Eoan update: 5.3.7 upstream stable release

Bug #1848750 reported by Connor Kuehl on 2019-10-18
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Eoan
Medium
Connor Kuehl

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

* panic: ensure preemption is disabled during panic()
* UBUNTU: [Config] updateconfigs for USB_RIO500
* USB: rio500: Remove Rio 500 kernel driver
* USB: yurex: Don't retry on unexpected errors
* USB: yurex: fix NULL-derefs on disconnect
* USB: usb-skeleton: fix runtime PM after driver unbind
* USB: usb-skeleton: fix NULL-deref on disconnect
* xhci: Fix false warning message about wrong bounce buffer write length
* xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
* xhci: Check all endpoints for LPM timeout
* xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts
* usb: xhci: wait for CNR controller not ready bit in xhci resume
* xhci: Prevent deadlock when xhci adapter breaks during init
* xhci: Increase STS_SAVE timeout in xhci_suspend()
* xhci: Fix NULL pointer dereference in xhci_clear_tt_buffer_complete()
* USB: adutux: fix use-after-free on disconnect
* USB: adutux: fix NULL-derefs on disconnect
* USB: adutux: fix use-after-free on release
* USB: iowarrior: fix use-after-free on disconnect
* USB: iowarrior: fix use-after-free on release
* USB: iowarrior: fix use-after-free after driver unbind
* USB: usblp: fix runtime PM after driver unbind
* USB: chaoskey: fix use-after-free on release
* USB: ldusb: fix NULL-derefs on driver unbind
* serial: uartlite: fix exit path null pointer
* serial: uartps: Fix uartps_major handling
* USB: serial: keyspan: fix NULL-derefs on open() and write()
* USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
* USB: serial: option: add Telit FN980 compositions
* USB: serial: option: add support for Cinterion CLS8 devices
* USB: serial: fix runtime PM after driver unbind
* USB: usblcd: fix I/O after disconnect
* USB: microtek: fix info-leak at probe
* USB: dummy-hcd: fix power budget for SuperSpeed mode
* usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}()
* usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
* usb: typec: tcpm: usb: typec: tcpm: Fix a signedness bug in tcpm_fw_get_caps()
* usb: typec: ucsi: ccg: Remove run_isr flag
* usb: typec: ucsi: displayport: Fix for the mode entering routine
* USB: legousbtower: fix slab info leak at probe
* USB: legousbtower: fix deadlock on disconnect
* USB: legousbtower: fix potential NULL-deref on disconnect
* USB: legousbtower: fix open after failed reset request
* USB: legousbtower: fix use-after-free on release
* mei: me: add comet point (lake) LP device ids
* mei: avoid FW version request on Ibex Peak and earlier
* gpio: eic: sprd: Fix the incorrect EIC offset when toggling
* staging/fbtft: Depend on OF
* staging: bcm2835-audio: Fix draining behavior regression
* Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
* staging: rtl8188eu: fix HighestRate check in odm_ARFBRefresh_8188E()
* staging: vt6655: Fix memory leak in vt6655_probe
* iio: adc: hx711: fix bug in sampling of data
* iio: adc: ad799x: fix probe error handling
* iio: adc: axp288: Override TS pin bias current for some models
* iio: adc: stm32-adc: move registers definitions
* iio: adc: stm32-adc: fix a race when using several adcs with dma and irq
* iio: light: opt3001: fix mutex unlock race
* iio: light: add missing vcnl4040 of_compatible
* iio: accel: adxl372: Fix/remove limitation for FIFO samples
* iio: accel: adxl372: Fix push to buffers lost samples
* iio: accel: adxl372: Perform a reset at start up
* efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
* perf llvm: Don't access out-of-scope array
* perf inject jit: Fix JIT_CODE_MOVE filename
* drm/i915: Perform GGTT restore much earlier during resume
* selinux: fix context string corruption in convert_context()
* CIFS: Gracefully handle QueryInfo errors during open
* CIFS: Force revalidate inode when dentry is stale
* CIFS: Force reval dentry if LOOKUP_REVAL flag is set
* cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
* kernel/sysctl.c: do not override max_threads provided by userspace
* mm/z3fold.c: claim page in the beginning of free
* mm/page_alloc.c: fix a crash in free_pages_prepare()
* mm/vmpressure.c: fix a signedness bug in vmpressure_register_event()
* IB/core: Fix wrong iterating on ports
* firmware: google: increment VPD key_len properly
* gpio: fix getting nonexclusive gpiods from DT
* gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source
* btrfs: relocation: fix use-after-free on dead relocation roots
* btrfs: allocate new inode in NOFS context
* btrfs: fix balance convert to single on 32-bit host CPUs
* Btrfs: fix memory leak due to concurrent append writes with fiemap
* btrfs: fix incorrect updating of log root tree
* btrfs: fix uninitialized ret in ref-verify
* NFS: Fix O_DIRECT accounting of number of bytes read/written
* MIPS: Disable Loongson MMI instructions for kernel build
* MIPS: elf_hwcap: Export userspace ASEs
* RDMA/vmw_pvrdma: Free SRQ only once
* ACPI/PPTT: Add support for ACPI 6.3 thread flag
* arm64: topology: Use PPTT to determine if PE is a thread
* iio: light: fix vcnl4000 devicetree hooks
* Fix the locking in dcache_readdir() and friends
* drm/i915: Bump skl+ max plane width to 5k for linear/x-tiled
* drm/i915: Whitelist COMMON_SLICE_CHICKEN2
* drm/i915: Mark contents as dirty on a write fault
* drm/msm: Use the correct dma_sync calls harder
* media: stkwebcam: fix runtime PM after driver unbind
* arm64/sve: Fix wrong free for task->thread.sve_state
* tracing/hwlat: Report total time spent in all NMIs during the sample
* tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
* ftrace: Get a reference counter for the trace_array on filter files
* tracing: Get trace_array reference for available_tracers files
* hwmon: Fix HWMON_P_MIN_ALARM mask
* mtd: rawnand: au1550nd: Fix au_read_buf16() prototype
* x86/asm: Fix MWAITX C-state hint value
* io_uring: only flush workqueues on fileset removal
* efi/tpm: Fix sanity check of unsigned tbl_size being less than zero
* Linux 5.3.7
* UBUNTU: [Packaging] remove rtc-bd70528 from modules
* UBUNTU: [Packaging] Remove now un-used modules for amd64

       5.3.7 upstream stable release
       from git://git.kernel.org/

Connor Kuehl (connork) on 2019-10-18
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Changed in linux (Ubuntu Eoan):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Connor Kuehl (connork)
Connor Kuehl (connork) wrote :

The following patches were skipped since they've already been applied as cherry picks:

* efi/tpm: Don't access event->count when it isn't mapped
* efi/tpm: Don't traverse an event log with no events
* efi/tpm: Only set 'efi_tpm_final_log_size' after successful event log parsing
* blk-wbt: fix performance regression in wbt scale_up/scale_down

Connor Kuehl (connork) on 2019-10-21
description: updated
Changed in linux (Ubuntu Eoan):
status: In Progress → Fix Committed

All autopkgtests for the newly accepted linux-gcp-5.3 (5.3.0-1008.9~18.04.1) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

linux-gcp-5.3/unknown (amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#linux-gcp-5.3

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Launchpad Janitor (janitor) wrote :
Download full text (53.1 KiB)

This bug was fixed in the package linux - 5.3.0-22.24

---------------
linux (5.3.0-22.24) eoan; urgency=medium

  * [REGRESSION] md/raid0: cannot assemble multi-zone RAID0 with default_layout
    setting (LP: #1849682)
    - Revert "md/raid0: avoid RAID0 data corruption due to layout confusion."

  * refcount underflow and type confusion in shiftfs (LP: #1850867) // CVE-2019-15793
    - SAUCE: shiftfs: Correct id translation for lower fs operations
    - SAUCE: shiftfs: prevent type confusion
    - SAUCE: shiftfs: Fix refcount underflow in btrfs ioctl handling

  * CVE-2018-12207
    - kvm: x86, powerpc: do not allow clearing largepages debugfs entry
    - SAUCE: KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
      active
    - SAUCE: x86: Add ITLB_MULTIHIT bug infrastructure
    - SAUCE: kvm: mmu: ITLB_MULTIHIT mitigation
    - SAUCE: kvm: Add helper function for creating VM worker threads
    - SAUCE: kvm: x86: mmu: Recovery of shattered NX large pages
    - SAUCE: cpu/speculation: Uninline and export CPU mitigations helpers
    - SAUCE: kvm: x86: mmu: Apply global mitigations knob to ITLB_MULTIHIT

  * CVE-2019-11135
    - x86/msr: Add the IA32_TSX_CTRL MSR
    - x86/cpu: Add a helper function x86_read_arch_cap_msr()
    - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default
    - x86/speculation/taa: Add mitigation for TSX Async Abort
    - x86/speculation/taa: Add sysfs reporting for TSX Async Abort
    - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled
    - x86/tsx: Add "auto" option to the tsx= cmdline parameter
    - x86/speculation/taa: Add documentation for TSX Async Abort
    - x86/tsx: Add config options to set tsx=on|off|auto
    - [Config] Disable TSX by default when possible

  * CVE-2019-0154
    - SAUCE: drm/i915: Lower RM timeout to avoid DSI hard hangs
    - SAUCE: drm/i915/gen8+: Add RC6 CTX corruption WA

  * CVE-2019-0155
    - SAUCE: drm/i915: Rename gen7 cmdparser tables
    - SAUCE: drm/i915: Disable Secure Batches for gen6+
    - SAUCE: drm/i915: Remove Master tables from cmdparser
    - SAUCE: drm/i915: Add support for mandatory cmdparsing
    - SAUCE: drm/i915: Support ro ppgtt mapped cmdparser shadow buffers
    - SAUCE: drm/i915: Allow parsing of unsized batches
    - SAUCE: drm/i915: Add gen9 BCS cmdparsing
    - SAUCE: drm/i915/cmdparser: Use explicit goto for error paths
    - SAUCE: drm/i915/cmdparser: Add support for backward jumps
    - SAUCE: drm/i915/cmdparser: Ignore Length operands during command matching

linux (5.3.0-21.22) eoan; urgency=medium

  * eoan/linux: 5.3.0-21.22 -proposed tracker (LP: #1850486)

  * Fix signing of staging modules in eoan (LP: #1850234)
    - [Packaging] Leave unsigned modules unsigned after adding .gnu_debuglink

linux (5.3.0-20.21) eoan; urgency=medium

  * eoan/linux: 5.3.0-20.21 -proposed tracker (LP: #1849064)

  * eoan: alsa/sof: Enable SOF_HDA link and codec (LP: #1848490)
    - [Config] Enable SOF_HDA link and codec

  * Eoan update: 5.3.7 upstream stable release (LP: #1848750)
    - panic: ensure preemption is disabled during panic()
    - [Config] updateconfigs for USB_RIO500
    - USB: rio500: Remove Rio 500 kernel driver
   ...

Changed in linux (Ubuntu Eoan):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers