Zesty update to 4.10.16 stable release

Bug #1691369 reported by Stefan Bader on 2017-05-17
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Zesty
Medium
Stefan Bader

Bug Description

SRU Justification

    Impact:
       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The 4.10.16 upstream stable
       patch set is now available. It should be included in the Ubuntu
       kernel as well.

       git://git.kernel.org/

    TEST CASE: TBD

The following patches from the 4.10.16 stable release shall be applied:
* 9p: fix a potential acl leak
* drm/sti: fix GDP size to support up to UHD resolution
* hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628
* mtd: nand: Add OX820 NAND hardware dependency
* tpm: fix RC value check in tpm2_seal_trusted
* tmp: use pdev for parent device in tpm_chip_alloc
* crypto: caam - fix error path for ctx_dma mapping failure
* crypto: caam - don't dma_map key for hash algorithms
* power: supply: lp8788: prevent out of bounds array access
* cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
* powerpc/perf: Fix perf_get_data_addr() for power9 DD1
* powerpc/perf: Handle sdar_mode for marked event in power9
* powerpc/mm: Fixup wrong LPCR_VRMASD value
* powerpc/powernv: Fix opal_exit tracepoint opcode
* powerpc/mm: Fix build break when CMA=n && SPAPR_TCE_IOMMU=y
* powerpc/ftrace: Fix confusing help text for DISABLE_MPROFILE_KERNEL
* powerpc: Correctly disable latent entropy GCC plugin on prom_init.o
* power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING
* power: supply: bq24190_charger: Call set_mode_host() on pm_resume()
* power: supply: bq24190_charger: Install irq_handler_thread() at end of
  probe()
* power: supply: bq24190_charger: Call power_supply_changed() for relevant
  component
* power: supply: bq24190_charger: Don't read fault register outside
  irq_handle_thread()
* power: supply: bq24190_charger: Handle fault before status on interrupt
* arm64: dts: r8a7795: Mark EthernetAVB device node disabled
* arm: dts: qcom: Fix ipq board clock rates
* arm64: remove wrong CONFIG_PROC_SYSCTL ifdef
* arm64: Improve detection of user/non-user mappings in set_pte(_at)
* spi: armada-3700: Remove spi_master_put in a3700_spi_remove()
* leds: ktd2692: avoid harmless maybe-uninitialized warning
* ARM: pxa: ezx: fix a910 camera data
* ARM: dts: NSP: GPIO reboot open-source
* ARM: dts: imx6sx-udoo-neo: Fix reboot hang
* ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
* ARM: OMAP3: Fix smartreflex platform data regression
* ARM: dts: am57xx-idk: tpic2810 is on I2C bus, not SPI
* ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
* mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
* mwifiex: remove redundant dma padding in AMSDU
* mwifiex: Avoid skipping WEP key deletion for AP
* mwifiex: don't enable/disable IRQ 0 during suspend/resume
* mwifiex: set adapter->dev before starting to use mwifiex_dbg()
* iwlwifi: mvm: properly check for transport data in dump
* iwlwifi: mvm: don't restart HW if suspend fails with unified image
* iwlwifi: mvm: overwrite skb info later
* iwlwifi: pcie: don't increment / decrement a bool
* iwlwifi: pcie: trans: Remove unused 'shift_param'
* iwlwifi: pcie: fix the set of DMA memory mask
* iwlwifi: mvm: fix reorder timer re-arming
* iwlwifi: mvm: Use aux queue for offchannel frames in dqa
* iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe
* iwlwifi: mvm: fix pending frame counter calculation
* iwlwifi: mvm: fix references to first_agg_queue in DQA mode
* iwlwifi: mvm: synchronize firmware DMA paging memory
* iwlwifi: mvm: writing zero bytes to debugfs causes a crash
* iwlwifi: mvm: fix accessing fw_id_to_mac_id
* x86/ioapic: Restore IO-APIC irq_chip retrigger callback
* x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0
* x86/mpx: Re-add MPX to selftests Makefile
* clk: Make x86/ conditional on CONFIG_COMMON_CLK
* platform/x86: intel_pmc_core: fix out-of-bounds accesses on stack
* kprobes/x86: Fix kernel panic when certain exception-handling addresses
  are probed
* x86/platform/intel-mid: Correct MSI IRQ line for watchdog device
* Revert "KVM: nested VMX: disable perf cpuid reporting"
* KVM: nVMX: initialize PML fields in vmcs02
* KVM: nVMX: do not leak PML full vmexit to L1
* usb: dwc2: host: use msleep() for long delay
* usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy()
  error paths
* usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy()
  error paths
* usb: chipidea: Only read/write OTGSC from one place
* usb: chipidea: Handle extcon events properly
* USB: serial: keyspan_pda: fix receive sanity checks
* USB: serial: digi_acceleport: fix incomplete rx sanity check
* USB: serial: ssu100: fix control-message error handling
* USB: serial: io_edgeport: fix epic-descriptor handling
* USB: serial: ti_usb_3410_5052: fix control-message error handling
* USB: serial: ark3116: fix open error handling
* USB: serial: ftdi_sio: fix latency-timer error handling
* USB: serial: quatech2: fix control-message error handling
* USB: serial: mct_u232: fix modem-status error handling
* USB: serial: ch341: fix modem-status handling
* USB: serial: io_edgeport: fix descriptor error handling
* clk: rockchip: add "," to mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036
* phy: qcom-usb-hs: Add depends on EXTCON
* serial: 8250_omap: Fix probe and remove for PM runtime
* scsi: qedi: Fix possible memory leak in qedi_iscsi_update_conn()
* scsi: qedi: fix build error without DEBUG_FS
* scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
* scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
* scsi: smartpqi: fix time handling
* MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
* brcmfmac: Ensure pointer correctly set if skb data location changes
* brcmfmac: Make skb header writable before use
* staging/lustre/llite: move root_squash from sysfs to debugfs
* staging: wlan-ng: add missing byte order conversion
* staging: emxx_udc: remove incorrect __init annotations
* staging: lustre: ptlrpc: avoid warning on missing return
* ALSA: hda - Fix deadlock of controller device lock at unbinding
* sparc64: fix fault handling in NGbzero.S and GENbzero.S
* tcp: do not underestimate skb->truesize in tcp_trim_head()
* net: adjust skb->truesize in ___pskb_trim()
* net: macb: fix phy interrupt parsing
* geneve: fix incorrect setting of UDP checksum flag
* bpf: enhance verifier to understand stack pointer arithmetic
* bpf, arm64: fix jit branch offset related to ldimm64
* tcp: fix wraparound issue in tcp_lp
* net: ipv6: Do not duplicate DAD on link up
* net: usb: qmi_wwan: add Telit ME910 support
* tcp: do not inherit fastopen_req from parent
* ipv4, ipv6: ensure raw socket message is big enough to hold an IP header
* rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
* ipv6: initialize route null entry in addrconf_init()
* ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
* bnxt_en: allocate enough space for ->ntp_fltr_bmap
* bpf: don't let ldimm64 leak map addresses on unprivileged
* net: mdio-mux: bcm-iproc: call mdiobus_free() in error path
* openvswitch: Set internal device max mtu to ETH_MAX_MTU.
* f2fs: sanity check segment count
* xen: Revert commits da72ff5bfcb0 and 72a9b186292d
* drm/hisilicon/hibmc: Fix wrong pointer passed to PTR_ERR()
* drm: mxsfb: drm_dev_alloc() returns error pointers
* drm/ttm: fix use-after-free races in vm fault handling
* block: get rid of blk_integrity_revalidate()
* Linux 4.10.16

Stefan Bader (smb) on 2017-05-17
tags: added: kernel-stable-tracking-bug
Changed in linux (Ubuntu Zesty):
assignee: nobody → Stefan Bader (smb)
importance: Undecided → Medium
status: New → In Progress
Stefan Bader (smb) on 2017-05-17
description: updated
Stefan Bader (smb) wrote :

The following patches were skipped because they were already applied:

* bug #1667413 POWER9: Improve PMU capabilites
  - powerpc/perf: Avoid FAB_*_MATCH checks for power9
* bug #1645962 [Feature] GLK Intel PT write
  - perf/x86/intel/pt: Add format strings for PTWRITE and power event
    tracing
* bug #1674334 Fix MODULE_FIRMWARE for intel 6030 wireless
  - iwlwifi: fix MODULE_FIRMWARE for 6030
* bug #1675806 POWER9 Radix mode KVM
  - KVM: PPC: Book3S HV: Don't try to signal cpu -1
* bug #1685892 / CVE-2017-7477
  - macsec: dynamically allocate space for sglist

description: updated
Stefan Bader (smb) wrote :

Additionally updated config to drop CONFIG_MTD_NAND_OXNAS and ignore missing oxnas_nand module.

Changed in linux (Ubuntu Zesty):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :
Download full text (19.7 KiB)

This bug was fixed in the package linux - 4.10.0-26.30

---------------
linux (4.10.0-26.30) zesty; urgency=low

  * linux: 4.10.0-26.30 -proposed tracker (LP: #1700528)

  * CVE-2017-1000364
    - Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
    - Revert "mm: do not collapse stack gap into THP"
    - Revert "mm: enlarge stack guard gap"
    - mm: larger stack guard gap, between vmas
    - mm: fix new crash in unmapped_area_topdown()
    - Allow stack to grow up to address space limit

linux (4.10.0-25.29) zesty; urgency=low

  * linux: 4.10.0-25.29 -proposed tracker (LP: #1699028)

  * CVE-2017-1000364
    - SAUCE: mm: Only expand stack if guard area is hit

  * CVE-2017-9074
    - ipv6: Prevent overrun when parsing v6 header options
    - ipv6: Check ip6_find_1stfragopt() return value properly.

  * [Zesty] QDF2400 ARM64 server - NMI watchdog: BUG: soft lockup - CPU#8 stuck
    for 22s! (LP: #1680549)
    - iommu/dma: Stop getting dma_32bit_pfn wrong
    - iommu/dma: Implement PCI allocation optimisation
    - iommu/dma: Convert to address-based allocation
    - iommu/dma: Clean up MSI IOVA allocation
    - iommu/dma: Plumb in the per-CPU IOVA caches
    - iommu/iova: Fix underflow bug in __alloc_and_insert_iova_range

  * Zesty update to 4.10.17 stable release (LP: #1692898)
    - xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: xhci: bInterval quirk for TI TUSB73x0
    - usb: host: xhci: print correct command ring address
    - USB: serial: ftdi_sio: add device ID for Microsemi/Arrow SF2PLUS Dev Kit
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
    - staging: vt6656: use off stack for in buffer USB transfers.
    - staging: vt6656: use off stack for out buffer USB transfers.
    - staging: gdm724x: gdm_mux: fix use-after-free on module unload
    - staging: wilc1000: Fix problem with wrong vif index
    - staging: comedi: jr3_pci: fix possible null pointer dereference
    - staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: gadget: legacy gadgets are optional
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - x86/boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - selftests/x86/ldt_gdt_32: Work around a glibc sigaction() bug
    - x86, pmem: Fix cache flushing for iovec write < 8 bytes
    - um: Fix PTRACE_POKEUSER on x86_64
    - perf/x86: Fix Broadwell-EP DRAM RAPL events
    - KVM: x86: fix user triggerable warning in kvm_apic_accept_events()
    - KVM: arm/arm64: fix races in kvm_psci_vcpu_on
    - arm64: KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - block: fix blk_integrity_register to use templ...

Changed in linux (Ubuntu Zesty):
status: Fix Committed → Fix Released
Changed in linux (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers