Focal update: v5.4.152 upstream stable release

Bug #1950009 reported by Kamal Mostafa
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
Focal
Fix Released
Medium
Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.152 upstream stable release
       from git://git.kernel.org/

net: mdio: introduce a shutdown method to mdio device drivers
xen-netback: correct success/error reporting for the SKB-with-fraglist case
sparc64: fix pci_iounmap() when CONFIG_PCI is not set
ext2: fix sleeping in atomic bugs on error
scsi: sd: Free scsi_disk device via put_device()
usb: testusb: Fix for showing the connection speed
usb: dwc2: check return value after calling platform_get_resource()
selftests: be sure to make khdr before other targets
selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn
scsi: ses: Retry failed Send/Receive Diagnostic commands
tools/vm/page-types: remove dependency on opt_file for idle page tracking
KVM: do not shrink halt_poll_ns below grow_start
kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[]
perf/x86: Reset destroy callback on event init failure
silence nfscache allocation warnings with kvzalloc
libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
Linux 5.4.152
UBUNTU: upstream stable to v5.4.152

CVE References

Changed in linux (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Focal):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status: Confirmed → Invalid
description: updated
Stefan Bader (smb)
Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (19.0 KiB)

This bug was fixed in the package linux - 5.4.0-92.103

---------------
linux (5.4.0-92.103) focal; urgency=medium

  * focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

  * CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

  * Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

  * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

  * Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffe...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.