Ubuntu
linux-aws package

AWS: out of entropy on Graviton 2 instances types (mg6.*)

Bug #1927692 reported by Andrea Righi on 2021-05-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux-aws (Ubuntu)	Fix Released	Undecided	Unassigned
	Focal	Fix Released	Undecided	Andrea Righi

Bug Description

[Impact]

AWS Graviton 2 instances do not have enough entropy available at boot, so any task that require entropy (even reading few bytes from /dev/random) will be stuck forever.

[Fix]

The proper fix for this problem is to correctly refill the entropy pool with some real random data using some hardware-generated randomness.

In the meantime a reasonable workaround can be to apply the following upstream commits:

30c08efec888 random: make /dev/random be almost like /dev/urandom
48446f198f9a random: ignore GRND_RANDOM in getentropy(2)
75551dbf112c random: add GRND_INSECURE to return best-effort non-cryptographic bytes
c6f1deb15878 random: Add a urandom_read_nowait() for random APIs that don't warn
4c8d062186d9 random: Don't wake crng_init_wait when crng_init == 1

In this way the system will not run out of entropy and will be able to provide best-effort randomness in any case, preventing the out of entropy issue on the AWS Gravion 2 instances.

[Test plan]

Execute the following command on any m6g instance:

dd bs=32 count=1 if=/dev/random of=/dev/null

This should return quickly, if not it means that the system does not have enough entropy available. When the problem happens this command hangs forever.

[Where problems could occur]

This changes affect the read semantics of /dev/random to be the same as /dev/urandom except that reads will block until the CRNG is ready. This should not materially break any API. Any code that worked without these changes should work at least as well as before. However, applications that have strict randomness requirements might be affected by the provided best-effort randomness, so we may need to apply more commits/changes to introduce a proper hardware entropy support on Graviton 2 instances to provide a better quality of randomness. In the meantime these upstream changes consist a reasonable workaround to prevent applications from hanging forever on the mg6.* instances.

[Other Info]
SF: #00310204

See original description

Tags:

Andrea Righi (arighi) on 2021-05-07

summary:

- out of entropy on Graviton 2 instances types (mg6.*)
+ AWS: out of entropy on Graviton 2 instances types (mg6.*)

Andrea Righi (arighi) on 2021-05-07

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2021-05-07

Changed in linux-aws (Ubuntu):
status:	New → Fix Released
Changed in linux-aws (Ubuntu Focal):
status:	New → In Progress

Kleber Sacilotto de Souza (kleber-souza) on 2021-05-07

Changed in linux-aws (Ubuntu Focal):
assignee:	nobody → Andrea Righi (arighi)

Tim Gardner (timg-tpi) on 2021-05-07

description:

updated

Tim Gardner (timg-tpi) on 2021-05-07

Changed in linux-aws (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-05-13:

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Andrea Righi (arighi) on 2021-05-31

tags:

added: verification-done-focal
removed: verification-needed-focal

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-06-02:

Download full text (30.7 KiB)

This bug was fixed in the package linux-aws - 5.4.0-1049.51

---------------
linux-aws (5.4.0-1049.51) focal; urgency=medium

* focal/linux-aws: 5.4.0-1049.51 -proposed tracker (LP: #1927595)

* Packaging resync (LP: #1786013)
- update dkms package versions

  * AWS: out of entropy on Graviton 2 instances types (mg6.*) (LP: #1927692)
    - random: add GRND_INSECURE to return best-effort non-cryptographic bytes
    - random: Don't wake crng_init_wait when crng_init == 1
    - random: Add a urandom_read_nowait() for random APIs that don't warn
    - random: ignore GRND_RANDOM in getentropy(2)
    - random: make /dev/random be almost like /dev/urandom

[ Ubuntu: 5.4.0-74.83 ]

This bug was fixed in the package linux-aws - 5.4.0-1049.51

---------------
linux-aws (5.4.0-1049.51) focal; urgency=medium

* focal/linux-aws: 5.4.0-1049.51 -proposed tracker (LP: #1927595)

* Packaging resync (LP: #1786013)
    - update dkms package versions

[ Ubuntu: 5.4.0-74.83 ]

* focal/linux: 5.4.0-74.83 -proposed tracker (LP: #1927619)
  * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq
    (LP: #1925522)
    - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460
  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: fix incorrect mnt_id of files opened from map_files
  * Enable CIFS GCM256 (LP: #1921916)
    - smb3: add defines for new crypto algorithms
    - smb3.1.1: add new module load parm require_gcm_256
    - smb3.1.1: add new module load parm enable_gcm_256
    - smb3.1.1: print warning if server does not support requested encryption type
    - smb3.1.1: rename nonces used for GCM and CCM encryption
    - smb3.1.1: set gcm256 when requested
    - cifs: Adjust key sizes and key generation routines for AES256 encryption
  * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184)
    - locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
  * [Ubuntu 21.04] net/mlx5: Fix HW spec violation configuring uplink
    (LP: #1925452)
    - net/mlx5: Fix HW spec violation configuring uplink
  * Focal update: v5.4.114 upstream stable release (LP: #1926493)
    - Revert "scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure"
    - Revert "scsi: qla2xxx: Fix stuck login session using prli_pend_timer"
    - scsi: qla2xxx: Dual FCP-NVMe target port support
    - scsi: qla2xxx: Fix device connect issues in P2P configuration
    - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure
    - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport
    - scsi: qla2xxx: Fix stuck login session using prli_pend_timer
    - scsi: qla2xxx: Fix fabric scan hang
    - net/sctp: fix race condition in sctp_destroy_sock
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - ASoC: max98373: Added 30ms turn on/off time delay
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: forbid monitor for del llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - virt_wifi: Return micros for BSS TSF values
    - Input: s6sy761 - fix coordinate read bit shift
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - dm verity fec: fix misaligned RS roots IO
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - vfio/pci: Add missing range check in vfio_pci_mmap
    - riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
    - netfilter: bridge: add pre_exit hooks for ebtable unregistration
    - netfilter: arp_tables: add pre_exit hook for table unregister
    - net: macb: fix the restore of cmp registers
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - net: ip6_tunnel: Unregister catch-all devices
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
    - ibmvnic: remove duplicate napi_schedule call in open function
    - gro: ensure frag0 meets IP header alignment
    - ARM: footbridge: fix PCI interrupt mapping
    - arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
    - r8169: remove fiddling with the PCIe max read request size
    - r8169: simplify setting PCI_EXP_DEVCTL_NOSNOOP_EN
    - r8169: fix performance regression related to PCIe max read request size
    - r8169: improve rtl_jumbo_config
    - r8169: tweak max read request size for newer chips also in jumbo mtu mode
    - r8169: don't advertise pause in jumbo mode
    - ARM: 9071/1: uprobes: Don't hook on thumb instructions
    - net: phy: marvell: fix detection of PHY on Topaz switches
    - Linux 5.4.114
  * Focal update: v5.4.113 upstream stable release (LP: #1926490)
    - interconnect: core: fix error return code of icc_link_destroy()
    - KVM: arm64: Hide system instruction access to Trace registers
    - KVM: arm64: Disable guest access to trace filter controls
    - drm/imx: imx-ldb: fix out of bounds array access warning
    - gfs2: report "already frozen/thawed" errors
    - drm/tegra: dc: Don't set PLL clock to 0Hz
    - block: only update parent bi_status when bio fail
    - radix tree test suite: Register the main thread with the RCU library
    - idr test suite: Take RCU read lock in idr_find_test_1
    - idr test suite: Create anchor before launching throbber
    - riscv,entry: fix misaligned base for excp_vect_table
    - block: don't ignore REQ_NOWAIT for direct IO
    - netfilter: x_tables: fix compat match/target pad out-of-bound write
    - driver core: Fix locking bug in deferred_probe_timeout_work_func()
    - perf tools: Use %define api.pure full instead of %pure-parser
    - perf tools: Use %zd for size_t printf formats on 32-bit
    - perf map: Tighten snprintf() string precision to pass gcc check on some
      32-bit arches
    - xen/events: fix setting irq affinity
    - Linux 5.4.113
  * Focal update: v5.4.112 upstream stable release (LP: #1926489)
    - counter: stm32-timer-cnt: fix ceiling miss-alignment with reload register
    - ALSA: aloop: Fix initialization of controls
    - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
    - ASoC: intel: atom: Stop advertising non working S24LE support
    - nfc: fix refcount leak in llcp_sock_bind()
    - nfc: fix refcount leak in llcp_sock_connect()
    - nfc: fix memory leak in llcp_sock_connect()
    - nfc: Avoid endless loops caused by repeated llcp_sock_connect()
    - xen/evtchn: Change irq_info lock to raw_spinlock_t
    - net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
    - net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
    - drm/i915: Fix invalid access to ACPI _DSM objects
    - gcov: re-fix clang-11+ support
    - ia64: fix user_stack_pointer() for ptrace()
    - nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
    - ocfs2: fix deadlock between setattr and dio_end_io_write
    - fs: direct-io: fix missing sdio->boundary
    - parisc: parisc-agp requires SBA IOMMU driver
    - parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
    - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
    - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
    - ice: Increase control queue timeout
    - ice: Fix for dereference of NULL pointer
    - ice: Cleanup fltr list in case of allocation issues
    - net: hso: fix null-ptr-deref during tty device unregistration
    - ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
    - bpf, sockmap: Fix sk->prot unhash op reset
    - net: ensure mac header is set in virtio_net_hdr_to_skb()
    - i40e: Fix sparse warning: missing error code 'err'
    - i40e: Fix sparse error: 'vsi->netdev' could be null
    - net: sched: sch_teql: fix null-pointer dereference
    - mac80211: fix TXQ AC confusion
    - net: hsr: Reset MAC header for Tx path
    - net-ipv6: bugfix - raw & sctp - switch to ipv6_can_nonlocal_bind()
    - net: let skb_orphan_partial wake-up waiters.
    - usbip: add sysfs_lock to synchronize sysfs code paths
    - usbip: stub-dev synchronize sysfs code paths
    - usbip: vudc synchronize sysfs code paths
    - usbip: synchronize event handler with sysfs code paths
    - i2c: turn recovery error on init to debug
    - virtio_net: Add XDP meta data support
    - net: dsa: lantiq_gswip: Don't use PHY auto polling
    - net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
    - xfrm: interface: fix ipv4 pmtu check to honor ip header df
    - regulator: bd9571mwv: Fix AVS and DVFS voltage range
    - net: xfrm: Localize sequence counter per network namespace
    - esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
    - ASoC: SOF: Intel: hda: remove unnecessary parentheses
    - ASoC: SOF: Intel: HDA: fix core status verification
    - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
    - xfrm: Fix NULL pointer dereference on policy lookup
    - i40e: Added Asym_Pause to supported link modes
    - i40e: Fix kernel oops when i40e driver removes VF's
    - hostfs: Use kasprintf() instead of fixed buffer formatting
    - hostfs: fix memory handling in follow_link()
    - amd-xgbe: Update DMA coherency values
    - sch_red: fix off-by-one checks in red_check_params()
    - arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
    - can: bcm/raw: fix msg_namelen values depending on CAN_REQUIRED_SIZE
    - gianfar: Handle error code at MAC address change
    - cxgb4: avoid collecting SGE_QBASE regs during traffic
    - net:tipc: Fix a double free in tipc_sk_mcast_rcv
    - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
    - net/ncsi: Avoid channel_monitor hrtimer deadlock
    - nfp: flower: ignore duplicate merge hints from FW
    - net: phy: broadcom: Only advertise EEE for supported modes
    - ASoC: sunxi: sun4i-codec: fill ASoC card owner
    - net/mlx5e: Fix ethtool indication of connector type
    - net/mlx5: Don't request more than supported EQs
    - net/rds: Fix a use after free in rds_message_map_pages
    - soc/fsl: qbman: fix conflicting alignment attributes
    - i40e: Fix display statistics for veb_tc
    - drm/msm: Set drvdata to NULL when msm_drm_init() fails
    - net: udp: Add support for getsockopt(..., ..., UDP_GRO, ..., ...);
    - scsi: ufs: Fix irq return code
    - scsi: ufs: Avoid busy-waiting by eliminating tag conflicts
    - scsi: ufs: Use blk_{get,put}_request() to allocate and free TMFs
    - scsi: ufs: core: Fix task management request completion timeout
    - scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
    - net: macb: restore cmp registers on resume path
    - clk: fix invalid usage of list cursor in register
    - clk: fix invalid usage of list cursor in unregister
    - workqueue: Move the position of debug_work_activate() in __queue_work()
    - s390/cpcmd: fix inline assembly register clobbering
    - perf inject: Fix repipe usage
    - net: openvswitch: conntrack: simplify the return expression of
      ovs_ct_limit_get_default_limit()
    - openvswitch: fix send of uninitialized stack memory in ct limit reply
    - net: hns3: clear VF down state bit before request link status
    - net/mlx5: Fix placement of log_max_flow_counter
    - net/mlx5: Fix PBMC register mapping
    - RDMA/cxgb4: check for ipv6 address properly while destroying listener
    - RDMA/addr: Be strict with gid size
    - RAS/CEC: Correct ce_add_elem()'s returned values
    - clk: socfpga: fix iomem pointer cast on 64-bit
    - dt-bindings: net: ethernet-controller: fix typo in NVMEM
    - net: sched: bump refcount for new action in ACT replace mode
    - cfg80211: remove WARN_ON() in cfg80211_sme_connect
    - net: tun: set tun->dev->addr_len during TUNSETLINK processing
    - drivers: net: fix memory leak in atusb_probe
    - drivers: net: fix memory leak in peak_usb_create_dev
    - net: mac802154: Fix general protection fault
    - net: ieee802154: nl-mac: fix check on panid
    - net: ieee802154: fix nl802154 del llsec key
    - net: ieee802154: fix nl802154 del llsec dev
    - net: ieee802154: fix nl802154 add llsec key
    - net: ieee802154: fix nl802154 del llsec devkey
    - net: ieee802154: forbid monitor for set llsec params
    - net: ieee802154: forbid monitor for del llsec seclevel
    - net: ieee802154: stop dump llsec params for monitors
    - Linux 5.4.112
  * crash utility fails on arm64 with  cannot determine VA_BITS_ACTUAL
    (LP: #1919275)
    - arm64/crash_core: Export TCR_EL1.T1SZ in vmcoreinfo
  * Focal update: v5.4.111 upstream stable release (LP: #1923874)
    - ARM: dts: am33xx: add aliases for mmc interfaces
    - bus: ti-sysc: Fix warning on unbind if reset is not deasserted
    - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
    - bpf, x86: Use kvmalloc_array instead kmalloc_array in bpf_jit_comp
    - net/mlx5e: Enforce minimum value check for ICOSQ size
    - net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
    - mISDN: fix crash in fritzpci
    - mac80211: choose first enabled channel for monitor
    - drm/msm/adreno: a5xx_power: Don't apply A540 lm_setup to other GPUs
    - drm/msm: Ratelimit invalid-fence message
    - netfilter: conntrack: Fix gre tunneling over ipv6
    - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
    - x86/build: Turn off -fcf-protection for realmode targets
    - scsi: target: pscsi: Clean up after failure in pscsi_map_sg()
    - ia64: mca: allocate early mca with GFP_ATOMIC
    - ia64: fix format strings for err_inject
    - cifs: revalidate mapping when we open files for SMB1 POSIX
    - cifs: Silently ignore unknown oplock break handle
    - nvme-mpath: replace direct_make_request with generic_make_request
    - init/Kconfig: make COMPILE_TEST depend on !S390
    - init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM
    - Linux 5.4.111
  * Focal update: v5.4.110 upstream stable release (LP: #1923869)
    - selinux: vsock: Set SID for socket returned by accept()
    - ipv6: weaken the v4mapped source check
    - modsign: print module name along with error message
    - module: merge repetitive strings in module_sig_check()
    - module: avoid *goto*s in module_sig_check()
    - module: harden ELF info handling
    - ext4: shrink race window in ext4_should_retry_alloc()
    - ext4: fix bh ref count on error paths
    - fs: nfsd: fix kconfig dependency warning for NFSD_V4
    - rpc: fix NULL dereference on kmalloc failure
    - iomap: Fix negative assignment to unsigned sis->pages in
      iomap_swapfile_activate
    - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10
    - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10
    - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe
    - ASoC: es8316: Simplify adc_pga_gain_tlv table
    - ASoC: cs42l42: Fix Bitclock polarity inversion
    - ASoC: cs42l42: Fix channel width support
    - ASoC: cs42l42: Fix mixer volume control
    - ASoC: cs42l42: Always wait at least 3ms after reset
    - NFSD: fix error handling in NFSv4.0 callbacks
    - powerpc: Force inlining of cpu_has_feature() to avoid build failure
    - vhost: Fix vhost_vq_reset()
    - scsi: st: Fix a use after free in st_open()
    - scsi: qla2xxx: Fix broken #endif placement
    - staging: comedi: cb_pcidas: fix request_irq() warn
    - staging: comedi: cb_pcidas64: fix request_irq() warn
    - ASoC: rt5659: Update MCLK rate in set_sysclk()
    - thermal/core: Add NULL pointer check before using cooling device stats
    - locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling
    - ext4: do not iput inode under running transaction in ext4_rename()
    - net: mvpp2: fix interrupt mask/unmask skip condition
    - flow_dissector: fix TTL and TOS dissection on IPv4 fragments
    - can: dev: move driver related infrastructure into separate subdir
    - net: introduce CAN specific pointer in the struct net_device
    - can: tcan4x5x: fix max register value
    - brcmfmac: clear EAP/association status bits on linkdown events
    - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
    - net: ethernet: aquantia: Handle error cleanup of start on open
    - appletalk: Fix skb allocation size in loopback case
    - net: wan/lmc: unregister device when no matching device is found
    - bpf: Remove MTU check in __bpf_skb_max_len
    - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect
    - ALSA: hda: Re-add dropped snd_poewr_change_state() calls
    - ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks
    - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO
    - ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook
    - xtensa: move coprocessor_flush to the .text section
    - PM: runtime: Fix race getting/putting suppliers at probe
    - PM: runtime: Fix ordering in pm_runtime_get_suppliers()
    - tracing: Fix stack trace event size
    - mm: fix race by making init_zero_pfn() early_initcall
    - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
    - drm/amdgpu: check alignment on CPU page for bo map
    - reiserfs: update reiserfs_xattrs_initialized() condition
    - vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends
    - pinctrl: rockchip: fix restore error in resume
    - extcon: Add stubs for extcon_register_notifier_all() functions
    - extcon: Fix error handling in extcon_dev_register
    - firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
    - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
    - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
    - usb: musb: Fix suspend with devices connected for a64
    - usb: xhci-mtk: fix broken streams issue on 0.96 xHCI
    - cdc-acm: fix BREAK rx code path adding necessary calls
    - USB: cdc-acm: untangle a circular dependency between callback and softint
    - USB: cdc-acm: downgrade message to debug
    - USB: cdc-acm: fix double free on probe failure
    - USB: cdc-acm: fix use-after-free after probe failure
    - usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference
    - usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board.
    - usb: dwc2: Prevent core suspend when port connection flag is 0
    - staging: rtl8192e: Fix incorrect source in memcpy()
    - staging: rtl8192e: Change state information from u16 to u8
    - drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
    - Linux 5.4.110
  * Focal update: v5.4.109 upstream stable release (LP: #1923220)
    - hugetlbfs: hugetlb_fault_mutex_hash() cleanup
    - net: fec: ptp: avoid register access when ipg clock is disabled
    - powerpc/4xx: Fix build errors from mfdcr()
    - atm: eni: dont release is never initialized
    - atm: lanai: dont run lanai_dev_close if not open
    - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153"
    - ALSA: hda: ignore invalid NHLT table
    - ixgbe: Fix memleak in ixgbe_configure_clsu32
    - net: tehuti: fix error return code in bdx_probe()
    - net: intel: iavf: fix error return code of iavf_init_get_resources()
    - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count
    - gianfar: fix jumbo packets+napi+rx overrun crash
    - cifs: ask for more credit on async read/write code paths
    - cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev
    - gpiolib: acpi: Add missing IRQF_ONESHOT
    - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default
    - NFS: Correct size calculation for create reply length
    - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch()
    - net: wan: fix error return code of uhdlc_init()
    - net: davicom: Use platform_get_irq_optional()
    - atm: uPD98402: fix incorrect allocation
    - atm: idt77252: fix null-ptr-dereference
    - cifs: change noisy error message to FYI
    - irqchip/ingenic: Add support for the JZ4760
    - sparc64: Fix opcode filtering in handling of no fault loads
    - habanalabs: Call put_pid() when releasing control device
    - u64_stats,lockdep: Fix u64_stats_init() vs lockdep
    - regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck
    - drm/amd/display: Revert dram_clock_change_latency for DCN2.1
    - drm/amdgpu: fb BO should be ttm_bo_type_device
    - drm/radeon: fix AGP dependency
    - nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request()
    - nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
    - nvme-pci: add the DISABLE_WRITE_ZEROES quirk for a Samsung PM1725a
    - nfs: we don't support removing system.nfs4_acl
    - block: Suppress uevent for hidden device when removed
    - ia64: fix ia64_syscall_get_set_arguments() for break-based syscalls
    - ia64: fix ptrace(PTRACE_SYSCALL_INFO_EXIT) sign
    - netsec: restore phy power state after controller reset
    - platform/x86: intel-vbtn: Stop reporting SW_DOCK events
    - squashfs: fix inode lookup sanity checks
    - squashfs: fix xattr id and id lookup sanity checks
    - kasan: fix per-page tags for non-page_alloc pages
    - gcov: fix clang-11+ support
    - ACPI: video: Add missing callback back for Sony VPCEH3U1E
    - arm64: dts: ls1046a: mark crypto engine dma coherent
    - arm64: dts: ls1012a: mark crypto engine dma coherent
    - arm64: dts: ls1043a: mark crypto engine dma coherent
    - ARM: dts: at91-sama5d27_som1: fix phy address to 7
    - integrity: double check iint_cache was initialized
    - dm verity: fix DM_VERITY_OPTS_MAX value
    - dm ioctl: fix out of bounds array access when no devices
    - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD
    - veth: Store queue_mapping independently of XDP prog presence
    - libbpf: Fix INSTALL flag order
    - net/mlx5e: Don't match on Geneve options in case option masks are all zero
    - ipv6: fix suspecious RCU usage warning
    - macvlan: macvlan_count_rx() needs to be aware of preemption
    - net: sched: validate stab values
    - net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port
    - igc: Fix Pause Frame Advertising
    - igc: Fix Supported Pause Frame Link Setting
    - e1000e: add rtnl_lock() to e1000_reset_task
    - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571
    - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
    - ftgmac100: Restart MAC HW once
    - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed
    - netfilter: ctnetlink: fix dump of the expect mask attribute
    - tcp: relookup sock for RST+ACK packets handled by obsolete req sock
    - can: peak_usb: add forgotten supported devices
    - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate
    - can: kvaser_pciefd: Always disable bus load reporting
    - can: c_can_pci: c_can_pci_remove(): fix use-after-free
    - can: c_can: move runtime PM enable/disable to c_can_platform
    - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
    - can: m_can: m_can_rx_peripheral(): fix RX being blocked by errors
    - mac80211: fix rate mask reset
    - nfp: flower: fix pre_tun mask id allocation
    - libbpf: Use SOCK_CLOEXEC when opening the netlink socket
    - octeontx2-af: Fix irq free in rvu teardown
    - octeontx2-af: fix infinite loop in unmapping NPC counter
    - net: cdc-phonet: fix data-interface release on probe failure
    - r8152: limit the RX buffer size of RTL8153A for USB 2.0
    - net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes
    - selftests: forwarding: vxlan_bridge_1d: Fix vxlan ecn decapsulate value
    - libbpf: Fix BTF dump of pointer-to-array-of-struct
    - drm/msm: fix shutdown hook in case GPU components failed to bind
    - arm64: kdump: update ppos when reading elfcorehdr
    - PM: runtime: Defer suspending suppliers
    - net/mlx5e: Fix error path for ethtool set-priv-flag
    - PM: EM: postpone creating the debugfs dir till fs_initcall
    - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening
      server
    - bpf: Don't do bpf_cgroup_storage_set() for kuprobe/tp programs
    - ACPI: scan: Rearrange memory allocation in acpi_device_add()
    - ACPI: scan: Use unique number for instance_no
    - perf auxtrace: Fix auxtrace queue conflict
    - block: recalculate segment count for multi-segment discards correctly
    - scsi: Revert "qla2xxx: Make sure that aborted commands are freed"
    - scsi: qedi: Fix error return code of qedi_alloc_global_queues()
    - scsi: mpt3sas: Fix error return code of mpt3sas_base_attach()
    - locking/mutex: Fix non debug version of mutex_lock_io_nested()
    - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc()
    - can: dev: Move device back to init netns on owning netns delete
    - net: dsa: b53: VLAN filtering is global to all users
    - net: qrtr: fix a kernel-infoleak in qrtr_recvmsg()
    - mac80211: fix double free in ibss_leave
    - ext4: add reclaim checks to xattr code
    - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
    - xen-blkback: don't leak persistent grants from xen_blkbk_map()
    - Linux 5.4.109
  * Focal update: v5.4.108 upstream stable release (LP: #1923214)
    - ASoC: ak4458: Add MODULE_DEVICE_TABLE
    - ASoC: ak5558: Add MODULE_DEVICE_TABLE
    - ALSA: dice: fix null pointer dereference when node is disconnected
    - ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro
    - ALSA: hda: generic: Fix the micmute led init state
    - ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air
    - Revert "PM: runtime: Update device status before letting suppliers suspend"
    - ARM: 9030/1: entry: omit FP emulation for UND exceptions taken in kernel
      mode
    - ARM: 9044/1: vfp: use undef hook for VFP support detection
    - btrfs: fix race when cloning extent buffer during rewind of an old root
    - btrfs: fix slab cache flags for free space tree bitmap
    - ASoC: fsl_ssi: Fix TDM slot setup for I2S mode
    - ASoC: SOF: Intel: unregister DMIC device on probe error
    - ASoC: SOF: intel: fix wrong poll bits in dsp power down
    - ASoC: simple-card-utils: Do not handle device clock
    - afs: Stop listxattr() from listing "afs.*" attributes
    - nvme: fix Write Zeroes limitations
    - nvme-tcp: fix possible hang when failing to set io queues
    - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU
    - nvmet: don't check iosqes,iocqes for discovery controllers
    - nfsd: Don't keep looking up unhashed files in the nfsd file cache
    - NFSD: Repair misuse of sv_lock in 5.10.16-rt30.
    - svcrdma: disable timeouts on rdma backchannel
    - vfio: IOMMU_API should be selected
    - sunrpc: fix refcount leak for rpc auth modules
    - net/qrtr: fix __netdev_alloc_skb call
    - kbuild: Fix <linux/version.h> for empty SUBLEVEL or PATCHLEVEL again
    - riscv: Correct SPARSEMEM configuration
    - scsi: lpfc: Fix some error codes in debugfs
    - scsi: myrs: Fix a double free in myrs_cleanup()
    - counter: stm32-timer-cnt: Report count function when SLAVE_MODE_DISABLED
    - nvme-rdma: fix possible hang when failing to set io queues
    - usb-storage: Add quirk to defeat Kindle's automatic unload
    - usbip: Fix incorrect double assignment to udc->ud.tcp_rx
    - USB: replace hardcode maximum usb string length by definition
    - usb: gadget: configfs: Fix KASAN use-after-free
    - usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy-
    - iio:adc:stm32-adc: Add HAS_IOMEM dependency
    - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel
    - iio: adis16400: Fix an error code in adis16400_initial_setup()
    - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler
    - iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask
    - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel
    - iio: hid-sensor-prox: Fix scale not correct issue
    - iio: hid-sensor-temperature: Fix issues of timestamp channel
    - counter: stm32-timer-cnt: fix ceiling write max value
    - PCI: rpadlpar: Fix potential drc_name corruption in store functions
    - perf/x86/intel: Fix a crash caused by zero PEBS status
    - x86/ioapic: Ignore IRQ2 again
    - kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data()
    - x86: Move TS_COMPAT back to asm/thread_info.h
    - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
    - ext4: find old entry again if failed to rename whiteout
    - ext4: do not try to set xattr into ea_inode if value is empty
    - ext4: fix potential error in ext4_do_update_inode
    - efi: use 32-bit alignment for efi_guid_t literals
    - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
    - genirq: Disable interrupts for force threaded handlers
    - x86/apic/of: Fix CPU devicetree-node lookups
    - cifs: Fix preauth hash corruption
    - Linux 5.4.108
  * Focal update: v5.4.107 upstream stable release (LP: #1923210)
    - KVM: arm64: nvhe: Save the SPE context early
    - btrfs: scrub: Don't check free space before marking a block group RO
    - drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang
    - drm/i915/gvt: Fix mmio handler break on BXT/APL.
    - drm/i915/gvt: Fix virtual display setup for BXT/APL
    - drm/i915/gvt: Fix port number for BDW on EDID region setup
    - drm/i915/gvt: Fix vfio_edid issue for BXT/APL
    - fuse: fix live lock in fuse_iget()
    - crypto: x86 - Regularize glue function prototypes
    - crypto: aesni - Use TEST %reg,%reg instead of CMP $0,%reg
    - crypto: x86/aes-ni-xts - use direct calls to and 4-way stride
    - net: dsa: tag_mtk: fix 802.1ad VLAN egress
    - net: dsa: b53: Support setting learning on port
    - Linux 5.4.107

-- Tim Gardner <tim.gardner@canonical.com>  Tue, 11 May 2021 10:13:01 -0600

Changed in linux-aws (Ubuntu Focal):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-aws package

AWS: out of entropy on Graviton 2 instances types (mg6.*)

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
linux-aws package