Bug #1949882 “linux-aws: Fix backport of RDMA/efa: Expose maximu...” : Bugs : linux-aws package : Ubuntu

Tim Gardner (timg-tpi) on 2021-11-04

Changed in linux-aws (Ubuntu):
assignee:	nobody → Tim Gardner (timg-tpi)
importance:	Undecided → Medium
status:	New → In Progress
Changed in linux (Ubuntu):
status:	New → Fix Released
Changed in linux (Ubuntu Focal):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux-aws (Ubuntu Focal):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Tim Gardner (timg-tpi)
Changed in linux-aws (Ubuntu):
status:	In Progress → Fix Released
importance:	Medium → Undecided
assignee:	Tim Gardner (timg-tpi) → nobody
description:	updated

Tim Gardner (timg-tpi) on 2021-11-04

description:

updated

Tim Gardner (timg-tpi) on 2021-11-09

Changed in linux (Ubuntu Focal):
status:	In Progress → Fix Committed
Changed in linux-aws (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-11-15:

#1

This bug is awaiting verification that the linux-aws/5.4.0-1060.63 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Revision history for this message

Tim Gardner (timg-tpi) wrote on 2021-11-16:

#2

Amazon verified with test kernel.

tags:

added: verification-done-focal
removed: verification-needed-focal

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-11-29:

#3

Download full text (12.4 KiB)

This bug was fixed in the package linux-aws - 5.4.0-1060.63

---------------
linux-aws (5.4.0-1060.63) focal; urgency=medium

* focal/linux-aws: 5.4.0-1060.63 -proposed tracker (LP: #1949811)

  * linux-aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch
    (LP: #1949882)
    - SAUCE: aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

[ Ubuntu: 5.4.0-91.102 ]

  * focal/linux: 5.4.0-91.102 -proposed tracker (LP: #1949840)
  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.08)
  * KVM emulation failure when booting into VM crash kernel with multiple CPUs
    (LP: #1948862)
    - KVM: x86: Properly reset MMU context at vCPU RESET/INIT
  * aufs: kernel bug with apparmor and fuseblk (LP: #1948470)
    - SAUCE: aufs: bugfix, stop omitting path->mnt
  * ebpf: bpf_redirect fails with ip6 gre interfaces (LP: #1947164)
    - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()
  * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516)
    - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc
  * ACL updates on OCFS2 are not revalidated (LP: #1947161)
    - ocfs2: fix remounting needed after setfacl command
  * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351)
    - powerpc/bpf: Fix BPF_MOD when imm == 1
  * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in
    cachefiles_read_backing_file while vmscan is active" (LP: #1947709)
    - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in
      cachefiles_read_backing_file while vmscan is active"
  * Reassign I/O Path of ConnectX-5 Port 1 before Port 2 causes NULL dereference
    (LP: #1943464)
    - s390/pci: fix leak of PCI device structure
    - s390/pci: fix use after free of zpci_dev
    - s390/pci: fix zpci_zdev_put() on reserve
  * [SRU][F] USB: serial: pl2303: add support for PL2303HXN (LP: #1948377)
    - USB: serial: pl2303: add support for PL2303HXN
    - USB: serial: pl2303: fix line-speed handling on newer chips
  * Focal update: v5.4.151 upstream stable release (LP: #1947888)
    - tty: Fix out-of-bound vmalloc access in imageblit
    - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
    - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
    - usb: cdns3: fix race condition before setting doorbell
    - fs-verity: fix signed integer overflow with i_size near S64_MAX
    - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
      structure field
    - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
      structure field
    - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
      structure field
    - scsi: ufs: Fix illegal offset in UPIU event trace
    - mac80211: fix use-after-free in CCMP/GCMP RX
    - x86/kvmclock: Move this_cpu_pvti into kvmclock.h
    - drm/amd/display: Pass PCI deviceid into DC
    - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
    - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced
      from sysfs
    - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
    - mac80211: limit...

This bug was fixed in the package linux-aws - 5.4.0-1060.63

---------------
linux-aws (5.4.0-1060.63) focal; urgency=medium

* focal/linux-aws: 5.4.0-1060.63 -proposed tracker (LP: #1949811)

* linux-aws: Fix backport of RDMA/efa: Expose maximum  TX doorbell batch
    (LP: #1949882)
    - SAUCE: aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

[ Ubuntu: 5.4.0-91.102 ]

* focal/linux: 5.4.0-91.102 -proposed tracker (LP: #1949840)
  * Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.08)
  * KVM emulation failure when booting into  VM crash kernel with multiple CPUs
    (LP: #1948862)
    - KVM: x86: Properly reset MMU context at vCPU RESET/INIT
  * aufs: kernel bug with apparmor and fuseblk (LP: #1948470)
    - SAUCE: aufs: bugfix, stop omitting path->mnt
  * ebpf:  bpf_redirect fails with ip6 gre interfaces (LP: #1947164)
    - net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()
  * require CAP_NET_ADMIN to attach N_HCI ldisc (LP: #1949516)
    - Bluetooth: hci_ldisc: require CAP_NET_ADMIN to attach N_HCI ldisc
  * ACL updates on OCFS2 are not revalidated (LP: #1947161)
    - ocfs2: fix remounting needed after setfacl command
  * ppc64 BPF JIT mod by 1 will not return 0 (LP: #1948351)
    - powerpc/bpf: Fix BPF_MOD when imm == 1
  * Drop "UBUNTU: SAUCE: cachefiles: Page leaking in
    cachefiles_read_backing_file while vmscan is active" (LP: #1947709)
    - Revert "UBUNTU: SAUCE: cachefiles: Page leaking in
      cachefiles_read_backing_file while vmscan is active"
  * Reassign I/O Path of ConnectX-5 Port 1 before Port 2 causes NULL dereference
    (LP: #1943464)
    - s390/pci: fix leak of PCI device structure
    - s390/pci: fix use after free of zpci_dev
    - s390/pci: fix zpci_zdev_put() on reserve
  * [SRU][F] USB: serial: pl2303: add support for PL2303HXN (LP: #1948377)
    - USB: serial: pl2303: add support for PL2303HXN
    - USB: serial: pl2303: fix line-speed handling on newer chips
  * Focal update: v5.4.151 upstream stable release (LP: #1947888)
    - tty: Fix out-of-bound vmalloc access in imageblit
    - cpufreq: schedutil: Use kobject release() method to free sugov_tunables
    - cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory
    - usb: cdns3: fix race condition before setting doorbell
    - fs-verity: fix signed integer overflow with i_size near S64_MAX
    - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary
      structure field
    - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary
      structure field
    - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary
      structure field
    - scsi: ufs: Fix illegal offset in UPIU event trace
    - mac80211: fix use-after-free in CCMP/GCMP RX
    - x86/kvmclock: Move this_cpu_pvti into kvmclock.h
    - drm/amd/display: Pass PCI deviceid into DC
    - ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
    - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced
      from sysfs
    - mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug
    - mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap
    - mac80211: mesh: fix potentially unaligned access
    - mac80211-hwsim: fix late beacon hrtimer handling
    - sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb
    - hwmon: (tmp421) report /PVLD condition as fault
    - hwmon: (tmp421) fix rounding for negative values
    - net: ipv4: Fix rtnexthop len when RTA_FLOW is present
    - e100: fix length calculation in e100_get_regs_len
    - e100: fix buffer overrun in e100_get_regs
    - selftests, bpf: test_lwt_ip_encap: Really disable rp_filter
    - scsi: csiostor: Add module softdep on cxgb4
    - net: hns3: do not allow call hns3_nic_net_open repeatedly
    - net: sched: flower: protect fl_walk() with rcu
    - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
    - perf/x86/intel: Update event constraints for ICX
    - elf: don't use MAP_FIXED_NOREPLACE for elf interpreter mappings
    - debugfs: debugfs_create_file_size(): use IS_ERR to check for error
    - ipack: ipoctal: fix stack information leak
    - ipack: ipoctal: fix tty registration race
    - ipack: ipoctal: fix tty-registration error handling
    - ipack: ipoctal: fix missing allocation-failure check
    - ipack: ipoctal: fix module reference leak
    - ext4: fix loff_t overflow in ext4_max_bitmap_size()
    - ext4: fix reserved space counter leakage
    - ext4: fix potential infinite loop in ext4_dx_readdir()
    - HID: u2fzero: ignore incomplete packets without data
    - net: udp: annotate data race around udp_sk(sk)->corkflag
    - net: stmmac: don't attach interface until resume finishes
    - PCI: Fix pci_host_bridge struct device release/free handling
    - libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind
    - hso: fix bailout in error case of probe
    - usb: hso: fix error handling code of hso_create_net_device
    - usb: hso: remove the bailout parameter
    - crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
    - HID: betop: fix slab-out-of-bounds Write in betop_probe
    - netfilter: ipset: Fix oversized kvmalloc() calls
    - HID: usbhid: free raw_report buffers in usbhid_stop
    - Linux 5.4.151
  * Focal update: v5.4.150 upstream stable release (LP: #1947886)
    - usb: gadget: r8a66597: fix a loop in set_feature()
    - usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave
    - usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA
    - usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned()
    - cifs: fix incorrect check for null pointer in header_assemble
    - xen/x86: fix PV trap handling on secondary processors
    - usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c
    - USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
    - USB: cdc-acm: fix minor-number release
    - binder: make sure fd closes complete
    - staging: greybus: uart: fix tty use after free
    - Re-enable UAS for LaCie Rugged USB3-FW with fk quirk
    - USB: serial: mos7840: remove duplicated 0xac24 device ID
    - USB: serial: option: add Telit LN920 compositions
    - USB: serial: option: remove duplicate USB device ID
    - USB: serial: option: add device id for Foxconn T99W265
    - mcb: fix error handling in mcb_alloc_bus()
    - erofs: fix up erofs_lookup tracepoint
    - btrfs: prevent __btrfs_dump_space_info() to underflow its free space
    - serial: mvebu-uart: fix driver's tx_empty callback
    - net: hso: fix muxed tty registration
    - afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation
    - platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR()
    - enetc: Fix illegal access when reading affinity_hint
    - bnxt_en: Fix TX timeout when TX ring size is set to the smallest
    - net/smc: add missing error check in smc_clc_prfx_set()
    - gpio: uniphier: Fix void functions to remove return value
    - qed: rdma - don't wait for resources under hw error recovery flow
    - net/mlx4_en: Don't allow aRFS for encapsulated packets
    - scsi: iscsi: Adjust iface sysfs attr detection
    - tty: synclink_gt, drop unneeded forward declarations
    - tty: synclink_gt: rename a conflicting function name
    - fpga: machxo2-spi: Return an error on failure
    - fpga: machxo2-spi: Fix missing error code in machxo2_write_complete()
    - thermal/core: Potential buffer overflow in thermal_build_list_of_policies()
    - cifs: fix a sign extension bug
    - scsi: qla2xxx: Restore initiator in dual mode
    - scsi: lpfc: Use correct scnprintf() limit
    - irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build
    - irqchip/gic-v3-its: Fix potential VPE leak on error
    - md: fix a lock order reversal in md_alloc
    - blktrace: Fix uaf in blk_trace access after removing by sysfs
    - net: macb: fix use after free on rmmod
    - net: stmmac: allow CSR clock of 300MHz
    - m68k: Double cast io functions to unsigned long
    - ipv6: delay fib6_sernum increase in fib6_add
    - bpf: Add oversize check before call kvcalloc()
    - xen/balloon: use a kernel thread instead a workqueue
    - nvme-multipath: fix ANA state updates when a namespace is not present
    - sparc32: page align size in arch_dma_alloc
    - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
    - compiler.h: Introduce absolute_pointer macro
    - net: i825xx: Use absolute_pointer for memcpy from fixed memory location
    - sparc: avoid stringop-overread errors
    - qnx4: avoid stringop-overread errors
    - parisc: Use absolute_pointer() to define PAGE0
    - arm64: Mark __stack_chk_guard as __ro_after_init
    - alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile
    - net: 6pack: Fix tx timeout and slot time
    - spi: Fix tegra20 build with CONFIG_PM=n
    - EDAC/synopsys: Fix wrong value type assignment for edac_mode
    - thermal/drivers/int340x: Do not set a wrong tcc offset on resume
    - arm64: dts: marvell: armada-37xx: Extend PCIe MEM space
    - xen/balloon: fix balloon kthread freezing
    - qnx4: work around gcc false positive warning bug
    - Linux 5.4.150
  * ACL updates on OCFS2 are not revalidated (LP: #1947161) // Focal update:
    v5.4.150 upstream stable release (LP: #1947886)
    - ocfs2: drop acl cache for directories too
  * Focal update: v5.4.149 upstream stable release (LP: #1947885)
    - PCI: pci-bridge-emul: Fix big-endian support
    - PCI: aardvark: Indicate error in 'val' when config read fails
    - PCI: pci-bridge-emul: Add PCIe Root Capabilities Register
    - PCI: aardvark: Fix reporting CRS value
    - PCI/ACPI: Add Ampere Altra SOC MCFG quirk
    - KVM: remember position in kvm->vcpus array
    - console: consume APC, DM, DCS
    - s390/pci_mmio: fully validate the VMA before calling follow_pte()
    - ARM: Qualify enabling of swiotlb_init()
    - apparmor: remove duplicate macro list_entry_is_head()
    - ARM: 9077/1: PLT: Move struct plt_entries definition to header
    - ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link()
    - ARM: 9079/1: ftrace: Add MODULE_PLTS support
    - ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE
    - sctp: validate chunk size in __rcv_asconf_lookup
    - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
    - staging: rtl8192u: Fix bitwise vs logical operator in
      TranslateRxSignalStuff819xUsb()
    - um: virtio_uml: fix memory leak on init failures
    - dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
    - thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
    - 9p/trans_virtio: Remove sysfs file on probe failure
    - prctl: allow to setup brk for et_dyn executables
    - nilfs2: use refcount_dec_and_lock() to fix potential UAF
    - profiling: fix shift-out-of-bounds bugs
    - pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was
      registered
    - phy: avoid unnecessary link-up delay in polling mode
    - net: stmmac: reset Tx desc base address before restarting Tx
    - Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH
    - thermal/core: Fix thermal_cooling_device_register() prototype
    - drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
    - parisc: Move pci_dev_is_behind_card_dino to where it is used
    - dmaengine: sprd: Add missing MODULE_DEVICE_TABLE
    - dmaengine: ioat: depends on !UML
    - dmaengine: xilinx_dma: Set DMA mask for coherent APIs
    - ceph: request Fw caps before updating the mtime in ceph_write_iter
    - ceph: lockdep annotations for try_nonblocking_invalidate
    - btrfs: fix lockdep warning while mounting sprout fs
    - nilfs2: fix memory leak in nilfs_sysfs_create_device_group
    - nilfs2: fix NULL pointer in nilfs_##name##_attr_release
    - nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
    - nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
    - nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
    - nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
    - pwm: img: Don't modify HW state in .remove() callback
    - pwm: rockchip: Don't modify HW state in .remove() callback
    - pwm: stm32-lp: Don't modify HW state in .remove() callback
    - blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
    - rtc: rx8010: select REGMAP_I2C
    - drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
    - Linux 5.4.149

-- Tim Gardner <tim.gardner@canonical.com>  Fri, 12 Nov 2021 11:19:15 -0700

Changed in linux-aws (Ubuntu Focal):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-04:

#4

Download full text (19.0 KiB)

This bug was fixed in the package linux - 5.4.0-92.103

---------------
linux (5.4.0-92.103) focal; urgency=medium

* focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

  * CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

* Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
- [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

  * Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

  * Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffe...

This bug was fixed in the package linux - 5.4.0-92.103

---------------
linux (5.4.0-92.103) focal; urgency=medium

* focal/linux: 5.4.0-92.103 -proposed tracker (LP: #1952316)

* Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)

* CVE-2021-4002
    - tlb: mmu_gather: add tlb_flush_*_range APIs
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

* Re-enable DEBUG_INFO_BTF where it was disabled (LP: #1945632)
    - [Config] Enable CONFIG_DEBUG_INFO_BTF on all arches

* Focal linux-azure: Vm crash on Dv5/Ev5 (LP: #1950462)
    - KVM: VMX: eVMCS: make evmcs_sanitize_exec_ctrls() work again
    - jump_label: Fix usage in module __init

* Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: (lockdown) Make get_cert_list() not complain about
      cert lists that aren't present."
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs

* Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

* Focal update: v5.4.157 upstream stable release (LP: #1951883)
    - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned
    - ARM: 9134/1: remove duplicate memcpy() definition
    - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype
    - ARM: 9141/1: only warn about XIP address when not compile testing
    - ipv6: use siphash in rt6_exception_hash()
    - ipv4: use siphash instead of Jenkins in fnhe_hashfun()
    - usbnet: sanity check for maxpacket
    - usbnet: fix error return code in usbnet_probe()
    - Revert "pinctrl: bcm: ns: support updated DT binding as syscon subnode"
    - ata: sata_mv: Fix the error handling of mv_chip_id()
    - nfc: port100: fix using -ERRNO as command type mask
    - net/tls: Fix flipped sign in tls_err_abort() calls
    - mmc: vub300: fix control-message timeouts
    - mmc: cqhci: clear HALT state after CQE enable
    - mmc: dw_mmc: exynos: fix the finding clock sample value
    - mmc: sdhci: Map more voltage level to SDHCI_POWER_330
    - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning
      circuit
    - cfg80211: scan: fix RCU in cfg80211_add_nontrans_list()
    - net: lan78xx: fix division by zero in send path
    - tcp_bpf: Fix one concurrency problem in the tcp_bpf_send_verdict function
    - IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
    - IB/hfi1: Fix abba locking issue with sc_disable()
    - nvmet-tcp: fix data digest pointer calculation
    - nvme-tcp: fix data digest pointer calculation
    - RDMA/mlx5: Set user priority for DCT
    - arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node
    - regmap: Fix possible double-free in regcache_rbtree_exit()
    - net: batman-adv: fix error handling
    - net: Prevent infinite while loop in skb_tx_hash()
    - RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
    - nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST
    - net: ethernet: microchip: lan743x: Fix driver crash when lan743x_pm_resume
      fails
    - net: ethernet: microchip: lan743x: Fix dma allocation failure by using
      dma_set_mask_and_coherent
    - net: nxp: lpc_eth.c: avoid hang when bringing interface down
    - net/tls: Fix flipped sign in async_wait.err assignment
    - phy: phy_ethtool_ksettings_get: Lock the phy for consistency
    - phy: phy_start_aneg: Add an unlocked version
    - sctp: use init_tag from inithdr for ABORT chunk
    - sctp: fix the processing for INIT_ACK chunk
    - sctp: fix the processing for COOKIE_ECHO chunk
    - sctp: add vtag check in sctp_sf_violation
    - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa
    - sctp: add vtag check in sctp_sf_ootb
    - net: use netif_is_bridge_port() to check for IFF_BRIDGE_PORT
    - cfg80211: correct bridge/4addr mode check
    - KVM: s390: clear kicked_mask before sleeping again
    - KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
    - perf script: Check session->header.env.arch before using it
    - Linux 5.4.157

* keyboard not working on Medion notebook s17 series (LP: #1950536)
    - ACPI: resources: Add one more Medion model in IRQ override quirk

* creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
    failed with XFS (LP: #1950239)
    - xfs: ensure that the inode uid/gid match values match the icdinode ones
    - xfs: merge the projid fields in struct xfs_icdinode
    - xfs: remove the icdinode di_uid/di_gid members
    - xfs: fix up non-directory creation in SGID directories

* reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
    (LP: #1867570)
    - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes

* Focal update: v5.4.156 upstream stable release (LP: #1951295)
    - parisc: math-emu: Fix fall-through warnings
    - net: switchdev: do not propagate bridge updates across bridges
    - tee: optee: Fix missing devices unregister during optee_remove
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - dma-debug: fix sg checks in debug_dma_map_sg()
    - ASoC: wm8960: Fix clock configuration on slave mode
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - lan78xx: select CRC32
    - net: dsa: lantiq_gswip: fix register definition
    - NIOS2: irqflags: rename a redefined register name
    - net: hns3: reset DWRR of unused tc to zero
    - net: hns3: add limit ets dwrr bandwidth cannot be 0
    - net: hns3: disable sriov before unload hclge layer
    - net: stmmac: Fix E2E delay mechanism
    - net: enetc: fix ethtool counter name for PM0_TERR
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - can: j1939: j1939_tp_rxtimer(): fix errant alert in j1939_tp_rxtimer
    - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv
    - can: j1939: j1939_xtp_rx_dat_one(): cancel session if receive TP.DT with
      error length
    - can: j1939: j1939_xtp_rx_rts_session_new(): abort TP less than 9 bytes
    - ceph: fix handling of "meta" errors
    - ocfs2: fix data corruption after conversion from inline format
    - ocfs2: mount fails with buffer overflow in strlen
    - elfcore: correct reference to CONFIG_UML
    - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
    - ALSA: hda/realtek: Add quirk for Clevo PC50HS
    - ASoC: DAPM: Fix missing kctl change notifications
    - audit: fix possible null-pointer dereference in audit_filter_rules
    - powerpc64/idle: Fix SP offsets when saving GPRs
    - KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()
    - KVM: PPC: Book3S HV: Make idle_kvm_start_guest() return 0 if it went to
      guest
    - powerpc/idle: Don't corrupt back chain when going idle
    - mm, slub: fix mismatch between reconstructed freelist depth and cnt
    - mm, slub: fix potential memoryleak in kmem_cache_open()
    - nfc: nci: fix the UAF of rf_conn_info object
    - isdn: cpai: check ctr->cnr to avoid array index out of bound
    - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
    - selftests: netfilter: remove stray bash debug line
    - gcc-plugins/structleak: add makefile var for disabling structleak
    - btrfs: deal with errors when checking if a dir entry exists during log
      replay
    - net: stmmac: add support for dwmac 3.40a
    - ARM: dts: spear3xx: Fix gmac node
    - isdn: mISDN: Fix sleeping function called from invalid context
    - platform/x86: intel_scu_ipc: Update timeout value in comment
    - ALSA: hda: avoid write to STATESTS if controller is in reset
    - Input: snvs_pwrkey - add clk handling
    - scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma()
    - tracing: Have all levels of checks prevent recursion
    - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
    - pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume()
    - Linux 5.4.156

* ubuntu_ltp / finit_module02 fails on v4.15 and other kernels
    (LP: #1950644) // Focal update: v5.4.156 upstream stable release
    (LP: #1951295)
    - vfs: check fd has read access in kernel_read_file_from_fd()

* Focal update: v5.4.155 upstream stable release (LP: #1951291)
    - ovl: simplify file splice
    - ALSA: usb-audio: Add quirk for VF0770
    - ALSA: seq: Fix a potential UAF by wrong private_free call order
    - ALSA: hda/realtek: Complete partial device name to avoid ambiguity
    - ALSA: hda/realtek: Add quirk for Clevo X170KM-G
    - ALSA: hda/realtek - ALC236 headset MIC recording issue
    - ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW
    - nds32/ftrace: Fix Error: invalid operands (*UND* and *UND* sections) for `^'
    - s390: fix strrchr() implementation
    - csky: don't let sigreturn play with priveleged bits of status register
    - csky: Fixup regs.sr broken in ptrace
    - btrfs: unlock newly allocated extent buffer after error
    - btrfs: deal with errors when replaying dir entry during log replay
    - btrfs: deal with errors when adding inode reference during log replay
    - btrfs: check for error when looking up inode during dir entry replay
    - watchdog: orion: use 0 for unset heartbeat
    - x86/resctrl: Free the ctrlval arrays when domain_setup_mon_state() fails
    - mei: me: add Ice Lake-N device id.
    - xhci: guard accesses to ep_state in xhci_endpoint_reset()
    - xhci: Fix command ring pointer corruption while aborting a command
    - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
    - cb710: avoid NULL pointer subtraction
    - efi/cper: use stack buffer for error record decoding
    - efi: Change down_interruptible() in virt_efi_reset_system() to
      down_trylock()
    - usb: musb: dsps: Fix the probe error path
    - Input: xpad - add support for another USB ID of Nacon GC-100
    - USB: serial: qcserial: add EM9191 QDL support
    - USB: serial: option: add Quectel EC200S-CN module support
    - USB: serial: option: add Telit LE910Cx composition 0x1204
    - USB: serial: option: add prod. id for Quectel EG91
    - EDAC/armada-xp: Fix output of uncorrectable error counter
    - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
    - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
    - powerpc/xive: Discard disabled interrupts in get_irqchip_state()
    - iio: adc: aspeed: set driver data when adc probe.
    - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
    - iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED
    - iio: light: opt3001: Fixed timeout error when 0 lux
    - iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
    - iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
    - iio: dac: ti-dac5571: fix an error code in probe()
    - sctp: account stream padding length for reconf chunk
    - gpio: pca953x: Improve bias setting
    - net: arc: select CRC32
    - net: korina: select CRC32
    - net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp
    - net: stmmac: fix get_hw_feature() on old hardware
    - net: encx24j600: check error in devm_regmap_init_encx24j600
    - ethernet: s2io: fix setting mac address during resume
    - nfc: fix error handling of nfc_proto_register()
    - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
    - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
    - pata_legacy: fix a couple uninitialized variable bugs
    - ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators()
    - mlxsw: thermal: Fix out-of-bounds memory accesses
    - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call
    - drm/panel: olimex-lcd-olinuxino: select CRC32
    - drm/msm: Fix null pointer dereference on pointer edp
    - drm/msm/dsi: Fix an error code in msm_dsi_modeset_init()
    - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
    - acpi/arm64: fix next_platform_timer() section mismatch error
    - mqprio: Correct stats in mqprio_dump_class_stats().
    - qed: Fix missing error code in qed_slowpath_start()
    - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256
    - ionic: don't remove netdev->dev_addr when syncing uc list
    - Linux 5.4.155

* [UBUNTU 20.04] kernel:  unable to read partitions on virtio-block dasd (kvm)
    (LP: #1950144) // Focal update: v5.4.155 upstream stable release
    (LP: #1951291)
    - virtio: write back F_VERSION_1 before validate

* Focal update: v5.4.154 upstream stable release (LP: #1951288)
    - net: phy: bcm7xxx: Fixed indirect MMD operations
    - ext4: correct the error path of ext4_write_inline_data_end()
    - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
    - netfilter: ip6_tables: zero-initialize fragment offset
    - HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs
    - netfilter: nf_nat_masquerade: make async masq_inet6_event handling generic
    - netfilter: nf_nat_masquerade: defer conntrack walk to work queue
    - mac80211: Drop frames from invalid MAC address in ad-hoc mode
    - m68k: Handle arrivals of multiple signals correctly
    - net: prevent user from passing illegal stab size
    - mac80211: check return value of rhashtable_init
    - net: sun: SUNVNET_COMMON should depend on INET
    - drm/amdgpu: fix gart.bo pin_count leak
    - scsi: ses: Fix unsigned comparison with less than zero
    - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
    - sched: Always inline is_percpu_thread()
    - Linux 5.4.154

* Focal update: v5.4.153 upstream stable release (LP: #1950014)
    - Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
    - USB: cdc-acm: fix racy tty buffer accesses
    - USB: cdc-acm: fix break reporting
    - usb: typec: tcpm: handle SRC_STARTUP state if cc changes
    - xen/privcmd: fix error handling in mmap-resource processing
    - mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk
    - ovl: fix missing negative dentry check in ovl_rename()
    - nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
    - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
    - xen/balloon: fix cancelled balloon action
    - ARM: dts: omap3430-sdp: Fix NAND device node
    - ARM: dts: qcom: apq8064: use compatible which contains chipid
    - MIPS: BPF: Restore MIPS32 cBPF JIT
    - bpf, mips: Validate conditional branch offsets
    - soc: qcom: socinfo: Fixed argument passed to platform_set_data()
    - ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference
    - soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment
    - ARM: dts: imx: Add missing pinctrl-names for panel on M53Menlo
    - ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo
    - arm64: dts: qcom: pm8150: use qcom,pm8998-pon binding
    - xtensa: move XCHAL_KIO_* definitions to kmem_layout.h
    - xtensa: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: call irqchip_init only when CONFIG_USE_OF is selected
    - bpf, arm: Fix register clobbering in div/mod implementation
    - bpf: Fix integer overflow in prealloc_elems_and_freelist()
    - phy: mdio: fix memory leak
    - net_sched: fix NULL deref in fifo_set_limit()
    - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
    - ptp_pch: Load module automatically if ID matches
    - arm64: dts: freescale: Fix SP805 clock-names
    - arm64: dts: ls1028a: add missing CAN nodes
    - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
      sequence
    - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
    - net/sched: sch_taprio: properly cancel timer from taprio_destroy()
    - net: sfp: Fix typo in state machine debug string
    - netlink: annotate data races around nlk->bound
    - bus: ti-sysc: Use CLKDM_NOAUTO for dra7 dcan1 for errata i893
    - video: fbdev: gbefb: Only instantiate device when built for IP32
    - drm/nouveau/debugfs: fix file release memory leak
    - gve: Correct available tx qpl check
    - rtnetlink: fix if_nlmsg_stats_size() under estimation
    - gve: fix gve_get_stats()
    - i40e: fix endless loop under rtnl
    - i40e: Fix freeing of uninitialized misc IRQ vector
    - net: prefer socket bound to interface when not in VRF
    - i2c: acpi: fix resource leak in reconfiguration device addition
    - bpf, s390: Fix potential memory leak about jit_data
    - RISC-V: Include clone3() on rv32
    - x86/platform/olpc: Correct ifdef symbol to intended CONFIG_OLPC_XO15_SCI
    - x86/hpet: Use another crystalball to evaluate HPET usability
    - x86/Kconfig: Correct reference to MWINCHIP3D
    - Linux 5.4.153

* Focal update: v5.4.152 upstream stable release (LP: #1950009)
    - net: mdio: introduce a shutdown method to mdio device drivers
    - xen-netback: correct success/error reporting for the SKB-with-fraglist case
    - sparc64: fix pci_iounmap() when CONFIG_PCI is not set
    - ext2: fix sleeping in atomic bugs on error
    - scsi: sd: Free scsi_disk device via put_device()
    - usb: testusb: Fix for showing the connection speed
    - usb: dwc2: check return value after calling platform_get_resource()
    - selftests: be sure to make khdr before other targets
    - selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn
    - scsi: ses: Retry failed Send/Receive Diagnostic commands
    - tools/vm/page-types: remove dependency on opt_file for idle page tracking
    - KVM: do not shrink halt_poll_ns below grow_start
    - kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[]
    - perf/x86: Reset destroy callback on event init failure
    - silence nfscache allocation warnings with kvzalloc
    - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
    - Linux 5.4.152

* linux-aws: Fix backport of RDMA/efa: Expose maximum  TX doorbell batch
    (LP: #1949882)
    - SAUCE: aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Fri, 26 Nov 2021 15:42:03 +0100

Changed in linux (Ubuntu Focal):
status:	Fix Committed → Fix Released

Ubuntu
linux-aws package

linux-aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	Fix Released	Undecided	Unassigned
Focal	Fix Released	Medium	Tim Gardner
linux-aws (Ubuntu)	Fix Released	Undecided	Unassigned
Focal	Fix Released	Medium	Tim Gardner

Ubuntulinux-aws package

linux-aws: Fix backport of RDMA/efa: Expose maximum TX doorbell batch

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-aws package