Bionic update: upstream stable patchset 2019-11-25

Bug #1853915 reported by Kamal Mostafa on 2019-11-25
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Bionic
Undecided
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2019-11-25

                Ported from the following upstream stable releases:
                        v4.14.155, v4.19.85

       from git://git.kernel.org/

kvm: mmu: Don't read PDPTEs when paging is not enabled
KVM: x86: introduce is_pae_paging
MIPS: BCM63XX: fix switch core reset on BCM6368
scsi: core: Handle drivers which set sg_tablesize to zero
Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs"
ax88172a: fix information leak on short answers
net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
slip: Fix memory leak in slip_open error path
ALSA: usb-audio: Fix missing error check at mixer resolution test
ALSA: usb-audio: not submit urb for stopped endpoint
Input: ff-memless - kill timer in destroy()
Input: synaptics-rmi4 - fix video buffer size
Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
Input: synaptics-rmi4 - clear IRQ enables for F54
Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
IB/hfi1: Ensure full Gen3 speed in a Gen4 system
i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
mmc: sdhci-of-at91: fix quirk2 overwrite
iio: adc: max9611: explicitly cast gain_selectors
tee: optee: take DT status property into account
ath10k: fix kernel panic by moving pci flush after napi_disable
iio: dac: mcp4922: fix error handling in mcp4922_write_raw
arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
rtc: rv8803: fix the rv8803 id in the OF table
remoteproc/davinci: Use %zx for formating size_t
extcon: cht-wc: Return from default case to avoid warnings
cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
ALSA: seq: Do error checks at creating system ports
ath9k: fix tx99 with monitor mode interface
ath10k: limit available channels via DT ieee80211-freq-limit
gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
ASoC: dpcm: Properly initialise hw->rate_max
pinctrl: ingenic: Probe driver at subsys_initcall
MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
liquidio: fix race condition in instruction completion processing
ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
i40e: use correct length for strncpy
i40e: hold the rtnl lock on clearing interrupt scheme
i40e: Prevent deleting MAC address from VF when set by PF
IB/rxe: fixes for rdma read retry
iwlwifi: don't WARN on trying to dump dead firmware
iwlwifi: mvm: avoid sending too many BARs
ARM: dts: pxa: fix the rtc controller
ARM: dts: pxa: fix power i2c base address
rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument
soc: imx: gpc: fix PDN delay
ASoC: rsnd: ssi: Fix issue in dma data address assignment
net: phy: mscc: read 'vsc8531,vddmac' as an u32
net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
ARM: dts: meson8: fix the clock controller register size
ARM: dts: meson8b: fix the clock controller register size
net: lan78xx: Bail out if lan78xx_get_endpoints fails
ASoC: sgtl5000: avoid division by zero if lo_vag is zero
ARM: dts: exynos: Disable pull control for S5M8767 PMIC
ath10k: wmi: disable softirq's while calling ieee80211_rx
IB/ipoib: Ensure that MTU isn't less than minimum permitted
RDMA/core: Rate limit MAD error messages
RDMA/core: Follow correct unregister order between sysfs and cgroup
mips: txx9: fix iounmap related issue
ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files
ARM: dts: omap3-gta04: fixes for tvout / venc
ARM: dts: omap3-gta04: tvout: enable as display1 alias
ARM: dts: omap3-gta04: fix touchscreen tsc2007
ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
ARM: dts: omap3-gta04: keep vpll2 always on
sched/debug: Use symbolic names for task state constants
arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
dmaengine: dma-jz4780: Further residue status fix
EDAC, sb_edac: Return early on ADDRV bit and address type test
rtc: mt6397: fix possible race condition
rtc: pl030: fix possible race condition
ath9k: add back support for using active monitor interfaces for tx99
IB/hfi1: Missing return value in error path for user sdma
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
signal: Properly deliver SIGILL from uprobes
signal: Properly deliver SIGSEGV from x86 uprobes
f2fs: fix memory leak of percpu counter in fill_super()
scsi: qla2xxx: Fix iIDMA error
scsi: qla2xxx: Defer chip reset until target mode is enabled
scsi: qla2xxx: Fix dropped srb resource.
scsi: lpfc: Fix errors in log messages.
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
scsi: pm80xx: Corrected dma_unmap_sg() parameter
scsi: pm80xx: Fixed system hang issue during kexec boot
kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
Drivers: hv: vmbus: Fix synic per-cpu context initialization
nvmem: core: return error code instead of NULL from nvmem_device_get
media: dt-bindings: adv748x: Fix decimal unit addresses
media: fix: media: pci: meye: validate offset to avoid arbitrary access
media: dvb: fix compat ioctl translation
arm64: dts: meson: libretech: update board model
ALSA: intel8x0m: Register irq handler after register initializations
pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
llc: avoid blocking in llc_sap_close()
ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
soc: qcom: wcnss_ctrl: Avoid string overflow
ARM: dts: socfpga: Fix I2C bus unit-address error
pinctrl: at91: don't use the same irqchip with multiple gpiochips
cxgb4: Fix endianness issue in t4_fwcache()
blok, bfq: do not plug I/O if all queues are weight-raised
arm64: dts: meson: Fix erroneous SPI bus warnings
power: supply: ab8500_fg: silence uninitialized variable warnings
power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
power: supply: max8998-charger: Fix platform data retrieval
component: fix loop condition to call unbind() if bind() fails
kernfs: Fix range checks in kernfs_get_target_path
ip_gre: fix parsing gre header in ipgre_err
ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
ath9k: Fix a locking bug in ath9k_add_interface()
s390/qeth: invoke softirqs after napi_schedule()
PCI/ACPI: Correct error message for ASPM disabling
serial: uartps: Fix suspend functionality
serial: samsung: Enable baud clock for UART reset procedure in resume
serial: mxs-auart: Fix potential infinite loop
samples/bpf: fix a compilation failure
spi: mediatek: Don't modify spi_transfer when transfer.
ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
net: hns3: fix return type of ndo_start_xmit function
powerpc/iommu: Avoid derefence before pointer check
powerpc/64s/hash: Fix stab_rr off by one initialization
powerpc/pseries: Disable CPU hotplug across migrations
powerpc: Fix duplicate const clang warning in user access code
RDMA/i40iw: Fix incorrect iterator type
libfdt: Ensure INT_MAX is defined in libfdt_env.h
power: supply: twl4030_charger: fix charging current out-of-bounds
power: supply: twl4030_charger: disable eoc interrupt on linear charge
net: toshiba: fix return type of ndo_start_xmit function
net: xilinx: fix return type of ndo_start_xmit function
net: broadcom: fix return type of ndo_start_xmit function
net: amd: fix return type of ndo_start_xmit function
net: sun: fix return type of ndo_start_xmit function
nfp: provide a better warning when ring allocation fails
usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started
usb: chipidea: Fix otg event handler
mlxsw: spectrum: Init shaper for TCs 8..15
ARM: dts: am335x-evm: fix number of cpsw
f2fs: fix to recover inode's uid/gid during POR
ARM: dts: ux500: Correct SCU unit address
ARM: dts: ux500: Fix LCDA clock line muxing
ARM: dts: ste: Fix SPI controller node names
spi: pic32: Use proper enum in dmaengine_prep_slave_rg
cpufeature: avoid warning when compiling with clang
crypto: arm/crc32 - avoid warning when compiling with Clang
ARM: dts: marvell: Fix SPI and I2C bus warnings
x86/mce-inject: Reset injection struct after injection
ARM: dts: clearfog: fix sdhci supply property name
bnx2x: Ignore bandwidth attention in single function mode
samples/bpf: fix compilation failure
net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
net: micrel: fix return type of ndo_start_xmit function
net: freescale: fix return type of ndo_start_xmit function
x86/CPU: Use correct macros for Cyrix calls
x86/CPU: Change query logic so CPUID is enabled before testing
MIPS: kexec: Relax memory restriction
arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
media: au0828: Fix incorrect error messages
media: davinci: Fix implicit enum conversion warning
ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
usb: gadget: uvc: configfs: Drop leaked references to config items
usb: gadget: uvc: configfs: Prevent format changes after linking header
i2c: aspeed: fix invalid clock parameters for very large divisors
phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
phy: phy-twl4030-usb: fix denied runtime access
usb: gadget: uvc: Factor out video USB request queueing
usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
coresight: Fix handling of sinks
coresight: perf: Fix per cpu path management
coresight: perf: Disable trace path upon source error
coresight: etm4x: Configure EL2 exception level when kernel is running in HYP
coresight: tmc: Fix byte-address alignment for RRP
misc: kgdbts: Fix restrict error
misc: genwqe: should return proper error value.
vfio/pci: Fix potential memory leak in vfio_msi_cap_len
vfio/pci: Mask buggy SR-IOV VF INTx support
scsi: libsas: always unregister the old device if going to discover new
phy: lantiq: Fix compile warning
ARM: dts: tegra30: fix xcvr-setup-use-fuses
ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
ARM: dts: paz00: fix wakeup gpio keycode
net: smsc: fix return type of ndo_start_xmit function
net: faraday: fix return type of ndo_start_xmit function
f2fs: fix to recover inode's project id during POR
f2fs: mark inode dirty explicitly in recover_inode()
EDAC: Raise the maximum number of memory controllers
ARM: dts: realview: Fix SPI controller node names
firmware: dell_rbu: Make payload memory uncachable
Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races
Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
crypto: s5p-sss: Fix Fix argument list alignment
crypto: fix a memory leak in rsa-kcs1pad's encryption mode
iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump
iwlwifi: api: annotate compressed BA notif array sizes
iwlwifi: mvm: Allow TKIP for AP mode
scsi: NCR5380: Clear all unissued commands on host reset
scsi: NCR5380: Have NCR5380_select() return a bool
scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
scsi: NCR5380: Check for invalid reselection target
scsi: NCR5380: Don't clear busy flag when abort fails
scsi: NCR5380: Don't call dsprintk() following reselection interrupt
scsi: NCR5380: Handle BUS FREE during reselection
scsi: NCR5380: Check for bus reset
arm64: dts: amd: Fix SPI bus warnings
arm64: dts: lg: Fix SPI controller node names
ARM: dts: lpc32xx: Fix SPI controller node names
rtc: armada38x: fix possible race condition
netfilter: masquerade: don't flush all conntracks if only one address deleted on device
usb: xhci-mtk: fix ISOC error when interval is zero
fuse: use READ_ONCE on congestion_threshold and max_background
IB/iser: Fix possible NULL deref at iser_inv_desc()
net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
slcan: Fix memory leak in error path
ipmr: Fix skb headroom in ipmr_get_route().
IB/hfi1: Use a common pad buffer for 9B and 16B packets
net: ethernet: dwmac-sun8i: Use the correct function in exit path
mm: mempolicy: fix the wrong return value and potential pages leak of mbind
scsi: bfa: use proper time accessor for stats_reset_time
y2038: make do_gettimeofday() and get_seconds() inline
ARM: dts: rcar: Correct SATA device sizes to 2 MiB
ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
i40evf: Validate the number of queues a PF sends
i40evf: set IFF_UNICAST_FLT flag for the VF
i40evf: cancel workqueue sync for adminq when a VF is removed
IB/rxe: avoid back-to-back retries
brcmfmac: fix wrong strnchr usage
mtd: rawnand: fsl_ifc: check result of SRAM initialization
mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
rtnetlink: move type calculation out of loop
udf: Fix crash during mount
sched/debug: Explicitly cast sched_feat() to bool
usb: mtu3: disable vbus rise/fall interrupts of ltssm
dmaengine: at_xdmac: remove a stray bottom half unlock
scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
scsi: qla2xxx: Fix deadlock between ATIO and HW lock
scsi: qla2xxx: Fix port speed display on chip reset
scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
net: aquantia: fix hw_atl_utils_fw_upload_dwords
ALSA: hda: Fix implicit definition of pci_iomap() on SH
net: bcmgenet: Fix speed selection for reverse MII
arm64: dts: broadcom: Fix I2C and SPI bus warnings
ARM: dts: bcm: Fix SPI bus warnings
ARM: dts: aspeed: Fix I2C bus warnings
ARM: dts: sunxi: Fix I2C bus warnings
ARM: dts: sun9i: Fix I2C bus warnings
arm64: fix for bad_mode() handler to always result in panic
netfilter: nf_tables: avoid BUG_ON usage
media: vsp1: Fix YCbCr planar formats pitch calculation
PCI: mediatek: Fix unchecked return value
ARM: dts: xilinx: Fix I2C and SPI bus warnings
ipmi_si_pci: fix NULL device in ipmi_si error message
ipmi_si: fix potential integer overflow on large shift
net: cavium: fix return type of ndo_start_xmit function
net: ibm: fix return type of ndo_start_xmit function
selftests/powerpc: Do not fail with reschedule
usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
s390/zcrypt: enable AP bus scan without a valid default domain
s390/vdso: avoid 64-bit vdso mapping for compat tasks
brcmsmac: allocate ucode with GFP_KERNEL
brcmsmac: Use kvmalloc() for ucode allocations
EDAC: Correct DIMM capacity unit symbol
gpiolib: Fix gpio_direction_* for single direction GPIOs
arm64: dts: fsl: Fix I2C and SPI bus warnings
ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
f2fs: update i_size after DIO completion
RDMA: Fix dependencies for rdma_user_mmap_io
crypto: s5p-sss: Fix race in error handling
iwlwifi: pcie: gen2: build A-MSDU only for GSO
iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
s390/vdso: correct vdso mapping for compat tasks
UBUNTU: upstream stable to v4.14.155, v4.19.85

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (42.4 KiB)

This bug was fixed in the package linux - 4.15.0-74.84

---------------
linux (4.15.0-74.84) bionic; urgency=medium

  * bionic/linux: 4.15.0-74.84 -proposed tracker (LP: #1856749)

  * [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
    - [Packaging] bind hv_kvp_daemon startup to hv_kvp device

  * Unrevert "arm64: Use firmware to detect CPUs that are not affected by
    Spectre-v2" (LP: #1854207)
    - arm64: Get rid of __smccc_workaround_1_hvc_*
    - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2

  * Bionic kernel panic on Cavium ThunderX CN88XX (LP: #1853485)
    - SAUCE: irqchip/gic-v3-its: Add missing return value in
      its_irq_domain_activate()

linux (4.15.0-73.82) bionic; urgency=medium

  * bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)

  * CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

  * CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

  * CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

  * Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template

  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

  * Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues

  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

  * CVE-2019-19083
    - drm/amd/display: memory leak

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remov...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew) on 2020-01-08
Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers