Xenial update: 4.4.200 upstream stable release

Bug #1852110 reported by Connor Kuehl on 2019-11-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Medium
Connor Kuehl

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

* kbuild: add -fcf-protection=none when using retpoline flags
* regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
* regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized
* ASoc: rockchip: i2s: Fix RPM imbalance
* ARM: dts: logicpd-torpedo-som: Remove twl_keypad
* ARM: mm: fix alignment handler faults under memory pressure
* scsi: sni_53c710: fix compilation error
* scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
* perf kmem: Fix memory leak in compact_gfp_flags()
* scsi: target: core: Do not overwrite CDB byte 1
* of: unittest: fix memory leak in unittest_data_add
* MIPS: bmips: mark exception vectors as char arrays
* cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
* dccp: do not leak jiffies on the wire
* net: fix sk_page_frag() recursion from memory reclaim
* net: hisilicon: Fix ping latency when deal with high throughput
* UBUNTU: SAUCE: Revert "net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()"
* net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
* net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
* vxlan: check tun_info options_len properly
* net/mlx4_core: Dynamically set guaranteed amount of counters per VF
* inet: stop leaking jiffies on the wire
* net/flow_dissector: switch to siphash
* dmaengine: qcom: bam_dma: Fix resource leak
* ARM: 8051/1: put_user: fix possible data corruption in put_user
* ARM: 8478/2: arm/arm64: add arm-smccc
* ARM: 8479/2: add implementation for arm-smccc
* ARM: 8480/2: arm64: add implementation for arm-smccc
* ARM: 8481/2: drivers: psci: replace psci firmware calls
* ARM: uaccess: remove put_user() code duplication
* ARM: Move system register accessors to asm/cp15.h
* arm/arm64: KVM: Advertise SMCCC v1.1
* arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
* firmware/psci: Expose PSCI conduit
* firmware/psci: Expose SMCCC version through psci_ops
* arm/arm64: smccc: Make function identifiers an unsigned quantity
* arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
* arm/arm64: smccc: Add SMCCC-specific return codes
* arm/arm64: smccc-1.1: Make return values unsigned long
* arm/arm64: smccc-1.1: Handle function result as parameters
* ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs
* ARM: bugs: prepare processor bug infrastructure
* ARM: bugs: hook processor bug checking into SMP and suspend paths
* ARM: bugs: add support for per-processor bug checking
* ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre
* ARM: spectre-v2: harden branch predictor on context switches
* ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit
* ARM: spectre-v2: harden user aborts in kernel space
* ARM: spectre-v2: add firmware based hardening
* ARM: spectre-v2: warn about incorrect context switching functions
* ARM: spectre-v1: add speculation barrier (csdb) macros
* ARM: spectre-v1: add array_index_mask_nospec() implementation
* ARM: spectre-v1: fix syscall entry
* ARM: signal: copy registers using __copy_from_user()
* ARM: vfp: use __copy_from_user() when restoring VFP state
* ARM: oabi-compat: copy semops using __copy_from_user()
* ARM: use __inttype() in get_user()
* ARM: spectre-v1: use get_user() for __get_user()
* ARM: spectre-v1: mitigate user accesses
* ARM: 8789/1: signal: copy registers using __copy_to_user()
* ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state
* ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user()
* ARM: 8793/1: signal: replace __put_user_error with __put_user
* ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
* ARM: 8795/1: spectre-v1.1: use put_user() for __put_user()
* ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization
* ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc
* ARM: make lookup_processor_type() non-__init
* ARM: split out processor lookup
* ARM: clean up per-processor check_bugs method call
* ARM: add PROC_VTABLE and PROC_TABLE macros
* ARM: spectre-v2: per-CPU vtables to work around big.Little systems
* ARM: ensure that processor vtables is not lost after boot
* ARM: fix the cockup in the previous patch
* alarmtimer: Change remaining ENOTSUPP to EOPNOTSUPP
* fs/dcache: move security_d_instantiate() behind attaching dentry to inode
* Linux 4.4.200
* UBUNTU: updateconfigs for Linux v4.4.200
* UBUNTU: upstream stable to v4.4.200

       4.4.200 upstream stable release
       from git://git.kernel.org/

CVE References

Connor Kuehl (connork) on 2019-11-11
Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Connor Kuehl (connork)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
Connor Kuehl (connork) wrote :

This patch was replaced with the version from the upstream Linux stable branch:

- net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()

This patch required backporting:

- ARM: 8480/2: arm64: add implementation for arm-smccc
  - I had to manually place the hunk in arch/arm64/Kconfig

description: updated
Connor Kuehl (connork) on 2019-11-11
description: updated
Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (12.8 KiB)

This bug was fixed in the package linux - 4.4.0-170.199

---------------
linux (4.4.0-170.199) xenial; urgency=medium

  * xenial/linux: 4.4.0-170.199 -proposed tracker (LP: #1852306)

  * update ENA driver to version 2.1.0 (LP: #1850175)
    - net: ena: fix: set freed objects to NULL to avoid failing future allocations
    - net: ena: fix swapped parameters when calling
      ena_com_indirect_table_fill_entry
    - net: ena: fix: Free napi resources when ena_up() fails
    - net: ena: fix incorrect test of supported hash function
    - net: ena: fix return value of ena_com_config_llq_info()
    - net: ena: improve latency by disabling adaptive interrupt moderation by
      default
    - net: ena: fix ena_com_fill_hash_function() implementation
    - net: ena: add handling of llq max tx burst size
    - net: ena: ethtool: add extra properties retrieval via get_priv_flags
    - net: ena: replace free_tx/rx_ids union with single free_ids field in
      ena_ring
    - net: ena: arrange ena_probe() function variables in reverse christmas tree
    - net: ena: add newline at the end of pr_err prints
    - net: ena: allow automatic fallback to polling mode
    - net: ena: add support for changing max_header_size in LLQ mode
    - net: ena: optimise calculations for CQ doorbell
    - net: ena: add good checksum counter
    - net: ena: use dev_info_once instead of static variable
    - net: ena: add MAX_QUEUES_EXT get feature admin command
    - net: ena: enable negotiating larger Rx ring size
    - net: ena: make ethtool show correct current and max queue sizes
    - net: ena: allow queue allocation backoff when low on memory
    - net: ena: add ethtool function for changing io queue sizes
    - net: ena: remove inline keyword from functions in *.c
    - net: ena: update driver version from 2.0.3 to 2.1.0
    - net: ena: Fix bug where ring allocation backoff stopped too late
    - Revert "net: ena: ethtool: add extra properties retrieval via
      get_priv_flags"
    - net: ena: don't wake up tx queue when down
    - net: ena: clean up indentation issue

  * Bionic update: upstream stable patchset 2019-08-01 (LP: #1838700) // update
    ENA driver to version 2.1.0 (LP: #1850175)
    - net: ena: gcc 8: fix compilation warning

  * Skip frame when buffer overflow on UVC camera (LP: #1849871)
    - media: uvcvideo: Mark buffer error where overflow

  * CVE-2018-20784
    - sched/fair: Fix infinite loop in update_blocked_averages() by reverting
      a9e7f6544b9c
    - sched/fair: Fix hierarchical order in rq->leaf_cfs_rq_list
    - sched/fair: Add tmp_alone_branch assertion
    - sched/fair: Fix insertion in rq->leaf_cfs_rq_list
    - sched/fair: Optimize update_blocked_averages()
    - sched/fair: Fix O(nr_cgroups) in the load balancing path

  * Xenial update: 4.4.200 upstream stable release (LP: #1852110)
    - kbuild: add -fcf-protection=none when using retpoline flags
    - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
    - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe()
      could be uninitialized
    - ASoc: rockchip: i2s: Fix RPM imbalance
    - ARM: dts: logicpd-torpedo-som: Remove tw...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers