Bionic update: upstream stable patchset 2019-11-25

Bug #1853915 reported by Kamal Mostafa on 2019-11-25
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Kamal Mostafa

Bug Description

SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       upstream stable patchset 2019-11-25

                Ported from the following upstream stable releases:
                        v4.14.155, v4.19.85

       from git://

kvm: mmu: Don't read PDPTEs when paging is not enabled
KVM: x86: introduce is_pae_paging
MIPS: BCM63XX: fix switch core reset on BCM6368
scsi: core: Handle drivers which set sg_tablesize to zero
Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs"
ax88172a: fix information leak on short answers
net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
slip: Fix memory leak in slip_open error path
ALSA: usb-audio: Fix missing error check at mixer resolution test
ALSA: usb-audio: not submit urb for stopped endpoint
Input: ff-memless - kill timer in destroy()
Input: synaptics-rmi4 - fix video buffer size
Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
Input: synaptics-rmi4 - clear IRQ enables for F54
Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
IB/hfi1: Ensure full Gen3 speed in a Gen4 system
i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
mmc: sdhci-of-at91: fix quirk2 overwrite
iio: adc: max9611: explicitly cast gain_selectors
tee: optee: take DT status property into account
ath10k: fix kernel panic by moving pci flush after napi_disable
iio: dac: mcp4922: fix error handling in mcp4922_write_raw
arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
rtc: rv8803: fix the rv8803 id in the OF table
remoteproc/davinci: Use %zx for formating size_t
extcon: cht-wc: Return from default case to avoid warnings
cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
ALSA: seq: Do error checks at creating system ports
ath9k: fix tx99 with monitor mode interface
ath10k: limit available channels via DT ieee80211-freq-limit
gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
ASoC: dpcm: Properly initialise hw->rate_max
pinctrl: ingenic: Probe driver at subsys_initcall
MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
liquidio: fix race condition in instruction completion processing
ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
i40e: use correct length for strncpy
i40e: hold the rtnl lock on clearing interrupt scheme
i40e: Prevent deleting MAC address from VF when set by PF
IB/rxe: fixes for rdma read retry
iwlwifi: don't WARN on trying to dump dead firmware
iwlwifi: mvm: avoid sending too many BARs
ARM: dts: pxa: fix the rtc controller
ARM: dts: pxa: fix power i2c base address
rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument
soc: imx: gpc: fix PDN delay
ASoC: rsnd: ssi: Fix issue in dma data address assignment
net: phy: mscc: read 'vsc8531,vddmac' as an u32
net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
ARM: dts: meson8: fix the clock controller register size
ARM: dts: meson8b: fix the clock controller register size
net: lan78xx: Bail out if lan78xx_get_endpoints fails
ASoC: sgtl5000: avoid division by zero if lo_vag is zero
ARM: dts: exynos: Disable pull control for S5M8767 PMIC
ath10k: wmi: disable softirq's while calling ieee80211_rx
IB/ipoib: Ensure that MTU isn't less than minimum permitted
RDMA/core: Rate limit MAD error messages
RDMA/core: Follow correct unregister order between sysfs and cgroup
mips: txx9: fix iounmap related issue
ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files
ARM: dts: omap3-gta04: fixes for tvout / venc
ARM: dts: omap3-gta04: tvout: enable as display1 alias
ARM: dts: omap3-gta04: fix touchscreen tsc2007
ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
ARM: dts: omap3-gta04: keep vpll2 always on
sched/debug: Use symbolic names for task state constants
arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
dmaengine: dma-jz4780: Further residue status fix
EDAC, sb_edac: Return early on ADDRV bit and address type test
rtc: mt6397: fix possible race condition
rtc: pl030: fix possible race condition
ath9k: add back support for using active monitor interfaces for tx99
IB/hfi1: Missing return value in error path for user sdma
signal: Always ignore SIGKILL and SIGSTOP sent to the global init
signal: Properly deliver SIGILL from uprobes
signal: Properly deliver SIGSEGV from x86 uprobes
f2fs: fix memory leak of percpu counter in fill_super()
scsi: qla2xxx: Fix iIDMA error
scsi: qla2xxx: Defer chip reset until target mode is enabled
scsi: qla2xxx: Fix dropped srb resource.
scsi: lpfc: Fix errors in log messages.
scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
scsi: pm80xx: Corrected dma_unmap_sg() parameter
scsi: pm80xx: Fixed system hang issue during kexec boot
kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
Drivers: hv: vmbus: Fix synic per-cpu context initialization
nvmem: core: return error code instead of NULL from nvmem_device_get
media: dt-bindings: adv748x: Fix decimal unit addresses
media: fix: media: pci: meye: validate offset to avoid arbitrary access
media: dvb: fix compat ioctl translation
arm64: dts: meson: libretech: update board model
ALSA: intel8x0m: Register irq handler after register initializations
pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
llc: avoid blocking in llc_sap_close()
ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
soc: qcom: wcnss_ctrl: Avoid string overflow
ARM: dts: socfpga: Fix I2C bus unit-address error
pinctrl: at91: don't use the same irqchip with multiple gpiochips
cxgb4: Fix endianness issue in t4_fwcache()
blok, bfq: do not plug I/O if all queues are weight-raised
arm64: dts: meson: Fix erroneous SPI bus warnings
power: supply: ab8500_fg: silence uninitialized variable warnings
power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
power: supply: max8998-charger: Fix platform data retrieval
component: fix loop condition to call unbind() if bind() fails
kernfs: Fix range checks in kernfs_get_target_path
ip_gre: fix parsing gre header in ipgre_err
ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
ath9k: Fix a locking bug in ath9k_add_interface()
s390/qeth: invoke softirqs after napi_schedule()
PCI/ACPI: Correct error message for ASPM disabling
serial: uartps: Fix suspend functionality
serial: samsung: Enable baud clock for UART reset procedure in resume
serial: mxs-auart: Fix potential infinite loop
samples/bpf: fix a compilation failure
spi: mediatek: Don't modify spi_transfer when transfer.
ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
net: hns3: fix return type of ndo_start_xmit function
powerpc/iommu: Avoid derefence before pointer check
powerpc/64s/hash: Fix stab_rr off by one initialization
powerpc/pseries: Disable CPU hotplug across migrations
powerpc: Fix duplicate const clang warning in user access code
RDMA/i40iw: Fix incorrect iterator type
libfdt: Ensure INT_MAX is defined in libfdt_env.h
power: supply: twl4030_charger: fix charging current out-of-bounds
power: supply: twl4030_charger: disable eoc interrupt on linear charge
net: toshiba: fix return type of ndo_start_xmit function
net: xilinx: fix return type of ndo_start_xmit function
net: broadcom: fix return type of ndo_start_xmit function
net: amd: fix return type of ndo_start_xmit function
net: sun: fix return type of ndo_start_xmit function
nfp: provide a better warning when ring allocation fails
usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started
usb: chipidea: Fix otg event handler
mlxsw: spectrum: Init shaper for TCs 8..15
ARM: dts: am335x-evm: fix number of cpsw
f2fs: fix to recover inode's uid/gid during POR
ARM: dts: ux500: Correct SCU unit address
ARM: dts: ux500: Fix LCDA clock line muxing
ARM: dts: ste: Fix SPI controller node names
spi: pic32: Use proper enum in dmaengine_prep_slave_rg
cpufeature: avoid warning when compiling with clang
crypto: arm/crc32 - avoid warning when compiling with Clang
ARM: dts: marvell: Fix SPI and I2C bus warnings
x86/mce-inject: Reset injection struct after injection
ARM: dts: clearfog: fix sdhci supply property name
bnx2x: Ignore bandwidth attention in single function mode
samples/bpf: fix compilation failure
net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
net: micrel: fix return type of ndo_start_xmit function
net: freescale: fix return type of ndo_start_xmit function
x86/CPU: Use correct macros for Cyrix calls
x86/CPU: Change query logic so CPUID is enabled before testing
MIPS: kexec: Relax memory restriction
arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
media: au0828: Fix incorrect error messages
media: davinci: Fix implicit enum conversion warning
ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
usb: gadget: uvc: configfs: Drop leaked references to config items
usb: gadget: uvc: configfs: Prevent format changes after linking header
i2c: aspeed: fix invalid clock parameters for very large divisors
phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
phy: phy-twl4030-usb: fix denied runtime access
usb: gadget: uvc: Factor out video USB request queueing
usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
coresight: Fix handling of sinks
coresight: perf: Fix per cpu path management
coresight: perf: Disable trace path upon source error
coresight: etm4x: Configure EL2 exception level when kernel is running in HYP
coresight: tmc: Fix byte-address alignment for RRP
misc: kgdbts: Fix restrict error
misc: genwqe: should return proper error value.
vfio/pci: Fix potential memory leak in vfio_msi_cap_len
vfio/pci: Mask buggy SR-IOV VF INTx support
scsi: libsas: always unregister the old device if going to discover new
phy: lantiq: Fix compile warning
ARM: dts: tegra30: fix xcvr-setup-use-fuses
ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
ARM: dts: paz00: fix wakeup gpio keycode
net: smsc: fix return type of ndo_start_xmit function
net: faraday: fix return type of ndo_start_xmit function
f2fs: fix to recover inode's project id during POR
f2fs: mark inode dirty explicitly in recover_inode()
EDAC: Raise the maximum number of memory controllers
ARM: dts: realview: Fix SPI controller node names
firmware: dell_rbu: Make payload memory uncachable
Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races
Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
crypto: s5p-sss: Fix Fix argument list alignment
crypto: fix a memory leak in rsa-kcs1pad's encryption mode
iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump
iwlwifi: api: annotate compressed BA notif array sizes
iwlwifi: mvm: Allow TKIP for AP mode
scsi: NCR5380: Clear all unissued commands on host reset
scsi: NCR5380: Have NCR5380_select() return a bool
scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
scsi: NCR5380: Check for invalid reselection target
scsi: NCR5380: Don't clear busy flag when abort fails
scsi: NCR5380: Don't call dsprintk() following reselection interrupt
scsi: NCR5380: Handle BUS FREE during reselection
scsi: NCR5380: Check for bus reset
arm64: dts: amd: Fix SPI bus warnings
arm64: dts: lg: Fix SPI controller node names
ARM: dts: lpc32xx: Fix SPI controller node names
rtc: armada38x: fix possible race condition
netfilter: masquerade: don't flush all conntracks if only one address deleted on device
usb: xhci-mtk: fix ISOC error when interval is zero
fuse: use READ_ONCE on congestion_threshold and max_background
IB/iser: Fix possible NULL deref at iser_inv_desc()
net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
memfd: Use radix_tree_deref_slot_protected to avoid the warning.
slcan: Fix memory leak in error path
ipmr: Fix skb headroom in ipmr_get_route().
IB/hfi1: Use a common pad buffer for 9B and 16B packets
net: ethernet: dwmac-sun8i: Use the correct function in exit path
mm: mempolicy: fix the wrong return value and potential pages leak of mbind
scsi: bfa: use proper time accessor for stats_reset_time
y2038: make do_gettimeofday() and get_seconds() inline
ARM: dts: rcar: Correct SATA device sizes to 2 MiB
ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
i40evf: Validate the number of queues a PF sends
i40evf: set IFF_UNICAST_FLT flag for the VF
i40evf: cancel workqueue sync for adminq when a VF is removed
IB/rxe: avoid back-to-back retries
brcmfmac: fix wrong strnchr usage
mtd: rawnand: fsl_ifc: check result of SRAM initialization
mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
rtnetlink: move type calculation out of loop
udf: Fix crash during mount
sched/debug: Explicitly cast sched_feat() to bool
usb: mtu3: disable vbus rise/fall interrupts of ltssm
dmaengine: at_xdmac: remove a stray bottom half unlock
scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
scsi: qla2xxx: Fix deadlock between ATIO and HW lock
scsi: qla2xxx: Fix port speed display on chip reset
scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
net: aquantia: fix hw_atl_utils_fw_upload_dwords
ALSA: hda: Fix implicit definition of pci_iomap() on SH
net: bcmgenet: Fix speed selection for reverse MII
arm64: dts: broadcom: Fix I2C and SPI bus warnings
ARM: dts: bcm: Fix SPI bus warnings
ARM: dts: aspeed: Fix I2C bus warnings
ARM: dts: sunxi: Fix I2C bus warnings
ARM: dts: sun9i: Fix I2C bus warnings
arm64: fix for bad_mode() handler to always result in panic
netfilter: nf_tables: avoid BUG_ON usage
media: vsp1: Fix YCbCr planar formats pitch calculation
PCI: mediatek: Fix unchecked return value
ARM: dts: xilinx: Fix I2C and SPI bus warnings
ipmi_si_pci: fix NULL device in ipmi_si error message
ipmi_si: fix potential integer overflow on large shift
net: cavium: fix return type of ndo_start_xmit function
net: ibm: fix return type of ndo_start_xmit function
selftests/powerpc: Do not fail with reschedule
usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
s390/zcrypt: enable AP bus scan without a valid default domain
s390/vdso: avoid 64-bit vdso mapping for compat tasks
brcmsmac: allocate ucode with GFP_KERNEL
brcmsmac: Use kvmalloc() for ucode allocations
EDAC: Correct DIMM capacity unit symbol
gpiolib: Fix gpio_direction_* for single direction GPIOs
arm64: dts: fsl: Fix I2C and SPI bus warnings
ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
f2fs: update i_size after DIO completion
RDMA: Fix dependencies for rdma_user_mmap_io
crypto: s5p-sss: Fix race in error handling
iwlwifi: pcie: gen2: build A-MSDU only for GSO
iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
s390/vdso: correct vdso mapping for compat tasks
UBUNTU: upstream stable to v4.14.155, v4.19.85

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Bionic):
status: New → In Progress
assignee: nobody → Kamal Mostafa (kamalmostafa)
description: updated
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (42.4 KiB)

This bug was fixed in the package linux - 4.15.0-74.84

linux (4.15.0-74.84) bionic; urgency=medium

  * bionic/linux: 4.15.0-74.84 -proposed tracker (LP: #1856749)

  * [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
    - [Packaging] bind hv_kvp_daemon startup to hv_kvp device

  * Unrevert "arm64: Use firmware to detect CPUs that are not affected by
    Spectre-v2" (LP: #1854207)
    - arm64: Get rid of __smccc_workaround_1_hvc_*
    - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2

  * Bionic kernel panic on Cavium ThunderX CN88XX (LP: #1853485)
    - SAUCE: irqchip/gic-v3-its: Add missing return value in

linux (4.15.0-73.82) bionic; urgency=medium

  * bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)

  * CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

  * CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

  * CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

  * Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template

  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

  * Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues

  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

  * CVE-2019-19083
    - drm/amd/display: memory leak

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remov...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Po-Hsu Lin (cypressyew) on 2020-01-08
Changed in linux (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers