Bug #1920995 “selftests: bpf verifier fails after sanitize_ptr_a...” : Bugs : linux package : Ubuntu

Revision history for this message

Thadeu Lima de Souza Cascardo (cascardo) wrote on 2021-03-23:

#1

Other kernels need to be tested, but may likely fail their tests too.

Changed in linux (Ubuntu):
status:	New → Invalid
Changed in linux (Ubuntu Focal):
importance:	Undecided → High
Changed in linux (Ubuntu Groovy):
importance:	Undecided → High
Changed in linux (Ubuntu Focal):
assignee:	nobody → Thadeu Lima de Souza Cascardo (cascardo)
Changed in linux (Ubuntu Groovy):
assignee:	nobody → Thadeu Lima de Souza Cascardo (cascardo)

Thadeu Lima de Souza Cascardo (cascardo) on 2021-03-23

Changed in linux (Ubuntu Bionic):
importance:	Undecided → High
assignee:	nobody → Thadeu Lima de Souza Cascardo (cascardo)

Thadeu Lima de Souza Cascardo (cascardo) on 2021-03-23

Changed in linux (Ubuntu Focal):
status:	New → In Progress
Changed in linux (Ubuntu Groovy):
status:	New → In Progress
Changed in linux (Ubuntu Bionic):
status:	New → In Progress

Stefan Bader (smb) on 2021-03-24

Changed in linux (Ubuntu Groovy):
status:	In Progress → Fix Committed

Kleber Sacilotto de Souza (kleber-souza) on 2021-03-24

Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed

Tim Gardner (timg-tpi) on 2021-03-24

Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-25:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-26:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:	added: verification-needed-focal
tags:	added: verification-needed-groovy

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-26:

#4

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-04-12:

#5

Download full text (18.2 KiB)

This bug was fixed in the package linux - 5.4.0-71.79

---------------
linux (5.4.0-71.79) focal; urgency=medium

* focal/linux: 5.4.0-71.79 -proposed tracker (LP: #1921040)

  * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
- update dkms package versions

  * Fix missing HDMI/DP audio on NVidia card after S3 (LP: #1918228)
    - ALSA: hda/hdmi: Reduce hda_jack_tbl lookup at unsol event handling
    - ALSA: hda/hdmi: Don't use standard hda_jack for generic HDMI jacks
    - ALSA: hda/hdmi: Move runtime PM resume into hdmi_present_sense_via_verbs()
    - ALSA: hda/hdmi: Move ELD parse and jack reporting into update_eld()

  * Focal update: v5.4.101 upstream stable release (LP: #1918170)
    - HID: make arrays usage and value to be the same
    - USB: quirks: sort quirk entries
    - usb: quirks: add quirk to start video capture on ELMO L-12F document camera
      reliable
    - ntfs: check for valid standard information attribute
    - arm64: tegra: Add power-domain for Tegra210 HDA
    - scripts: use pkg-config to locate libcrypto
    - scripts: set proper OpenSSL include dir also for sign-file
    - mm: unexport follow_pte_pmd
    - mm: simplify follow_pte{,pmd}
    - KVM: do not assume PTE is writable after follow_pfn
    - mm: provide a saner PTE walking API for modules
    - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped()
    - NET: usb: qmi_wwan: Adding support for Cinterion MV31
    - cxgb4: Add new T6 PCI device id 0x6092
    - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.
    - scripts/recordmcount.pl: support big endian for ARCH sh
    - Linux 5.4.101

  * Focal update: v5.4.100 upstream stable release (LP: #1918168)
    - KVM: SEV: fix double locking due to incorrect backport
    - net: qrtr: Fix port ID for control messages
    - net: bridge: Fix a warning when del bridge sysfs
    - Xen/x86: don't bail early from clear_foreign_p2m_mapping()
    - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
    - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
    - Xen/gntdev: correct error checking in gntdev_map_grant_pages()
    - xen/arm: don't ignore return errors from set_phys_to_machine
    - xen-blkback: don't "handle" error by BUG()
    - xen-netback: don't "handle" error by BUG()
    - xen-scsiback: don't "handle" error by BUG()
    - xen-blkback: fix error handling in xen_blkbk_map()
    - media: pwc: Use correct device for DMA
    - btrfs: fix backport of 2175bf57dc952 in 5.4.95
    - Linux 5.4.100

  * Focal update: v5.4.99 upstream stable release (LP: #1918167)
    - gpio: ep93xx: fix BUG_ON port F usage
    - gpio: ep93xx: Fix single irqchip with multi gpiochips
    - tracing: Do not count ftrace events in top level enable output
    - tracing: Check length before giving out the filter buffer
    - arm/xen: Don't probe xenbus as part of an early initcall
    - cgroup: fix psi monitor for root cgroup
    ...

This bug was fixed in the package linux - 5.4.0-71.79

---------------
linux (5.4.0-71.79) focal; urgency=medium

* focal/linux: 5.4.0-71.79 -proposed tracker (LP: #1921040)

* selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
    - update dkms package versions

* Fix missing HDMI/DP audio on NVidia card after S3 (LP: #1918228)
    - ALSA: hda/hdmi: Reduce hda_jack_tbl lookup at unsol event handling
    - ALSA: hda/hdmi: Don't use standard hda_jack for generic HDMI jacks
    - ALSA: hda/hdmi: Move runtime PM resume into hdmi_present_sense_via_verbs()
    - ALSA: hda/hdmi: Move ELD parse and jack reporting into update_eld()

* Focal update: v5.4.101 upstream stable release (LP: #1918170)
    - HID: make arrays usage and value to be the same
    - USB: quirks: sort quirk entries
    - usb: quirks: add quirk to start video capture on ELMO L-12F document camera
      reliable
    - ntfs: check for valid standard information attribute
    - arm64: tegra: Add power-domain for Tegra210 HDA
    - scripts: use pkg-config to locate libcrypto
    - scripts: set proper OpenSSL include dir also for sign-file
    - mm: unexport follow_pte_pmd
    - mm: simplify follow_pte{,pmd}
    - KVM: do not assume PTE is writable after follow_pfn
    - mm: provide a saner PTE walking API for modules
    - KVM: Use kvm_pfn_t for local PFN variable in hva_to_pfn_remapped()
    - NET: usb: qmi_wwan: Adding support for Cinterion MV31
    - cxgb4: Add new T6 PCI device id 0x6092
    - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath.
    - scripts/recordmcount.pl: support big endian for ARCH sh
    - Linux 5.4.101

* Focal update: v5.4.100 upstream stable release (LP: #1918168)
    - KVM: SEV: fix double locking due to incorrect backport
    - net: qrtr: Fix port ID for control messages
    - net: bridge: Fix a warning when del bridge sysfs
    - Xen/x86: don't bail early from clear_foreign_p2m_mapping()
    - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
    - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
    - Xen/gntdev: correct error checking in gntdev_map_grant_pages()
    - xen/arm: don't ignore return errors from set_phys_to_machine
    - xen-blkback: don't "handle" error by BUG()
    - xen-netback: don't "handle" error by BUG()
    - xen-scsiback: don't "handle" error by BUG()
    - xen-blkback: fix error handling in xen_blkbk_map()
    - media: pwc: Use correct device for DMA
    - btrfs: fix backport of 2175bf57dc952 in 5.4.95
    - Linux 5.4.100

* Focal update: v5.4.99 upstream stable release (LP: #1918167)
    - gpio: ep93xx: fix BUG_ON port F usage
    - gpio: ep93xx: Fix single irqchip with multi gpiochips
    - tracing: Do not count ftrace events in top level enable output
    - tracing: Check length before giving out the filter buffer
    - arm/xen: Don't probe xenbus as part of an early initcall
    - cgroup: fix psi monitor for root cgroup
    - arm64: dts: rockchip: Fix PCIe DT properties on rk3399
    - arm64: dts: qcom: sdm845: Reserve LPASS clocks in gcc
    - ARM: OMAP2+: Fix suspcious RCU usage splats for omap_enter_idle_coupled
    - platform/x86: hp-wmi: Disable tablet-mode reporting by default
    - ovl: perform vfs_getxattr() with mounter creds
    - cap: fix conversions on getxattr
    - ovl: skip getxattr of security labels
    - nvme-pci: ignore the subsysem NQN on Phison E16
    - drm/amd/display: Add more Clock Sources to DCN2.1
    - drm/amd/display: Fix dc_sink kref count in emulated_link_detect
    - drm/amd/display: Free atomic state after drm_atomic_commit
    - drm/amd/display: Decrement refcount of dc_sink before reassignment
    - riscv: virt_addr_valid must check the address belongs to linear mapping
    - bfq-iosched: Revert "bfq: Fix computation of shallow depth"
    - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
    - ARM: ensure the signal page contains defined contents
    - ARM: kexec: fix oops after TLB are invalidated
    - vmlinux.lds.h: Create section for protection against instrumentation
    - lkdtm: don't move ctors to .rodata
    - mt76: dma: fix a possible memory leak in mt76_add_fragment()
    - drm/vc4: hvs: Fix buffer overflow with the dlist handling
    - bpf: Check for integer overflow when using roundup_pow_of_two()
    - netfilter: xt_recent: Fix attempt to update deleted entry
    - netfilter: nftables: fix possible UAF over chains from packet path in netns
    - netfilter: flowtable: fix tcp and udp header checksum update
    - xen/netback: avoid race in xenvif_rx_ring_slots_available()
    - net: enetc: initialize the RFS and RSS memories
    - selftests: txtimestamp: fix compilation issue
    - net: stmmac: set TxQ mode back to DCB after disabling CBS
    - ibmvnic: Clear failover_pending if unable to schedule
    - netfilter: conntrack: skip identical origin tuple in same zone only
    - x86/build: Disable CET instrumentation in the kernel for 32-bit too
    - net: hns3: add a check for queue_id in hclge_reset_vf_queue()
    - firmware_loader: align .builtin_fw to 8
    - drm/sun4i: tcon: set sync polarity for tcon1 channel
    - drm/sun4i: Fix H6 HDMI PHY configuration
    - drm/sun4i: dw-hdmi: Fix max. frequency for H6
    - clk: sunxi-ng: mp: fix parent rate change flag check
    - i2c: stm32f7: fix configuration of the digital filter
    - h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
    - usb: dwc3: ulpi: fix checkpatch warning
    - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
    - rxrpc: Fix clearance of Tx/Rx ring when releasing a call
    - udp: fix skb_copy_and_csum_datagram with odd segment sizes
    - net: dsa: call teardown method on probe failure
    - net: gro: do not keep too many GRO packets in napi->rx_list
    - net: fix iteration for sctp transport seq_files
    - net/vmw_vsock: improve locking in vsock_connect_timeout()
    - net: watchdog: hold device global xmit lock during tx disable
    - vsock/virtio: update credit only if socket is not closed
    - vsock: fix locking in vsock_shutdown()
    - net/rds: restrict iovecs length for RDS_CMSG_RDMA_ARGS
    - net/qrtr: restrict user-controlled length in qrtr_tun_write_iter()
    - ovl: expand warning in ovl_d_real()
    - Linux 5.4.99

* Focal update: v5.4.98 upstream stable release (LP: #1918158)
    - tracing/kprobe: Fix to support kretprobe events on unloaded modules
    - af_key: relax availability checks for skb size calculation
    - regulator: core: avoid regulator_resolve_supply() race condition
    - mac80211: 160MHz with extended NSS BW in CSA
    - ASoC: Intel: Skylake: Zero snd_ctl_elem_value
    - chtls: Fix potential resource leak
    - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
    - ASoC: ak4458: correct reset polarity
    - iwlwifi: mvm: skip power command when unbinding vif during CSA
    - iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
    - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
    - iwlwifi: pcie: fix context info memory leak
    - iwlwifi: mvm: invalidate IDs of internal stations at mvm start
    - iwlwifi: mvm: guard against device removal in reprobe
    - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
    - SUNRPC: Handle 0 length opaque XDR object data properly
    - i2c: mediatek: Move suspend and resume handling to NOIRQ phase
    - blk-cgroup: Use cond_resched() when destroy blkgs
    - regulator: Fix lockdep warning resolving supplies
    - Fix unsynchronized access to sev members through svm_register_enc_region
    - squashfs: add more sanity checks in id lookup
    - squashfs: add more sanity checks in inode lookup
    - squashfs: add more sanity checks in xattr id lookup
    - Linux 5.4.98

* Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
    - [Config] Enforce CONFIG_DRM_BOCHS=m

* powerpc/eeh-basic.sh in kselftest make P8 node stopped working
    (LP: #1916468)
    - selftests/eeh: Skip ahci adapters

* Focal update: v5.4.97 upstream stable release (LP: #1916066)
    - USB: serial: cp210x: add pid/vid for WSDA-200-USB
    - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
    - USB: serial: option: Adding support for Cinterion MV31
    - arm64: dts: qcom: c630: keep both touchpad devices enabled
    - arm64: dts: amlogic: meson-g12: Set FL-adj property value
    - arm64: dts: rockchip: fix vopl iommu irq on px30
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check
    - um: virtio: free vu_dev only with the contained struct device
    - rxrpc: Fix deadlock around release of dst cached on udp tunnel
    - arm64: dts: ls1046a: fix dcfg address range
    - igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr
    - igc: check return value of ret_val in igc_config_fc_after_link_up
    - i40e: Revert "i40e: don't report link up for a VF who hasn't enabled queues"
    - net/mlx5: Fix leak upon failure of rule creation
    - net: lapb: Copy the skb before sending a packet
    - net: mvpp2: TCAM entry enable should be written after SRAM data
    - r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set
    - ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode
    - nvmet-tcp: fix out-of-bounds access when receiving multiple h2cdata PDUs
    - memblock: do not start bottom-up allocations with kernel_end
    - USB: gadget: legacy: fix an error code in eth_bind()
    - USB: usblp: don't call usb_set_interface if there's a single alt
    - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
    - usb: dwc2: Fix endpoint direction check in ep_from_windex
    - usb: dwc3: fix clock issue during resume in OTG mode
    - usb: xhci-mtk: fix unreleased bandwidth data
    - usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints
    - usb: xhci-mtk: break loop when find the endpoint to drop
    - usb: host: xhci-plat: add priv quirk for skip PHY initialization
    - ovl: fix dentry leak in ovl_get_redirect
    - mac80211: fix station rate table updates on assoc
    - fgraph: Initialize tracing_graph_pause at task creation
    - kretprobe: Avoid re-registration of the same kretprobe earlier
    - libnvdimm/dimm: Avoid race between probe and available_slots_show()
    - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
    - xhci: fix bounce buffer usage for non-sg list case
    - cifs: report error instead of invalid when revalidating a dentry fails
    - smb3: Fix out-of-bounds bug in SMB2_negotiate()
    - smb3: fix crediting for compounding when only one request in flight
    - mmc: core: Limit retries when analyse of SDIO tuples fails
    - drm/amd/display: Revert "Fix EDID parsing after resume from suspend"
    - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
    - KVM: SVM: Treat SVM as unsupported when running as an SEV guest
    - KVM: x86: Update emulator context mode if SYSENTER xfers to 64-bit mode
    - ARM: footbridge: fix dc21285 PCI configuration accessors
    - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
    - mm: hugetlb: fix a race between freeing and dissolving the page
    - mm: hugetlb: fix a race between isolating and freeing page
    - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
    - mm, compaction: move high_pfn to the for loop scope
    - mm: thp: fix MADV_REMOVE deadlock on shmem THP
    - x86/build: Disable CET instrumentation in the kernel
    - x86/apic: Add extra serialization for non-serializing MSRs
    - iwlwifi: mvm: don't send RFH_QUEUE_CONFIG_CMD with no queues
    - Input: xpad - sync supported devices with fork on GitHub
    - iommu/vt-d: Do not use flush-queue when caching-mode is on
    - md: Set prev_flush_start and flush_bio in an atomic way
    - neighbour: Prevent a dead entry from updating gc_list
    - net: ip_tunnel: fix mtu calculation
    - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
    - net: sched: replaced invalid qdisc tree flush helper in qdisc_replace
    - usb: host: xhci: mvebu: make USB 3.0 PHY optional for Armada 3720
    - Linux 5.4.97

* Focal update: v5.4.96 upstream stable release (LP: #1916061)
    - net: dsa: bcm_sf2: put device node before return
    - net: switchdev: don't set port_obj_info->handled true when -EOPNOTSUPP
    - ibmvnic: Ensure that CRQ entry read are correctly ordered
    - Revert "Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and
      REQ_NOWAIT""
    - ACPI: thermal: Do not call acpi_thermal_check() directly
    - arm64: Fix kernel address detection of __is_lm_address()
    - arm64: Do not pass tagged addresses to __is_lm_address()
    - tcp: make TCP_USER_TIMEOUT accurate for zero window probes
    - btrfs: backref, only collect file extent items matching backref offset
    - btrfs: backref, don't add refs from shared block when resolving normal
      backref
    - btrfs: backref, only search backref entries from leaves of the same root
    - btrfs: backref, use correct count to resolve normal data refs
    - net_sched: gen_estimator: support large ewma log
    - phy: cpcap-usb: Fix warning for missing regulator_disable
    - platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on
      Estar Beauty HD tablet
    - platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352
    - x86: __always_inline __{rd,wr}msr()
    - scsi: scsi_transport_srp: Don't block target in failfast state
    - scsi: libfc: Avoid invoking response handler twice if ep is already
      completed
    - scsi: fnic: Fix memleak in vnic_dev_init_devcmd2
    - ASoC: SOF: Intel: hda: Resume codec to do jack detection
    - mac80211: fix fast-rx encryption check
    - scsi: ibmvfc: Set default timeout to avoid crash during migration
    - udf: fix the problem that the disc content is not displayed
    - nvme: check the PRINFO bit before deciding the host buffer length
    - selftests/powerpc: Only test lwm/stmw on big endian
    - drm/amd/display: Update dram_clock_change_latency for DCN2.1
    - drm/amd/display: Change function decide_dp_link_settings to avoid infinite
      looping
    - objtool: Don't fail on missing symbol table
    - kthread: Extract KTHREAD_IS_PER_CPU
    - workqueue: Restrict affinity change to rescuer
    - Linux 5.4.96

* Focal update: v5.4.95 upstream stable release (LP: #1916056)
    - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
    - IPv6: reply ICMP error if the first fragment don't include all headers
    - nbd: freeze the queue while we're adding connections
    - ACPI: sysfs: Prefer "compatible" modalias
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
    - ALSA: hda/via: Apply the workaround generically for Clevo machines
    - media: rc: ensure that uevent can be read directly after rc device register
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - s390/vfio-ap: No need to disable IRQ after queue reset
    - PM: hibernate: flush swap writer after marking
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - btrfs: fix possible free space tree corruption with online conversion
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
      intel_arch_events[]
    - KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh()
    - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
    - KVM: x86: get smi pending status correctly
    - KVM: Forbid the use of tagged userspace addresses for memslots
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - arm64: dts: broadcom: Fix USB DMA address translation for Stingray
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices
    - drm/i915: Check for all subplatform bits
    - tee: optee: replace might_sleep with cond_resched
    - xen-blkfront: allow discard-* nodes to be optional
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - netfilter: nft_dynset: add timeout extension to template
    - xfrm: Fix oops in xfrm_replay_advance_bmp
    - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh
    - xfrm: Fix wraparound in xfrm_policy_addr_delta()
    - arm64: dts: ls1028a: fix the offset of the reset register
    - ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
    - firmware: imx: select SOC_BUS to fix firmware build
    - RDMA/cxgb4: Fix the reported max_recv_sge value
    - ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
    - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
    - iwlwifi: pcie: use jiffies for memory read spin time limit
    - iwlwifi: pcie: reschedule in long-running memory reads
    - mac80211: pause TX while changing interface type
    - i40e: acquire VSI pointer only after VF is initialized
    - igc: fix link speed advertising
    - net/mlx5: Fix memory leak on flow table creation error flow
    - net/mlx5e: E-switch, Fix rate calculation for overflow
    - net/mlx5e: Reduce tc unsupported key print level
    - can: dev: prevent potential information leak in can_fill_info()
    - nvme-multipath: Early exit if no path is available
    - selftests: forwarding: Specify interface when invoking mausezahn
    - iommu/vt-d: Gracefully handle DMAR units with no supported address widths
    - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
    - rxrpc: Fix memory leak in rxrpc_lookup_local
    - NFC: fix resource leak when target index is invalid
    - NFC: fix possible resource leak
    - ASoC: topology: Fix memory corruption in soc_tplg_denum_create_values()
    - team: protect features update by RCU to avoid deadlock
    - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
    - Linux 5.4.95

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Wed, 24 Mar 2021 11:25:50 +0100

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-04-12:

#6

Download full text (28.3 KiB)

This bug was fixed in the package linux - 5.8.0-49.55

---------------
linux (5.8.0-49.55) groovy; urgency=medium

* groovy/linux: 5.8.0-49.55 -proposed tracker (LP: #1921053)

  * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
- update dkms package versions

* improper memcg accounting causes NULL pointer derefs (LP: #1918668)
- SAUCE: Revert "mm: memcg/slab: optimize objcg stock draining"

* kernel: Enable CONFIG_BPF_LSM on Ubuntu (LP: #1905975)
- [Config] Enable CONFIG_BPF_LSM

  * Groovy update: upstream stable patchset 2021-03-10 (LP: #1918516)
    - gpio: mvebu: fix pwm .get_state period calculation
    - HID: wacom: Correct NULL dereference on AES pen proximity
    - media: v4l2-subdev.h: BIT() is not available in userspace
    - RDMA/vmw_pvrdma: Fix network_hdr_type reported in WC
    - kernel/io_uring: cancel io_uring before task works
    - io_uring: dont kill fasync under completion_lock
    - objtool: Don't fail on missing symbol table
    - mm/page_alloc: add a missing mm_page_alloc_zone_locked() tracepoint
    - mm: fix a race on nr_swap_pages
    - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
    - iwlwifi: provide gso_type to GSO packets
    - tty: avoid using vfs_iocb_iter_write() for redirected console writes
    - ACPI: sysfs: Prefer "compatible" modalias
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
    - ALSA: hda/via: Apply the workaround generically for Clevo machines
    - parisc: Enable -mlong-calls gcc option by default when !CONFIG_MODULES
    - media: cec: add stm32 driver
    - media: hantro: Fix reset_raw_fmt initialization
    - media: rc: fix timeout handling after switch to microsecond durations
    - media: rc: ite-cir: fix min_timeout calculation
    - media: rc: ensure that uevent can be read directly after rc device register
    - ARM: dts: tbs2910: rename MMC node aliases
    - ARM: dts: ux500: Reserve memory carveouts
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - ASoC: AMD Renoir - refine DMI entries for some Lenovo products
    - drm/i915: Always flush the active worker before returning from the wait
    - drm/i915/gt: Always try to reserve GGTT address 0x0
    - drivers/nouveau/kms/nv50-: Reject format modifiers for cursor planes
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - s390: uv: Fix sysfs max number of VCPUs reporting
    - s390/vfio-ap: No need to disable IRQ after queue reset
    - PM: hibernate: flush swap writer after marking
    - x86/entry: Emit a symbol for register restoring thunk
    - efi/apple-properties: Reinstate support for boolean properties
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
   ...

This bug was fixed in the package linux - 5.8.0-49.55

---------------
linux (5.8.0-49.55) groovy; urgency=medium

* groovy/linux: 5.8.0-49.55 -proposed tracker (LP: #1921053)

* selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
    - update dkms package versions

* improper memcg accounting causes NULL pointer derefs (LP: #1918668)
    - SAUCE: Revert "mm: memcg/slab: optimize objcg stock draining"

* kernel: Enable CONFIG_BPF_LSM on Ubuntu (LP: #1905975)
    - [Config] Enable CONFIG_BPF_LSM

* Groovy update: upstream stable patchset 2021-03-10 (LP: #1918516)
    - gpio: mvebu: fix pwm .get_state period calculation
    - HID: wacom: Correct NULL dereference on AES pen proximity
    - media: v4l2-subdev.h: BIT() is not available in userspace
    - RDMA/vmw_pvrdma: Fix network_hdr_type reported in WC
    - kernel/io_uring: cancel io_uring before task works
    - io_uring: dont kill fasync under completion_lock
    - objtool: Don't fail on missing symbol table
    - mm/page_alloc: add a missing mm_page_alloc_zone_locked() tracepoint
    - mm: fix a race on nr_swap_pages
    - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions
    - iwlwifi: provide gso_type to GSO packets
    - tty: avoid using vfs_iocb_iter_write() for redirected console writes
    - ACPI: sysfs: Prefer "compatible" modalias
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256
    - ALSA: hda/via: Apply the workaround generically for Clevo machines
    - parisc: Enable -mlong-calls gcc option by default when !CONFIG_MODULES
    - media: cec: add stm32 driver
    - media: hantro: Fix reset_raw_fmt initialization
    - media: rc: fix timeout handling after switch to microsecond durations
    - media: rc: ite-cir: fix min_timeout calculation
    - media: rc: ensure that uevent can be read directly after rc device register
    - ARM: dts: tbs2910: rename MMC node aliases
    - ARM: dts: ux500: Reserve memory carveouts
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - ASoC: AMD Renoir - refine DMI entries for some Lenovo products
    - drm/i915: Always flush the active worker before returning from the wait
    - drm/i915/gt: Always try to reserve GGTT address 0x0
    - drivers/nouveau/kms/nv50-: Reject format modifiers for cursor planes
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - s390: uv: Fix sysfs max number of VCPUs reporting
    - s390/vfio-ap: No need to disable IRQ after queue reset
    - PM: hibernate: flush swap writer after marking
    - x86/entry: Emit a symbol for register restoring thunk
    - efi/apple-properties: Reinstate support for boolean properties
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - btrfs: fix possible free space tree corruption with online conversion
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
      intel_arch_events[]
    - KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh()
    - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
    - KVM: x86: get smi pending status correctly
    - KVM: Forbid the use of tagged userspace addresses for memslots
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - arm64: dts: broadcom: Fix USB DMA address translation for Stingray
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - iwlwifi: Fix IWL_SUBDEVICE_NO_160 macro to use the correct bit.
    - drm/i915/gt: Clear CACHE_MODE prior to clearing residuals
    - drm/i915/pmu: Don't grab wakeref when enabling events
    - net/mlx5e: Fix IPSEC stats
    - ARM: dts: imx6qdl-kontron-samx6i: fix pwms for lcd-backlight
    - drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices
    - drm/i915: Check for all subplatform bits
    - drm/i915/selftest: Fix potential memory leak
    - uapi: fix big endian definition of ipv6_rpl_sr_hdr
    - KVM: Documentation: Fix spec for KVM_CAP_ENABLE_CAP_VM
    - tee: optee: replace might_sleep with cond_resched
    - xen-blkfront: allow discard-* nodes to be optional
    - clk: mmp2: fix build without CONFIG_PM
    - clk: qcom: gcc-sm250: Use floor ops for sdcc clks
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - ARM: zImage: atags_to_fdt: Fix node names on added root nodes
    - netfilter: nft_dynset: add timeout extension to template
    - Revert "RDMA/mlx5: Fix devlink deadlock on net namespace deletion"
    - xfrm: Fix oops in xfrm_replay_advance_bmp
    - xfrm: fix disable_xfrm sysctl when used on xfrm interfaces
    - xfrm: Fix wraparound in xfrm_policy_addr_delta()
    - arm64: dts: ls1028a: fix the offset of the reset register
    - ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
    - ARM: dts: imx6qdl-sr-som: fix some cubox-i platforms
    - arm64: dts: imx8mp: Correct the gpio ranges of gpio3
    - firmware: imx: select SOC_BUS to fix firmware build
    - RDMA/cxgb4: Fix the reported max_recv_sge value
    - ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete
    - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
    - pNFS/NFSv4: Update the layout barrier when we schedule a layoutreturn
    - iwlwifi: pcie: set LTR on more devices
    - iwlwifi: pcie: use jiffies for memory read spin time limit
    - iwlwifi: pcie: reschedule in long-running memory reads
    - mac80211: pause TX while changing interface type
    - ice: fix FDir IPv6 flexbyte
    - ice: Implement flow for IPv6 next header (extension header)
    - ice: update dev_addr in ice_set_mac_address even if HW filter exists
    - ice: Don't allow more channels than LAN MSI-X available
    - ice: Fix MSI-X vector fallback logic
    - i40e: acquire VSI pointer only after VF is initialized
    - igc: fix link speed advertising
    - net/mlx5: Fix memory leak on flow table creation error flow
    - net/mlx5e: E-switch, Fix rate calculation for overflow
    - net/mlx5e: free page before return
    - net/mlx5e: Reduce tc unsupported key print level
    - net/mlx5e: Disable hw-tc-offload when MLX5_CLS_ACT config is disabled
    - net/mlx5e: Fix CT rule + encap slow path offload and deletion
    - net/mlx5e: Correctly handle changing the number of queues when the interface
      is down
    - net/mlx5e: Revert parameters on errors when changing trust state without
      reset
    - net/mlx5e: Revert parameters on errors when changing MTU and LRO state
      without reset
    - can: dev: prevent potential information leak in can_fill_info()
    - ACPI/IORT: Do not blindly trust DMA masks from firmware
    - iommu/amd: Use IVHD EFR for early initialization of IOMMU features
    - iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
    - nvme-multipath: Early exit if no path is available
    - selftests: forwarding: Specify interface when invoking mausezahn
    - rxrpc: Fix memory leak in rxrpc_lookup_local
    - NFC: fix resource leak when target index is invalid
    - NFC: fix possible resource leak
    - ASoC: topology: Properly unregister DAI on removal
    - ASoC: topology: Fix memory corruption in soc_tplg_denum_create_values()
    - team: protect features update by RCU to avoid deadlock
    - tcp: make TCP_USER_TIMEOUT accurate for zero window probes
    - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
    - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
    - IPv6: reply ICMP error if the first fragment don't include all headers
    - iommu/vt-d: Gracefully handle DMAR units with no supported address widths

* xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-
    cases (LP: #1909647)
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh

* CVE-2021-3347
    - futex: Remove put_futex_key()
    - futex: Remove needless goto's
    - futex: Replace pointless printk in fixup_owner()
    - futex: Ensure the correct return value from futex_lock_pi()
    - futex: Provide and use pi_state_update_owner()
    - rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
    - futex: Use pi_state_update_owner() in put_pi_state()
    - futex: Simplify fixup_pi_state_owner()
    - futex: Handle faults correctly for PI futexes

* CVE-2021-3348
    - nbd: freeze the queue while we're adding connections

* [Regression] ubuntu_bpf failed to build on Groovy (LP: #1917609)
    - SAUCE: partially revert "bpf: Zero-fill re-used per-cpu map element"

* alsa/hda: the hdmi audio dosn't work on TGL machines (LP: #1917829)
    - ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically

* Groovy update: upstream stable patchset 2021-03-05 (LP: #1917964)
    - mtd: rawnand: gpmi: fix dst bit offset when extracting raw payload
    - i2c: bpmp-tegra: Ignore unknown I2C_M flags
    - platform/x86: i2c-multi-instantiate: Don't create platform device for
      INT3515 ACPI nodes
    - platform/x86: ideapad-laptop: Disable touchpad_switch for ELAN0634
    - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()
    - ALSA: hda/realtek - Limit int mic boost on Acer Aspire E5-575T
    - ALSA: hda/via: Add minimum mute flag
    - dm crypt: fix copy and paste bug in crypt_alloc_req_aead
    - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error
    - btrfs: don't get an EINTR during drop_snapshot for reloc
    - btrfs: do not double free backref nodes on error
    - btrfs: fix lockdep splat in btrfs_recover_relocation
    - btrfs: don't clear ret in btrfs_start_dirty_block_groups
    - btrfs: send: fix invalid clone operations when cloning from the same file
      and root
    - writeback: Drop I_DIRTY_TIME_EXPIRE
    - fs: fix lazytime expiration handling in __writeback_single_inode()
    - pinctrl: ingenic: Fix JZ4760 support
    - mmc: core: don't initialize block size from ext_csd if not present
    - mmc: sdhci-of-dwcmshc: fix rpmb access
    - mmc: sdhci-xenon: fix 1.8v regulator stabilization
    - mmc: sdhci-brcmstb: Fix mmc timeout errors on S5 suspend
    - dm: avoid filesystem lookup in dm_get_dev_t()
    - dm integrity: fix a crash if "recalculate" used without "internal_hash"
    - dm integrity: conditionally disable "recalculate" feature
    - drm/atomic: put state on error path
    - drm/syncobj: Fix use-after-free
    - drm/amdgpu: remove gpu info firmware of green sardine
    - drm/amd/display: DCN2X Find Secondary Pipe properly in MPO + ODM Case
    - drm/i915/gt: Prevent use of engine->wa_ctx after error
    - ASoC: Intel: haswell: Add missing pm_ops
    - ASoC: rt711: mutex between calibration and power state changes
    - SUNRPC: Handle TCP socket sends with kernel_sendpage() again
    - HID: sony: select CONFIG_CRC32
    - dm integrity: select CRYPTO_SKCIPHER
    - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback
    - scsi: qedi: Correct max length of CHAP secret
    - scsi: scsi_debug: Fix memleak in scsi_debug_init()
    - scsi: sd: Suppress spurious errors when WRITE SAME is being disabled
    - riscv: Fix kernel time_init()
    - riscv: Fix sifive serial driver
    - riscv: Enable interrupts during syscalls with M-Mode
    - HID: logitech-dj: add the G602 receiver
    - HID: Ignore battery for Elan touchscreen on ASUS UX550
    - clk: tegra30: Add hda clock default rates to clock driver
    - ALSA: hda/tegra: fix tegra-hda on tegra30 soc
    - arm64: make atomic helpers __always_inline
    - xen: Fix event channel callback via INTX/GSI
    - x86/xen: Add xen_no_vector_callback option to test PCI INTX delivery
    - dts: phy: fix missing mdio device and probe failure of vsc8541-01 device
    - riscv: defconfig: enable gpio support for HiFive Unleashed
    - drm/amdgpu/psp: fix psp gfx ctrl cmds
    - drm/amd/display: disable dcn10 pipe split by default
    - HID: logitech-hidpp: Add product ID for MX Ergo in Bluetooth mode
    - drm/amd/display: Fix to be able to stop crc calculation
    - drm/nouveau/bios: fix issue shadowing expansion ROMs
    - drm/nouveau/privring: ack interrupts the same way as RM
    - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
    - drm/nouveau/mmu: fix vram heap sizing
    - drm/nouveau/kms/nv50-: fix case where notifier buffer is at offset 0
    - io_uring: flush timeouts that should already have expired
    - libperf tests: If a test fails return non-zero
    - libperf tests: Fail when failing to get a tracepoint id
    - RISC-V: Set current memblock limit
    - RISC-V: Fix maximum allowed phsyical memory for RV32
    - pinctrl: aspeed: g6: Fix PWMG0 pinctrl setting
    - pinctrl: mediatek: Fix fallback call path
    - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
    - scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM
    - crypto: omap-sham - Fix link error without crypto-engine
    - powerpc: Use the common INIT_DATA_SECTION macro in vmlinux.lds.S
    - powerpc: Fix alignment bug within the init sections
    - arm64: entry: remove redundant IRQ flag tracing
    - drm/amdkfd: Fix out-of-bounds read in kdf_create_vcrat_image_cpu()
    - i2c: octeon: check correct size of maximum RECV_LEN packet
    - platform/x86: intel-vbtn: Drop HP Stream x360 Convertible PC 11 from allow-
      list
    - platform/x86: hp-wmi: Don't log a warning on HPWMI_RET_UNKNOWN_COMMAND
      errors
    - gpio: sifive: select IRQ_DOMAIN_HIERARCHY rather than depend on it
    - selftests: net: fib_tests: remove duplicate log test
    - can: dev: can_restart: fix use after free bug
    - can: vxcan: vxcan_xmit: fix use after free bug
    - can: peak_usb: fix use after free bugs
    - perf evlist: Fix id index for heterogeneous systems
    - i2c: sprd: depend on COMMON_CLK to fix compile tests
    - iio: common: st_sensors: fix possible infinite loop in st_sensors_irq_thread
    - iio: ad5504: Fix setting power-down state
    - counter:ti-eqep: remove floor
    - cifs: do not fail __smb_send_rqst if non-fatal signals are pending
    - irqchip/mips-cpu: Set IPI domain parent chip
    - x86/fpu: Add kernel_fpu_begin_mask() to selectively initialize state
    - x86/topology: Make __max_die_per_package available unconditionally
    - x86/mmx: Use KFPU_387 for MMX string operations
    - proc_sysctl: fix oops caused by incorrect command parameters
    - mm: memcg/slab: optimize objcg stock draining
    - io_uring: fix SQPOLL IORING_OP_CLOSE cancelation state
    - intel_th: pci: Add Alder Lake-S support
    - intel_th: pci: Add Alder Lake CPU support
    - intel_th: pci: Add Alder Lake-P support
    - stm class: Fix module init return on allocation failure
    - serial: mvebu-uart: fix tx lost characters at power off
    - ehci: fix EHCI host controller initialization sequence
    - USB: ehci: fix an interrupt calltrace error
    - usb: gadget: aspeed: fix stop dma register setting.
    - USB: gadget: dummy-hcd: Fix errors in port-reset handling
    - usb: udc: core: Use lock when write to soft_connect
    - [Config] updateconfigs for USB_BDC_PCI
    - usb: bdc: Make bdc pci driver depend on BROKEN
    - usb: cdns3: imx: fix writing read-only memory issue
    - usb: cdns3: imx: fix can't create core device the second time issue
    - xhci: make sure TRB is fully written before giving it to the controller
    - xhci: tegra: Delay for disabling LFPS detector
    - driver core: Extend device_is_dependent()
    - x86/cpu/amd: Set __max_die_per_package on AMD
    - cls_flower: call nla_ok() before nla_next()
    - netfilter: rpfilter: mask ecn bits before fib lookup
    - sh: dma: fix kconfig dependency for G2_DMA
    - ASoC: SOF: Intel: fix page fault at probe if i915 init fails
    - octeontx2-af: Fix missing check bugs in rvu_cgx.c
    - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext
    - sh_eth: Fix power down vs. is_opened flag ordering
    - cachefiles: Drop superfluous readpages aops NULL check
    - lightnvm: fix memory leak when submit fails
    - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too
    - kasan: fix unaligned address is unhandled in kasan_remove_zero_shadow
    - kasan: fix incorrect arguments passing in kasan_add_zero_shadow
    - tcp: fix TCP socket rehash stats mis-accounting
    - net_sched: gen_estimator: support large ewma log
    - udp: mask TOS bits in udp_v4_early_demux()
    - ipv6: create multicast route with RTPROT_KERNEL
    - net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
    - net_sched: reject silly cell_log in qdisc_get_rtab()
    - ipv6: set multicast flag on the multicast route
    - net: mscc: ocelot: allow offloading of bridge on top of LAG
    - net: Disable NETIF_F_HW_TLS_RX when RXCSUM is disabled
    - net: dsa: b53: fix an off by one in checking "vlan->vid"
    - tcp: do not mess with cloned skbs in tcp_add_backlog()
    - tcp: fix TCP_USER_TIMEOUT with zero window
    - net: core: devlink: use right genl user_ptr when handling port param get/set
    - pinctrl: qcom: Allow SoCs to specify a GPIO function that's not 0
    - pinctrl: qcom: No need to read-modify-write the interrupt status
    - pinctrl: qcom: Properly clear "intr_ack_high" interrupts when unmasking
    - pinctrl: qcom: Don't clear pending interrupts when enabling
    - tty: implement write_iter
    - tty: fix up hung_up_tty_write() conversion
    - drm/i915/hdcp: Get conn while content_type changed
    - seq_file: add seq_read_iter
    - kernfs: implement ->read_iter
    - kernfs: implement ->write_iter
    - kernfs: wire up ->splice_read and ->splice_write
    - fs/pipe: allow sendfile() to pipe again
    - Commit 9bb48c82aced ("tty: implement write_iter") converted the tty layer to
      use write_iter. Fix the redirected_tty_write declaration also in n_tty and
      change the comparisons to use write_iter instead of write. also in n_tty and
      change the comparisons to use write_iter instead of write.

* Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
    - [Config] Enforce CONFIG_DRM_BOCHS=m

* Groovy update: upstream stable patchset 2021-02-25 (LP: #1916960)
    - btrfs: reloc: fix wrong file extent type check to avoid false ENOENT
    - btrfs: prevent NULL pointer dereference in extent_io_tree_panic
    - ALSA: doc: Fix reference to mixart.rst
    - ASoC: AMD Renoir - add DMI entry for Lenovo ThinkPad X395
    - ASoC: dapm: remove widget from dirty list on free
    - x86/hyperv: check cpu mask after interrupt has been disabled
    - drm/amdgpu: add green_sardine device id (v2)
    - drm/amdgpu: fix DRM_INFO flood if display core is not supported (bug 210921)
    - drm/amdgpu: add Green_Sardine APU flag
    - drm/amdgpu: add green_sardine support for gpu_info and ip block setting (v2)
    - drm/amdgpu: add soc15 common ip block support for green_sardine (v3)
    - drm/amdgpu: add new device id for Renior
    - drm/i915/gt: Limit VFE threads based on GT
    - drm/i915/backlight: fix CPU mode backlight takeover on LPT
    - drm/bridge: sii902x: Refactor init code into separate function
    - dt-bindings: display: sii902x: Add supply bindings
    - tracing/kprobes: Do the notrace functions check without kprobes on ftrace
    - ext4: fix bug for rename with RENAME_WHITEOUT
    - cifs: check pointer before freeing
    - cifs: fix interrupted close commands
    - riscv: return -ENOSYS for syscall -1
    - riscv: Fixup CONFIG_GENERIC_TIME_VSYSCALL
    - mips: fix Section mismatch in reference
    - mips: lib: uncached: fix non-standard usage of variable 'sp'
    - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB
    - MIPS: Fix malformed NT_FILE and NT_SIGINFO in 32bit coredumps
    - MIPS: relocatable: fix possible boot hangup with KASLR enabled
    - RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd()
    - ACPI: scan: Harden acpi_device_add() against device ID overflows
    - xen/privcmd: allow fetching resource sizes
    - compiler.h: Raise minimum version of GCC to 5.1 for arm64
    - mm/hugetlb: fix potential missing huge page size info
    - mm/process_vm_access.c: include compat.h
    - dm raid: fix discard limits for raid1
    - dm snapshot: flush merged data before committing metadata
    - dm integrity: fix flush with external metadata device
    - dm integrity: fix the maximum number of arguments
    - dm crypt: use GFP_ATOMIC when allocating crypto requests from softirq
    - stmmac: intel: change all EHL/TGL to auto detect phy addr
    - r8152: Add Lenovo Powered USB-C Travel Hub
    - btrfs: tree-checker: check if chunk item end overflows
    - ext4: don't leak old mountpoint samples
    - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE
    - ARC: build: add uImage.lzma to the top-level target
    - ARC: build: add boot_targets to PHONY
    - ARC: build: move symlink creation to arch/arc/Makefile to avoid race
    - ARM: omap2: pmic-cpcap: fix maximum voltage to be consistent with defaults
      on xt875
    - ath11k: fix crash caused by NULL rx_channel
    - netfilter: ipset: fixes possible oops in mtype_resize
    - btrfs: fix async discard stall
    - btrfs: merge critical sections of discard lock in workfn
    - btrfs: fix transaction leak and crash after RO remount caused by qgroup
      rescan
    - regulator: bd718x7: Add enable times
    - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram
    - habanalabs/gaudi: retry loading TPC f/w on -EINTR
    - habanalabs: register to pci shutdown callback
    - habanalabs: Fix memleak in hl_device_reset
    - hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values
    - lib/raid6: Let $(UNROLL) rules work with macOS userland
    - spi: fix the divide by 0 error when calculating xfer waiting time
    - arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC
    - misdn: dsp: select CONFIG_BITREVERSE
    - net: ethernet: fs_enet: Add missing MODULE_LICENSE
    - nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN
    - nvme: avoid possible double fetch in handling CQE
    - nvmet-rdma: Fix list_del corruption on queue establishment failure
    - drm/amd/display: fix sysfs amdgpu_current_backlight_pwm NULL pointer issue
    - drm/amdgpu: fix a GPU hang issue when remove device
    - drm/amd/pm: fix the failure when change power profile for renoir
    - drm/amdgpu: fix potential memory leak during navi12 deinitialization
    - usb: typec: Fix copy paste error for NVIDIA alt-mode description
    - iommu/vt-d: Fix lockdep splat in sva bind()/unbind()
    - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
    - drm/msm: Call msm_init_vram before binding the gpu
    - ARM: picoxcell: fix missing interrupt-parent properties
    - poll: fix performance regression due to out-of-line __put_user()
    - bpf: Simplify task_file_seq_get_next()
    - bpf: Save correct stopping point in file seq iteration
    - cfg80211: select CONFIG_CRC32
    - iommu/vt-d: Update domain geometry in iommu_ops.at(de)tach_dev
    - net/mlx5: Fix passing zero to 'PTR_ERR'
    - net/mlx5: E-Switch, fix changing vf VLANID
    - mm: don't put pinned pages into the swap cache
    - perf intel-pt: Fix 'CPU too large' error
    - dump_common_audit_data(): fix racy accesses to ->d_name
    - ASoC: meson: axg-tdm-interface: fix loopback
    - ASoC: meson: axg-tdmin: fix axg skew offset
    - ASoC: Intel: fix error code cnl_set_dsp_D0()
    - nvmet-rdma: Fix NULL deref when setting pi_enable and traddr INADDR_ANY
    - nvme: don't intialize hwmon for discovery controllers
    - nvme-tcp: fix possible data corruption with bio merges
    - nvme-tcp: Fix warning with CONFIG_DEBUG_PREEMPT
    - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
    - pNFS: We want return-on-close to complete when evicting the inode
    - pNFS: Mark layout for return if return-on-close was not sent
    - pNFS: Stricter ordering of layoutget and layoutreturn
    - NFS: Adjust fs_context error logging
    - NFS/pNFS: Don't call pnfs_free_bucket_lseg() before removing the request
    - NFS/pNFS: Don't leak DS commits in pnfs_generic_retry_commit()
    - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter
    - NFS: nfs_delegation_find_inode_server must first reference the superblock
    - NFS: nfs_igrab_and_active must first reference the superblock
    - scsi: ufs: Fix possible power drain during system suspend
    - ext4: fix superblock checksum failure when setting password salt
    - RDMA/restrack: Don't treat as an error allocation ID wrapping
    - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp
    - bnxt_en: Improve stats context resource accounting with RDMA driver loaded.
    - RDMA/mlx5: Fix wrong free of blue flame register on error
    - IB/mlx5: Fix error unwinding when set_has_smi_cap fails
    - dm zoned: select CONFIG_CRC32
    - drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is
      no reset-deassert MIPI-sequence
    - drm/i915/icl: Fix initing the DSI DSC power refcount during HW readout
    - drm/i915/gt: Restore clear-residual mitigations for Ivybridge, Baytrail
    - mm, slub: consider rest of partial list if acquire_slab() fails
    - iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
    - net: sunrpc: interpret the return value of kstrtou32 correctly
    - selftests: netfilter: Pass family parameter "-f" to conntrack tool
    - dm: eliminate potential source of excessive kernel log noise
    - ALSA: fireface: Fix integer overflow in transmit_midi_msg()
    - ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
    - netfilter: conntrack: fix reading nf_conntrack_buckets
    - netfilter: nf_nat: Fix memleak in nf_nat_init
    - netfilter: nft_compat: remove flush counter optimization
    - kbuild: enforce -Werror=return-type
    - [Config] updateconfigs for KPROBE_EVENTS_ON_NOTRACE
    - x86/hyperv: Initialize clockevents after LAPIC is initialized
    - bpf: Fix signed_{sub,add32}_overflows type handling
    - nfsd4: readdirplus shouldn't return parent of export
    - bpf: Don't leak memory in bpf getsockopt when optlen == 0
    - bpf: Support PTR_TO_MEM{,_OR_NULL} register spilling
    - bpf: Fix helper bpf_map_peek_elem_proto pointing to wrong callback
    - net: ipa: modem: add missing SET_NETDEV_DEV() for proper sysfs links
    - net: fix use-after-free when UDP GRO with shared fraglist
    - udp: Prevent reuseport_select_sock from reading uninitialized socks
    - netxen_nic: fix MSI/MSI-x interrupts
    - net: ipv6: Validate GSO SKB before finish IPv6 processing
    - tipc: fix NULL deref in tipc_link_xmit()
    - mlxsw: core: Add validation of transceiver temperature thresholds
    - mlxsw: core: Increase critical threshold for ASIC thermal zone
    - net: mvpp2: Remove Pause and Asym_Pause support
    - rndis_host: set proper input size for OID_GEN_PHYSICAL_MEDIUM request
    - esp: avoid unneeded kmap_atomic call
    - net: dcb: Validate netlink message in DCB handler
    - net: dcb: Accept RTM_GETDCB messages carrying set-like DCB commands
    - rxrpc: Call state should be read with READ_ONCE() under some circumstances
    - i40e: fix potential NULL pointer dereferencing
    - net: stmmac: Fixed mtu channged by cache aligned
    - net: sit: unregister_netdevice on newlink's error path
    - net: stmmac: fix taprio schedule configuration
    - net: stmmac: fix taprio configuration when base_time is in the past
    - net: avoid 32 x truesize under-estimation for tiny skbs
    - rxrpc: Fix handling of an unsupported token type in rxrpc_read()
    - net: stmmac: use __napi_schedule() for PREEMPT_RT
    - drm/panel: otm8009a: allow using non-continuous dsi clock
    - mac80211: do not drop tx nulldata packets on encrypted links
    - mac80211: check if atf has been disabled in __ieee80211_schedule_txq
    - net: dsa: unbind all switches from tree when DSA master unbinds
    - cxgb4/chtls: Fix tid stuck due to wrong update of qid
    - spi: fsl: Fix driver breakage when SPI_CS_HIGH is not set in spi->mode
    - spi: cadence: cache reference clock rate during probe
    - usb: ohci: Make distrust_firmware param default to false
    - elfcore: fix building with clang
    - spi: npcm-fiu: simplify the return expression of npcm_fiu_probe()
    - spi: npcm-fiu: Disable clock in probe error path

* CVE-2021-20239
    - net, sctp, filter: remap copy_from_user failure error

-- Stefan Bader <stefan.bader@canonical.com>  Wed, 24 Mar 2021 10:27:36 +0100

Changed in linux (Ubuntu Groovy):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-04-12:

#7

Download full text (11.4 KiB)

This bug was fixed in the package linux - 4.15.0-141.145

---------------
linux (4.15.0-141.145) bionic; urgency=medium

* bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)

* binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
- [Packaging] quiet (nomially) benign errors in BUILD script

  * selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
- update dkms package versions

* CVE-2018-13095
- xfs: More robust inode extent count validation

* i40e PF reset due to incorrect MDD event (LP: #1772675)
- i40e: change behavior on PF in response to MDD event

  * Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
    - ACPI: sysfs: Prefer "compatible" modalias
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
      intel_arch_events[]
    - KVM: x86: get smi pending status correctly
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - xen-blkfront: allow discard-* nodes to be optional
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - netfilter: nft_dynset: add timeout extension to template
    - xfrm: Fix oops in xfrm_replay_advance_bmp
    - RDMA/cxgb4: Fix the reported max_recv_sge value
    - iwlwifi: pcie: use jiffies for memory read spin time limit
    - iwlwifi: pcie: reschedule in long-running memory reads
    - mac80211: pause TX while changing interface type
    - can: dev: prevent potential information leak in can_fill_info()
    - x86/entry/64/compat: Preserve r8-r11 in int $0x80
    - x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80"
    - iommu/vt-d: Gracefully handle DMAR units with no supported address widths
    - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
    - NFC: fix resource leak when target index is invalid
    - NFC: fix possible resource leak
    - team: protect features update by RCU to avoid deadlock
    - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - PM: hibernate: flush swap writer after marking
    - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
    - net/mlx5: Fix memory leak on flow table creation error flow
    - rxrpc: Fix memory leak in rxrpc_lookup_local
    - net: dsa: bcm_sf2: put device node before return
    - ibmvnic: Ensure that CRQ entry read are correctly ordered
    - ACPI: thermal: Do...

This bug was fixed in the package linux - 4.15.0-141.145

---------------
linux (4.15.0-141.145) bionic; urgency=medium

* bionic/linux: 4.15.0-141.145 -proposed tracker (LP: #1919536)

* binary assembly failures with CONFIG_MODVERSIONS present (LP: #1919315)
    - [Packaging] quiet (nomially) benign errors in BUILD script

* selftests: bpf verifier fails after sanitize_ptr_alu fixes (LP: #1920995)
    - bpf: Simplify alu_limit masking for pointer arithmetic
    - bpf: Add sanity check for upper ptr_limit
    - bpf, selftests: Fix up some test_verifier cases for unprivileged

* Packaging resync (LP: #1786013)
    - update dkms package versions

* CVE-2018-13095
    - xfs: More robust inode extent count validation

* i40e PF reset due to incorrect MDD event (LP: #1772675)
    - i40e: change behavior on PF in response to MDD event

* Bionic update: upstream stable patchset 2021-03-09 (LP: #1918330)
    - ACPI: sysfs: Prefer "compatible" modalias
    - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming
    - wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
    - net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
    - drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs
    - drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[]
    - KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
      intel_arch_events[]
    - KVM: x86: get smi pending status correctly
    - xen: Fix XenStore initialisation for XS_LOCAL
    - leds: trigger: fix potential deadlock with libata
    - mt7601u: fix kernel crash unplugging the device
    - mt7601u: fix rx buffer refcounting
    - xen-blkfront: allow discard-* nodes to be optional
    - ARM: imx: build suspend-imx6.S with arm instruction set
    - netfilter: nft_dynset: add timeout extension to template
    - xfrm: Fix oops in xfrm_replay_advance_bmp
    - RDMA/cxgb4: Fix the reported max_recv_sge value
    - iwlwifi: pcie: use jiffies for memory read spin time limit
    - iwlwifi: pcie: reschedule in long-running memory reads
    - mac80211: pause TX while changing interface type
    - can: dev: prevent potential information leak in can_fill_info()
    - x86/entry/64/compat: Preserve r8-r11 in int $0x80
    - x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80"
    - iommu/vt-d: Gracefully handle DMAR units with no supported address widths
    - iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
    - NFC: fix resource leak when target index is invalid
    - NFC: fix possible resource leak
    - team: protect features update by RCU to avoid deadlock
    - tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN
    - kernel: kexec: remove the lock operation of system_transition_mutex
    - PM: hibernate: flush swap writer after marking
    - pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process()
    - net/mlx5: Fix memory leak on flow table creation error flow
    - rxrpc: Fix memory leak in rxrpc_lookup_local
    - net: dsa: bcm_sf2: put device node before return
    - ibmvnic: Ensure that CRQ entry read are correctly ordered
    - ACPI: thermal: Do not call acpi_thermal_check() directly
    - net_sched: gen_estimator: support large ewma log
    - phy: cpcap-usb: Fix warning for missing regulator_disable
    - x86: __always_inline __{rd,wr}msr()
    - scsi: scsi_transport_srp: Don't block target in failfast state
    - scsi: libfc: Avoid invoking response handler twice if ep is already
      completed
    - mac80211: fix fast-rx encryption check
    - scsi: ibmvfc: Set default timeout to avoid crash during migration
    - objtool: Don't fail on missing symbol table
    - kthread: Extract KTHREAD_IS_PER_CPU
    - workqueue: Restrict affinity change to rescuer
    - USB: serial: cp210x: add pid/vid for WSDA-200-USB
    - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
    - USB: serial: option: Adding support for Cinterion MV31
    - arm64: dts: ls1046a: fix dcfg address range
    - net: lapb: Copy the skb before sending a packet
    - elfcore: fix building with clang
    - USB: gadget: legacy: fix an error code in eth_bind()
    - USB: usblp: don't call usb_set_interface if there's a single alt
    - usb: dwc2: Fix endpoint direction check in ep_from_windex
    - ovl: fix dentry leak in ovl_get_redirect
    - mac80211: fix station rate table updates on assoc
    - kretprobe: Avoid re-registration of the same kretprobe earlier
    - xhci: fix bounce buffer usage for non-sg list case
    - cifs: report error instead of invalid when revalidating a dentry fails
    - smb3: Fix out-of-bounds bug in SMB2_negotiate()
    - mmc: core: Limit retries when analyse of SDIO tuples fails
    - nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs
    - ARM: footbridge: fix dc21285 PCI configuration accessors
    - mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
    - mm: hugetlb: fix a race between isolating and freeing page
    - mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
    - mm: thp: fix MADV_REMOVE deadlock on shmem THP
    - x86/build: Disable CET instrumentation in the kernel
    - x86/apic: Add extra serialization for non-serializing MSRs
    - Input: xpad - sync supported devices with fork on GitHub
    - iommu/vt-d: Do not use flush-queue when caching-mode is on
    - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
    - net: mvpp2: TCAM entry enable should be written after SRAM data
    - memblock: do not start bottom-up allocations with kernel_end
    - usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop()
    - genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set
    - KVM: SVM: Treat SVM as unsupported when running as an SEV guest
    - md: Set prev_flush_start and flush_bio in an atomic way
    - net: ip_tunnel: fix mtu calculation
    - block: fix NULL pointer dereference in register_disk
    - remoteproc: qcom_q6v5_mss: Validate modem blob firmware size before load
    - remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load
    - af_key: relax availability checks for skb size calculation
    - pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process()
    - iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
    - iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
    - iwlwifi: mvm: guard against device removal in reprobe
    - SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
    - SUNRPC: Handle 0 length opaque XDR object data properly
    - lib/string: Add strscpy_pad() function
    - include/trace/events/writeback.h: fix -Wstringop-truncation warnings
    - memcg: fix a crash in wb_workfn when a device disappears
    - blk-mq: don't hold q->sysfs_lock in blk_mq_map_swqueue
    - squashfs: add more sanity checks in id lookup
    - squashfs: add more sanity checks in inode lookup
    - squashfs: add more sanity checks in xattr id lookup

* SRU: Add FUA support for XFS (LP: #1917918)
    - block: add blk_queue_fua() helper function
    - xfs: move generic_write_sync calls inwards
    - iomap: iomap_dio_rw() handles all sync writes
    - iomap: Use FUA for pure data O_DSYNC DIO writes

* CVE-2021-3348
    - nbd: freeze the queue while we're adding connections

* Bionic kernel 4.15.0-136 causes dosemu2 (with kvm mode) freezes due to lack
    of KVM patch (LP: #1917138)
    - KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint

* switch LRM to be signed using the Ubuntu Drivers signing key (LP: #1917034)
    - [Packaging] sync dkms-build to updated API

* Bionic update: upstream stable patchset 2021-02-26 (LP: #1917093)
    - i2c: bpmp-tegra: Ignore unknown I2C_M flags
    - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()
    - ALSA: hda/via: Add minimum mute flag
    - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error
    - mmc: sdhci-xenon: fix 1.8v regulator stabilization
    - dm: avoid filesystem lookup in dm_get_dev_t()
    - drm/atomic: put state on error path
    - ASoC: Intel: haswell: Add missing pm_ops
    - scsi: ufs: Correct the LUN used in eh_device_reset_handler() callback
    - xen: Fix event channel callback via INTX/GSI
    - drm/nouveau/bios: fix issue shadowing expansion ROMs
    - drm/nouveau/privring: ack interrupts the same way as RM
    - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
    - i2c: octeon: check correct size of maximum RECV_LEN packet
    - can: dev: can_restart: fix use after free bug
    - can: vxcan: vxcan_xmit: fix use after free bug
    - iio: ad5504: Fix setting power-down state
    - irqchip/mips-cpu: Set IPI domain parent chip
    - intel_th: pci: Add Alder Lake-P support
    - stm class: Fix module init return on allocation failure
    - ehci: fix EHCI host controller initialization sequence
    - USB: ehci: fix an interrupt calltrace error
    - usb: udc: core: Use lock when write to soft_connect
    - usb: bdc: Make bdc pci driver depend on BROKEN
    - [Config] updateconfigs for USB_BDC_PCI
    - xhci: make sure TRB is fully written before giving it to the controller
    - xhci: tegra: Delay for disabling LFPS detector
    - compiler.h: Raise minimum version of GCC to 5.1 for arm64
    - netfilter: rpfilter: mask ecn bits before fib lookup
    - sh: dma: fix kconfig dependency for G2_DMA
    - sh_eth: Fix power down vs. is_opened flag ordering
    - skbuff: back tiny skbs with kmalloc() in __netdev_alloc_skb() too
    - udp: mask TOS bits in udp_v4_early_demux()
    - ipv6: create multicast route with RTPROT_KERNEL
    - net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
    - net: dsa: b53: fix an off by one in checking "vlan->vid"
    - gpio: mvebu: fix pwm .get_state period calculation
    - Revert "mm/slub: fix a memory leak in sysfs_slab_add()"
    - futex: Ensure the correct return value from futex_lock_pi()
    - futex: Replace pointless printk in fixup_owner()
    - futex: Provide and use pi_state_update_owner()
    - rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
    - futex: Use pi_state_update_owner() in put_pi_state()
    - futex: Simplify fixup_pi_state_owner()
    - futex: Handle faults correctly for PI futexes
    - tracing: Fix race in trace_open and buffer resize call
    - fs: move I_DIRTY_INODE to fs.h
    - writeback: Drop I_DIRTY_TIME_EXPIRE
    - fs: fix lazytime expiration handling in __writeback_single_inode()
    - mmc: core: don't initialize block size from ext_csd if not present
    - scsi: qedi: Correct max length of CHAP secret
    - riscv: Fix kernel time_init()
    - HID: Ignore battery for Elan touchscreen on ASUS UX550
    - clk: tegra30: Add hda clock default rates to clock driver
    - drm/nouveau/mmu: fix vram heap sizing
    - scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression
    - can: peak_usb: fix use after free bugs
    - serial: mvebu-uart: fix tx lost characters at power off
    - driver core: Extend device_is_dependent()
    - net_sched: reject silly cell_log in qdisc_get_rtab()
    - tools: Factor HOSTCC, HOSTLD, HOSTAR definitions

* Enforce CONFIG_DRM_BOCHS=m (LP: #1916290)
    - [Config] Enforce CONFIG_DRM_BOCHS=m

* Please trust Canonical Livepatch Service kmod signing key (LP: #1898716)
    - [Config] enable CONFIG_MODVERSIONS=y
    - [Packaging] build canonical-certs.pem from branch/arch certs
    - [Config] add Canonical Livepatch Service key to SYSTEM_TRUSTED_KEYS
    - [Config] add ubuntu-drivers key to SYSTEM_TRUSTED_KEYS

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Wed, 24 Mar 2021 18:47:50 +0100

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Ubuntu
linux package

selftests: bpf verifier fails after sanitize_ptr_alu fixes

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Invalid	Undecided	Unassigned
Bionic	Fix Released	High	Thadeu Lima de Souza Cascardo
Focal	Fix Released	High	Thadeu Lima de Souza Cascardo
Groovy	Fix Released	High	Thadeu Lima de Souza Cascardo

Ubuntulinux package

selftests: bpf verifier fails after sanitize_ptr_alu fixes

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package