Ubuntu
linux package

Groovy update: upstream stable patchset 2021-05-13

Groovy (20.10)
Bug #1928386

Bug #1928386 reported by Kamal Mostafa on 2021-05-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Invalid	Undecided	Unassigned
	Groovy	Fix Released	Medium	Kamal Mostafa

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

upstream stable patchset 2021-05-13

                Ported from the following upstream stable releases:
                        v5.4.112, v5.10.30
                        v5.4.113, v5.10.31

from git://git.kernel.org/

ALSA: aloop: Fix initialization of controls
ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
ASoC: intel: atom: Stop advertising non working S24LE support
nfc: fix refcount leak in llcp_sock_bind()
nfc: fix refcount leak in llcp_sock_connect()
nfc: fix memory leak in llcp_sock_connect()
nfc: Avoid endless loops caused by repeated llcp_sock_connect()
selinux: make nslot handling in avtab more robust
xen/evtchn: Change irq_info lock to raw_spinlock_t
net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
net: dsa: lantiq_gswip: Don't use PHY auto polling
net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
drm/i915: Fix invalid access to ACPI _DSM objects
ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
gcov: re-fix clang-11+ support
ia64: fix user_stack_pointer() for ptrace()
nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
ocfs2: fix deadlock between setattr and dio_end_io_write
fs: direct-io: fix missing sdio->boundary
ethtool: fix incorrect datatype in set_eee ops
of: property: fw_devlink: do not link ".*,nr-gpios"
parisc: parisc-agp requires SBA IOMMU driver
parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
ice: Increase control queue timeout
ice: prevent ice_open and ice_stop during reset
ice: remove DCBNL_DEVRESET bit from PF state
ice: Fix for dereference of NULL pointer
ice: Cleanup fltr list in case of allocation issues
iwlwifi: pcie: properly set LTR workarounds on 22000 devices
net: hso: fix null-ptr-deref during tty device unregistration
libbpf: Fix bail out from 'ringbuf_process_ring()' on error
bpf: Enforce that struct_ops programs be GPL-only
bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
libbpf: Only create rx and tx XDP rings when necessary
bpf, sockmap: Fix sk->prot unhash op reset
net: ensure mac header is set in virtio_net_hdr_to_skb()
i40e: Fix sparse warning: missing error code 'err'
i40e: Fix sparse error: 'vsi->netdev' could be null
i40e: Fix sparse errors in i40e_txrx.c
net: sched: sch_teql: fix null-pointer dereference
net: sched: fix action overwrite reference counting
mac80211: fix TXQ AC confusion
net: hsr: Reset MAC header for Tx path
net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
net: let skb_orphan_partial wake-up waiters.
usbip: add sysfs_lock to synchronize sysfs code paths
usbip: stub-dev synchronize sysfs code paths
usbip: vudc synchronize sysfs code paths
usbip: synchronize event handler with sysfs code paths
driver core: Fix locking bug in deferred_probe_timeout_work_func()
scsi: target: iscsi: Fix zero tag inside a trace event
i2c: turn recovery error on init to debug
ice: Refactor DCB related variables out of the ice_port_info struct
ice: Recognize 860 as iSCSI port in CEE mode
xfrm: interface: fix ipv4 pmtu check to honor ip header df
xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
regulator: bd9571mwv: Fix AVS and DVFS voltage range
ARM: OMAP4: Fix PMIC voltage domains for bionic
ARM: OMAP4: PM: update ROM return address for OSWR and OFF
net: xfrm: Localize sequence counter per network namespace
esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
ASoC: SOF: Intel: HDA: fix core status verification
ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
xfrm: Fix NULL pointer dereference on policy lookup
virtchnl: Fix layout of RSS structures
i40e: Added Asym_Pause to supported link modes
i40e: Fix kernel oops when i40e driver removes VF's
hostfs: fix memory handling in follow_link()
amd-xgbe: Update DMA coherency values
sch_red: fix off-by-one checks in red_check_params()
arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
xfrm: Provide private skb extensions for segmented and hw offloaded ESP packets
can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
gianfar: Handle error code at MAC address change
cxgb4: avoid collecting SGE_QBASE regs during traffic
net:tipc: Fix a double free in tipc_sk_mcast_rcv
ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
net/ncsi: Avoid channel_monitor hrtimer deadlock
net: qrtr: Fix memory leak on qrtr_tx_wait failure
nfp: flower: ignore duplicate merge hints from FW
net: phy: broadcom: Only advertise EEE for supported modes
I2C: JZ4780: Fix bug for Ingenic X1000.
ASoC: sunxi: sun4i-codec: fill ASoC card owner
net/mlx5e: Fix ethtool indication of connector type
net/mlx5: Don't request more than supported EQs
net/rds: Fix a use after free in rds_message_map_pages
xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
soc/fsl: qbman: fix conflicting alignment attributes
i40e: Fix display statistics for veb_tc
RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session files
drm/msm: Set drvdata to NULL when msm_drm_init() fails
net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
mptcp: forbit mcast-related sockopt on MPTCP sockets
scsi: ufs: core: Fix task management request completion timeout
scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
net: macb: restore cmp registers on resume path
clk: fix invalid usage of list cursor in register
clk: fix invalid usage of list cursor in unregister
workqueue: Move the position of debug_work_activate() in __queue_work()
s390/cpcmd: fix inline assembly register clobbering
perf inject: Fix repipe usage
net: openvswitch: conntrack: simplify the return expression of ovs_ct_limit_get_default_limit()
openvswitch: fix send of uninitialized stack memory in ct limit reply
i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
tipc: increment the tmp aead refcnt before attaching it
net: hns3: clear VF down state bit before request link status
net/mlx5: Fix placement of log_max_flow_counter
net/mlx5: Fix PPLM register mapping
net/mlx5: Fix PBMC register mapping
RDMA/cxgb4: check for ipv6 address properly while destroying listener
perf report: Fix wrong LBR block sorting
i40e: Fix parameters in aq_get_phy_register()
RDMA/addr: Be strict with gid size
RAS/CEC: Correct ce_add_elem()'s returned values
clk: socfpga: fix iomem pointer cast on 64-bit
lockdep: Address clang -Wformat warning printing for %hd
dt-bindings: net: ethernet-controller: fix typo in NVMEM
cfg80211: remove WARN_ON() in cfg80211_sme_connect
net: tun: set tun->dev->addr_len during TUNSETLINK processing
drivers: net: fix memory leak in atusb_probe
drivers: net: fix memory leak in peak_usb_create_dev
net: mac802154: Fix general protection fault
net: ieee802154: nl-mac: fix check on panid
net: ieee802154: fix nl802154 del llsec key
net: ieee802154: fix nl802154 del llsec dev
net: ieee802154: fix nl802154 add llsec key
net: ieee802154: fix nl802154 del llsec devkey
net: ieee802154: forbid monitor for set llsec params
net: ieee802154: forbid monitor for del llsec seclevel
net: ieee802154: stop dump llsec params for monitors
UBUNTU: upstream stable to v5.4.112, v5.10.30
interconnect: core: fix error return code of icc_link_destroy()
gfs2: Flag a withdraw if init_threads() fails
KVM: arm64: Hide system instruction access to Trace registers
KVM: arm64: Disable guest access to trace filter controls
drm/imx: imx-ldb: fix out of bounds array access warning
gfs2: report "already frozen/thawed" errors
ftrace: Check if pages were allocated before calling free_pages()
tools/kvm_stat: Add restart delay
drm/tegra: dc: Don't set PLL clock to 0Hz
gpu: host1x: Use different lock classes for each client
block: only update parent bi_status when bio fail
radix tree test suite: Register the main thread with the RCU library
idr test suite: Take RCU read lock in idr_find_test_1
idr test suite: Create anchor before launching throbber
io_uring: don't mark S_ISBLK async work as unbounded
riscv,entry: fix misaligned base for excp_vect_table
block: don't ignore REQ_NOWAIT for direct IO
perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches
net: sfp: relax bitrate-derived mode check
net: sfp: cope with SFPs that set both LOS normal and LOS inverted
xen/events: fix setting irq affinity
perf tools: Use %zd for size_t printf formats on 32-bit
UBUNTU: upstream stable to v5.4.113, v5.10.31

See original description

Tags:

CVE References

Kamal Mostafa (kamalmostafa) on 2021-05-13

Changed in linux (Ubuntu):
status:	New → Confirmed
tags:	added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Groovy):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu):
status:	Confirmed → Invalid

Kamal Mostafa (kamalmostafa) on 2021-05-13

description:

updated

Stefan Bader (smb) on 2021-05-19

Changed in linux (Ubuntu Groovy):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-22:

Download full text (23.2 KiB)

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
- SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
- SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

* Packaging resync (LP: #1786013)
- update dkms package versions

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
- scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

* CVE-2020-26141
- ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
- ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

* CVE-2020-26139
- mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
- mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

* CVE-2020-26147
- mac80211: assure all fragments are encrypted

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

* UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

* UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

* groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

* pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

* groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

* Packaging resync (LP: #1786013)
    - update dkms package versions

* scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

* CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

* CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

* Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

* CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

* CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

* CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

* CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

* CVE-2020-26147
    - mac80211: assure all fragments are encrypted

* raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limits for raid0 and raid10

* [SRU] mpt3sas: only one vSES is handy even IOC has multi vSES (LP: #1926517)
    - scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES

* CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr

* kvm: properly tear down PV features on hibernate (LP: #1920944)
    - x86/kvm: Fix pr_info() for async PF setup/teardown
    - x86/kvm: Teardown PV features on boot CPU as well
    - x86/kvm: Disable kvmclock on all CPUs on shutdown
    - x86/kvm: Disable all PV features on crash
    - x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline()

* CVE-2021-31440
    - bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds

* Can't detect intel wifi 6235 (LP: #1920180)
    - SAUCE: iwlwifi: add new pci id for 6235

* [SRU] Patch for flicker and glitching on common LCD display panels, intel
    framebuffer (LP: #1925685)
    - drm/i915: Try to use fast+narrow link on eDP again and fall back to the old
      max strategy on failure
    - drm/i915/dp: Use slow and wide link training for everything

* pmtu.sh from net in ubuntu_kernel_selftests failed with no error message
    (LP: #1887661)
    - selftests: pmtu.sh: use $ksft_skip for skipped return code

* IR Remote Keys Repeat Many Times Starting with Kernel 5.8.0-49
    (LP: #1926030)
    - SAUCE: Revert "media: rc: ite-cir: fix min_timeout calculation"
    - SAUCE: Revert "media: rc: fix timeout handling after switch to microsecond
      durations"

* Groovy update: upstream stable patchset 2021-05-20 (LP: #1929132)
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
    - dmaengine: idxd: fix delta_rec and crc size field for completion record
    - dmaengine: idxd: fix opcap sysfs attribute output
    - dmaengine: idxd: fix wq size store permission state
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - dmaengine: Fix a double free in dma_async_device_register
    - dmaengine: plx_dma: add a missing put_device() on error path
    - ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade()
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd()
    - xfrm: BEET mode doesn't support fragments for inner packets
    - ASoC: max98373: Added 30ms turn on/off time delay
    - gpu/xen: Fix a use after free in xen_drm_drv_init
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - iwlwifi: add support for Qu with AX201 device
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: forbid monitor for del llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - virt_wifi: Return micros for BSS TSF values
    - lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
    - Input: s6sy761 - fix coordinate read bit shift
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - dm verity fec: fix misaligned RS roots IO
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - vfio/pci: Add missing range check in vfio_pci_mmap
    - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: flowtable: fix NAT IPv6 offload mangling
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - ice: Fix potential infinite loop when using u8 loop counter
    - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
    - netfilter: bridge: add pre_exit hooks for ebtable unregistration
    - netfilter: arp_tables: add pre_exit hook for table unregister
    - net: macb: fix the restore of cmp registers
    - net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net/mlx5e: Fix setting of RS FEC mode
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - net: ip6_tunnel: Unregister catch-all devices
    - mm: ptdump: fix build failure
    - net: Make tcp_allowed_congestion_control readonly in non-init netns
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ia64: remove duplicate entries in generic_defconfig
    - ia64: tools: remove inclusion of ia64-specific version of errno.h header
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
    - ibmvnic: remove duplicate napi_schedule call in open function
    - gro: ensure frag0 meets IP header alignment
    - ARM: OMAP2+: Fix warning for omap_init_time_of()
    - ARM: footbridge: fix PCI interrupt mapping
    - ARM: OMAP2+: Fix uninitialized sr_inst
    - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
    - arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz osc reference
    - bpf: Use correct permission flag for mixed signed bounds arithmetic
    - r8169: tweak max read request size for newer chips also in jumbo mtu mode
    - r8169: don't advertise pause in jumbo mode
    - bpf: Ensure off_reg has no mixed signed bounds for all types
    - bpf: Move off_reg into sanitize_ptr_alu
    - ARM: 9071/1: uprobes: Don't hook on thumb instructions
    - bpf: Rework ptr_limit into alu_limit and add common error path
    - bpf: Improve verifier error messages for users
    - bpf: Move sanitize_val_alu out of op switch
    - net: phy: marvell: fix detection of PHY on Topaz switches
    - vhost-vdpa: protect concurrent access to vhost device iotlb
    - gpio: omap: Save and restore sysconfig
    - KEYS: trusted: Fix TPM reservation for seal/unseal
    - pinctrl: lewisburg: Update number of pins in community
    - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
    - bpf: Permits pointers on stack for helper calls
    - bpf: Refactor and streamline bounds check into helper
    - bpf: Tighten speculative pointer arithmetic mask
    - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
    - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
    - perf auxtrace: Fix potential NULL pointer dereference
    - perf map: Fix error return code in maps__clone()
    - HID: google: add don USB id
    - HID: alps: fix error return code in alps_input_configured()
    - HID: wacom: Assign boolean values to a bool variable
    - ARM: dts: Fix swapped mmc order for omap3
    - net: geneve: check skb is large enough for IPv4/IPv6 header
    - dmaengine: tegra20: Fix runtime PM imbalance on error
    - s390/entry: save the caller of psw_idle
    - arm64: kprobes: Restore local irqflag if kprobes is cancelled
    - xen-netback: Check for hotplug-status existence before watching
    - cavium/liquidio: Fix duplicate argument
    - kasan: fix hwasan build for gcc
    - csky: change a Kconfig symbol name to fix e1000 build error
    - ia64: fix discontig.c section mismatches
    - ia64: tools: remove duplicate definition of ia64_mf() on ia64
    - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
    - net: hso: fix NULL-deref on disconnect regression
    - USB: CDC-ACM: fix poison/unpoison imbalance
    - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd()
    - mei: me: add Alder Lake P device id.
    - bpf: Update selftests to reflect new error states
    - mips: Do not include hi and lo in clobber list for R6
    - netfilter: conntrack: Make global sysctls readonly in non-init netns
    - net: usb: ax88179_178a: initialize local variables before use
    - igb: Enable RSS for Intel I211 Ethernet Controller
    - bpf: Fix masking negation logic upon negative dst register
    - bpf: Fix leakage of uninitialized bpf stack under speculation
    - net: qrtr: Avoid potential use after free in MHI send
    - perf data: Fix error return code in perf_data__create_dir()
    - capabilities: require CAP_SETFCAP to map uid 0
    - perf ftrace: Fix access to pid in array when setting a pid filter
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - ovl: fix leaked dentry
    - ovl: allow upperdir inside lowerdir
    - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX
    - USB: Add reset-resume quirk for WD19's Realtek Hub
    - platform/x86: thinkpad_acpi: Correct thermal sensor allocation
    - perf/core: Fix unconditional security_locked_down() call
    - vfio: Depend on MMU
    - avoid __memcat_p link failure

* r8152 tx status -71 (LP: #1922651) // Groovy update: upstream stable
    patchset 2021-05-20 (LP: #1929132)
    - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet

* Fix kdump failures (LP: #1927518)
    - video: hyperv_fb: Add ratelimit on error message
    - Drivers: hv: vmbus: Increase wait time for VMbus unload
    - Drivers: hv: vmbus: Initialize unload_event statically

* Groovy update: upstream stable patchset 2021-05-13 (LP: #1928386)
    - ALSA: aloop: Fix initialization of controls
    - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
    - ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
    - ASoC: intel: atom: Stop advertising non working S24LE support
    - nfc: fix refcount leak in llcp_sock_bind()
    - nfc: fix refcount leak in llcp_sock_connect()
    - nfc: fix memory leak in llcp_sock_connect()
    - nfc: Avoid endless loops caused by repeated llcp_sock_connect()
    - selinux: make nslot handling in avtab more robust
    - xen/evtchn: Change irq_info lock to raw_spinlock_t
    - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
    - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
    - net: dsa: lantiq_gswip: Don't use PHY auto polling
    - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
    - drm/i915: Fix invalid access to ACPI _DSM objects
    - ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
    - IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
    - LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
    - gcov: re-fix clang-11+ support
    - ia64: fix user_stack_pointer() for ptrace()
    - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
    - ocfs2: fix deadlock between setattr and dio_end_io_write
    - fs: direct-io: fix missing sdio->boundary
    - ethtool: fix incorrect datatype in set_eee ops
    - of: property: fw_devlink: do not link ".*,nr-gpios"
    - parisc: parisc-agp requires SBA IOMMU driver
    - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
    - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
    - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
    - ice: Increase control queue timeout
    - ice: prevent ice_open and ice_stop during reset
    - ice: remove DCBNL_DEVRESET bit from PF state
    - ice: Fix for dereference of NULL pointer
    - ice: Cleanup fltr list in case of allocation issues
    - iwlwifi: pcie: properly set LTR workarounds on 22000 devices
    - net: hso: fix null-ptr-deref during tty device unregistration
    - libbpf: Fix bail out from 'ringbuf_process_ring()' on error
    - bpf: Enforce that struct_ops programs be GPL-only
    - bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET
    - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
    - libbpf: Only create rx and tx XDP rings when necessary
    - bpf, sockmap: Fix sk->prot unhash op reset
    - net: ensure mac header is set in virtio_net_hdr_to_skb()
    - i40e: Fix sparse warning: missing error code 'err'
    - i40e: Fix sparse error: 'vsi->netdev' could be null
    - i40e: Fix sparse errors in i40e_txrx.c
    - net: sched: sch_teql: fix null-pointer dereference
    - net: sched: fix action overwrite reference counting
    - mac80211: fix TXQ AC confusion
    - net: hsr: Reset MAC header for Tx path
    - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
    - net: let skb_orphan_partial wake-up waiters.
    - usbip: add sysfs_lock to synchronize sysfs code paths
    - usbip: stub-dev synchronize sysfs code paths
    - usbip: vudc synchronize sysfs code paths
    - usbip: synchronize event handler with sysfs code paths
    - driver core: Fix locking bug in deferred_probe_timeout_work_func()
    - scsi: target: iscsi: Fix zero tag inside a trace event
    - i2c: turn recovery error on init to debug
    - ice: Refactor DCB related variables out of the ice_port_info struct
    - ice: Recognize 860 as iSCSI port in CEE mode
    - xfrm: interface: fix ipv4 pmtu check to honor ip header df
    - xfrm: Use actual socket sk instead of skb socket for xfrm_output_resume
    - regulator: bd9571mwv: Fix AVS and DVFS voltage range
    - ARM: OMAP4: Fix PMIC voltage domains for bionic
    - ARM: OMAP4: PM: update ROM return address for OSWR and OFF
    - net: xfrm: Localize sequence counter per network namespace
    - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
    - ASoC: SOF: Intel: HDA: fix core status verification
    - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
    - xfrm: Fix NULL pointer dereference on policy lookup
    - virtchnl: Fix layout of RSS structures
    - i40e: Added Asym_Pause to supported link modes
    - i40e: Fix kernel oops when i40e driver removes VF's
    - hostfs: fix memory handling in follow_link()
    - amd-xgbe: Update DMA coherency values
    - sch_red: fix off-by-one checks in red_check_params()
    - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
    - xfrm: Provide private skb extensions for segmented and hw offloaded ESP
      packets
    - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
    - mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
    - ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
    - gianfar: Handle error code at MAC address change
    - cxgb4: avoid collecting SGE_QBASE regs during traffic
    - net:tipc: Fix a double free in tipc_sk_mcast_rcv
    - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
    - net/ncsi: Avoid channel_monitor hrtimer deadlock
    - net: qrtr: Fix memory leak on qrtr_tx_wait failure
    - nfp: flower: ignore duplicate merge hints from FW
    - net: phy: broadcom: Only advertise EEE for supported modes
    - I2C: JZ4780: Fix bug for Ingenic X1000.
    - ASoC: sunxi: sun4i-codec: fill ASoC card owner
    - net/mlx5e: Fix ethtool indication of connector type
    - net/mlx5: Don't request more than supported EQs
    - net/rds: Fix a use after free in rds_message_map_pages
    - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory model
    - soc/fsl: qbman: fix conflicting alignment attributes
    - i40e: Fix display statistics for veb_tc
    - RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
      files
    - drm/msm: Set drvdata to NULL when msm_drm_init() fails
    - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
    - mptcp: forbit mcast-related sockopt on MPTCP sockets
    - scsi: ufs: core: Fix task management request completion timeout
    - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
    - net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
    - net: macb: restore cmp registers on resume path
    - clk: fix invalid usage of list cursor in register
    - clk: fix invalid usage of list cursor in unregister
    - workqueue: Move the position of debug_work_activate() in __queue_work()
    - s390/cpcmd: fix inline assembly register clobbering
    - perf inject: Fix repipe usage
    - net: openvswitch: conntrack: simplify the return expression of
      ovs_ct_limit_get_default_limit()
    - openvswitch: fix send of uninitialized stack memory in ct limit reply
    - i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
    - tipc: increment the tmp aead refcnt before attaching it
    - net: hns3: clear VF down state bit before request link status
    - net/mlx5: Fix placement of log_max_flow_counter
    - net/mlx5: Fix PPLM register mapping
    - net/mlx5: Fix PBMC register mapping
    - RDMA/cxgb4: check for ipv6 address properly while destroying listener
    - perf report: Fix wrong LBR block sorting
    - i40e: Fix parameters in aq_get_phy_register()
    - RDMA/addr: Be strict with gid size
    - RAS/CEC: Correct ce_add_elem()'s returned values
    - clk: socfpga: fix iomem pointer cast on 64-bit
    - lockdep: Address clang -Wformat warning printing for %hd
    - dt-bindings: net: ethernet-controller: fix typo in NVMEM
    - cfg80211: remove WARN_ON() in cfg80211_sme_connect
    - net: tun: set tun->dev->addr_len during TUNSETLINK processing
    - drivers: net: fix memory leak in atusb_probe
    - drivers: net: fix memory leak in peak_usb_create_dev
    - net: mac802154: Fix general protection fault
    - net: ieee802154: nl-mac: fix check on panid
    - net: ieee802154: fix nl802154 del llsec key
    - net: ieee802154: fix nl802154 del llsec dev
    - net: ieee802154: fix nl802154 add llsec key
    - net: ieee802154: fix nl802154 del llsec devkey
    - net: ieee802154: forbid monitor for set llsec params
    - net: ieee802154: forbid monitor for del llsec seclevel
    - net: ieee802154: stop dump llsec params for monitors
    - interconnect: core: fix error return code of icc_link_destroy()
    - gfs2: Flag a withdraw if init_threads() fails
    - KVM: arm64: Hide system instruction access to Trace registers
    - KVM: arm64: Disable guest access to trace filter controls
    - drm/imx: imx-ldb: fix out of bounds array access warning
    - gfs2: report "already frozen/thawed" errors
    - ftrace: Check if pages were allocated before calling free_pages()
    - tools/kvm_stat: Add restart delay
    - drm/tegra: dc: Don't set PLL clock to 0Hz
    - gpu: host1x: Use different lock classes for each client
    - block: only update parent bi_status when bio fail
    - radix tree test suite: Register the main thread with the RCU library
    - idr test suite: Take RCU read lock in idr_find_test_1
    - idr test suite: Create anchor before launching throbber
    - io_uring: don't mark S_ISBLK async work as unbounded
    - riscv,entry: fix misaligned base for excp_vect_table
    - block: don't ignore REQ_NOWAIT for direct IO
    - perf map: Tighten snprintf() string precision to pass gcc check on some
      32-bit arches
    - net: sfp: relax bitrate-derived mode check
    - net: sfp: cope with SFPs that set both LOS normal and LOS inverted
    - xen/events: fix setting irq affinity
    - perf tools: Use %zd for size_t printf formats on 32-bit

-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com>  Wed, 16 Jun 2021 20:11:21 -0300

Changed in linux (Ubuntu Groovy):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package