix virtual temperature sources for NCT6796D
* hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D
* stmmac: fix valid numbers of unicast filter entries
* hwmon: (nct6775) Use different register to get fan RPM for fan7
* net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency
* net: macb: disable scatter-gather for macb on sama5d3
* ARM: dts: at91: add new compatibility string for macb on sama5d3
* PCI: hv: support reporting serial number as slot information
* clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail
* clk: x86: Stop marking clocks as CLK_IS_CRITICAL
* pinctrl: cannonlake: Fix gpio base for GPP-E
* x86/kvm/lapic: always disable MMIO interface in x2APIC mode
* drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7
* drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9
* drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs
* mm: slowly shrink slabs with a relatively small number of objects
* mm/vmstat.c: fix outdated vmstat_text
* afs: Fix afs_server struct leak
* afs: Fix clearance of reply
* MIPS: Fix CONFIG_CMDLINE handling
* MIPS: VDSO: Always map near top of user memory
* mach64: detect the dot clock divider correctly on sparc
* vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers
* percpu: stop leaking bitmap metadata blocks
* perf script python: Fix export-to-postgresql.py occasional failure
* perf script python: Fix export-to-sqlite.py sample columns
* s390/cio: Fix how vfio-ccw checks pinned pages
* dm cache: destroy migration_cache if cache target registration failed
* dm: fix report zone remapping to account for partition offset
* dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled
* dm linear: fix linear_end_io conditional definition
* cgroup: Fix dom_cgrp propagation when enabling threaded mode
* Input: xpad - add support for Xbox1 PDP Camo series gamepad
* drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect()
* mmc: block: avoid multiblock reads for the last sector in SPI mode
* pinctrl: mcp23s08: fix irq and irqchip setup order
* arm64: perf: Reject stand-alone CHAIN events for PMUv3
* mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE
* mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2
* filesystem-dax: Fix dax_layout_busy_page() livelock
* mm: Preserve _PAGE_DEVMAP across mprotect() calls
* i2c: i2c-scmi: fix for i2c_smbus_write_block_data
* KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault
* Linux 4.18.15

Stefan Bader (smb) on 2018-11-07
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Cosmic):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu):
status: New → Invalid
Stefan Bader (smb) wrote :

Skip "rtnetlink: fix rtnl_fdb_dump() for ndmsg header" because it was already applied for bug #1796748.

Stefan Bader (smb) on 2018-11-07
description: updated
Changed in linux (Ubuntu Cosmic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (39.7 KiB)

This bug was fixed in the package linux - 4.18.0-12.13

---------------
linux (4.18.0-12.13) cosmic; urgency=medium

  * linux: 4.18.0-12.13 -proposed tracker (LP: #1802743)

  * [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
    - s390/zcrypt: Add ZAPQ inline function.
    - s390/zcrypt: Review inline assembler constraints.
    - s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
    - s390/zcrypt: fix ap_instructions_available() returncodes
    - KVM: s390: vsie: simulate VCPU SIE entry/exit
    - KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
    - KVM: s390: refactor crypto initialization
    - s390: vfio-ap: base implementation of VFIO AP device driver
    - s390: vfio-ap: register matrix device with VFIO mdev framework
    - s390: vfio-ap: sysfs interfaces to configure adapters
    - s390: vfio-ap: sysfs interfaces to configure domains
    - s390: vfio-ap: sysfs interfaces to configure control domains
    - s390: vfio-ap: sysfs interface to view matrix mdev matrix
    - KVM: s390: interface to clear CRYCB masks
    - s390: vfio-ap: implement mediated device open callback
    - s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
    - s390: vfio-ap: zeroize the AP queues
    - s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
    - KVM: s390: Clear Crypto Control Block when using vSIE
    - KVM: s390: vsie: Do the CRYCB validation first
    - KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
    - KVM: s390: vsie: Allow CRYCB FORMAT-2
    - KVM: s390: vsie: allow CRYCB FORMAT-1
    - KVM: s390: vsie: allow CRYCB FORMAT-0
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
    - KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
    - KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
    - KVM: s390: device attrs to enable/disable AP interpretation
    - KVM: s390: CPU model support for AP virtualization
    - s390: doc: detailed specifications for AP virtualization
    - KVM: s390: fix locking for crypto setting error path
    - KVM: s390: Tracing APCB changes
    - s390: vfio-ap: setup APCB mask using KVM dedicated function
    - [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.

  * Bypass of mount visibility through userns + mount propagation (LP: #1789161)
    - mount: Retest MNT_LOCKED in do_umount
    - mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts

  * CVE-2018-18955: nested user namespaces with more than five extents
    incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
    - userns: also map extents in the reverse map to kernel IDs

  * kdump fail due to an IRQ storm (LP: #1797990)
    - SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
    - SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
    - SAUCE: x86/quirks: Scan all busses for early PCI quirks

  * crash in ENA driver on removing an interface (LP: #1802341)
    - SAUCE: net: ena: fix crash during ena_remove()

  * Ubuntu 18.04.1 - [s390x] Kernel panic while stressing network bonding
    (LP: #1797367)
    - s390/qeth: reduce hard-coded access to ccw channels
    - s390/qeth: sanitize strings in debug messages

  * Add checksum offload and T...

Changed in linux (Ubuntu Cosmic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers