[ubuntu/bionic-security] linux-raspi2 4.15.0-1120.128 (Accepted)

Andy Whitcroft apw at canonical.com
Mon Oct 10 13:51:25 UTC 2022


linux-raspi2 (4.15.0-1120.128) bionic; urgency=medium

  * bionic/linux-raspi2: 4.15.0-1120.128 -proposed tracker (LP: #1989931)

  * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374)
    - [Config] raspi2: updateconfigs for RANDOM_TRUST_CPU, RANDOM_TRUST_BOOTLOADER

  [ Ubuntu: 4.15.0-194.205 ]

  * bionic/linux: 4.15.0-194.205 -proposed tracker (LP: #1989935)
  * Bionic update: upstream stable patchset 2022-09-14 (LP: #1989625)
    - random: schedule mix_interrupt_randomness() less often
    - ata: libata: add qc->flags in ata_qc_complete_template tracepoint
    - dm era: commit metadata in postsuspend after worker stops
    - random: quiet urandom warning ratelimit suppression message
    - USB: serial: option: add Telit LE910Cx 0x1250 composition
    - USB: serial: option: add Quectel EM05-G modem
    - USB: serial: option: add Quectel RM500K module support
    - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
    - x86/xen: Remove undefined behavior in setup_features()
    - MIPS: Remove repetitive increase irq_err_count
    - igb: Make DMA faster when CPU is active on the PCIe link
    - iio: adc: vf610: fix conversion mode sysfs node name
    - usb: chipidea: udc: check request status before setting device address
    - iio:accel:bma180: rearrange iio trigger get and register
    - iio: accel: mma8452: ignore the return value of reset operation
    - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
    - iio: trigger: sysfs: fix use-after-free on remove
    - iio: adc: axp288: Override TS pin bias current for some models
    - xtensa: xtfpga: Fix refcount leak bug in setup
    - xtensa: Fix refcount leak bug in time.c
    - powerpc: Enable execve syscall exit tracepoint
    - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
    - powerpc/powernv: wire up rng during setup_arch
    - ARM: dts: imx6qdl: correct PU regulator ramp delay
    - ARM: exynos: Fix refcount leak in exynos_map_pmu
    - ARM: Fix refcount leak in axxia_boot_secondary
    - ARM: cns3xxx: Fix refcount leak in cns3xxx_init
    - modpost: fix section mismatch check for exported init/exit sections
    - powerpc/pseries: wire up rng during setup_arch()
    - drm: remove drm_fb_helper_modinit
    - xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
    - fdt: Update CRC check for rng-seed
    - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
    - swiotlb: skip swiotlb_bounce when orig_addr is zero
    - net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
    - afs: Fix dynamic root getattr
    - iio:chemical:ccs811: rearrange iio trigger get and register
    - soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
    - nvdimm: Fix badblocks clear off-by-one error
    - dm raid: fix accesses beyond end of raid member array
    - dm raid: fix KASAN warning in raid5_add_disks
    - s390/archrandom: simplify back to earlier design and initialize earlier
    - SUNRPC: Fix READ_PLUS crasher
    - net: rose: fix UAF bugs caused by timer handler
    - net: usb: ax88179_178a: Fix packet receiving
    - RDMA/qedr: Fix reporting QP timeout attribute
    - usbnet: fix memory allocation in helpers
    - net: ipv6: unexport __init-annotated seg6_hmac_net_init()
    - caif_virtio: fix race between virtio_device_ready() and ndo_open()
    - netfilter: nft_dynset: restore set element counter when failing to update
    - net: bonding: fix possible NULL deref in rlb code
    - net: bonding: fix use-after-free after 802.3ad slave unbind
    - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
    - NFC: nxp-nci: Don't issue a zero length i2c_master_read()
    - xen/gntdev: Avoid blocking in unmap_grant_pages()
    - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add()
      fails
    - sit: use min
    - ipv6/sit: fix ipip6_tunnel_get_prl return value
    - net: Rename and export copy_skb_header
    - xen/blkfront: fix leaking data in shared pages
    - xen/netfront: fix leaking data in shared pages
    - xen/netfront: force data bouncing when backend is untrusted
    - xen/blkfront: force data bouncing when backend is untrusted
    - xen/arm: Fix race in RB-tree based P2M accounting
    - net: usb: qmi_wwan: add Telit 0x1060 composition
    - net: usb: qmi_wwan: add Telit 0x1070 composition
    - virtio-net: fix race between ndo_open() and virtio_device_ready()
    - net: tun: unlink NAPI from device on destruction
    - net: tun: stop NAPI when detaching queues
    - esp: limit skb_page_frag_refill use to a single page
    - mm/slub: add missing TID updates on slab deactivation
    - can: grcan: grcan_probe(): remove extra of_node_get()
    - can: gs_usb: gs_usb_open/close(): fix memory leak
    - usbnet: fix memory leak in error case
    - net: rose: fix UAF bug caused by rose_t0timer_expiry
    - iommu/vt-d: Fix PCI bus rescan device hot add
    - video: of_display_timing.h: include errno.h
    - powerpc/powernv: delay rng platform device creation until later in boot
    - xfs: remove incorrect ASSERT in xfs_rename
    - pinctrl: sunxi: a83t: Fix NAND function name for some pins
    - i2c: cadence: Unregister the clk notifier in error path
    - ida: don't use BUG_ON() for debugging
    - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
    - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
    - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
    - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
    - dmaengine: pl330: Fix lockdep warning about non-static key
    - ALSA: hda - Add fixup for Dell Latitidue E5430
    - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
    - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
    - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
      pointer
    - ARM: 9213/1: Print message about disabled Spectre workarounds only once
    - ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
    - cgroup: Use separate src/dst nodes when preloading css_sets for migration
    - nilfs2: fix incorrect masking of permission flags for symlinks
    - net: dsa: bcm_sf2: force pause link settings
    - ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
    - inetpeer: Fix data-races around sysctl.
    - net: Fix data-races around sysctl_mem.
    - cipso: Fix data-races around sysctl.
    - icmp: Fix data-races around sysctl.
    - ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
    - icmp: Fix a data-race around sysctl_icmp_ratelimit.
    - icmp: Fix a data-race around sysctl_icmp_ratemask.
    - ipv4: Fix data-races around sysctl_ip_dynaddr.
    - sfc: fix use after free when disabling sriov
    - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
    - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
    - sfc: fix kernel panic when creating VF
    - virtio_mmio: Add missing PM calls to freeze/restore
    - virtio_mmio: Restore guest page size on resume
    - netfilter: br_netfilter: do not skip all hooks with 0 priority
    - cpufreq: pmac32-cpufreq: Fix refcount leak bug
    - platform/x86: hp-wmi: Ignore Sanitization Mode event
    - net: tipc: fix possible refcount leak in tipc_sk_create()
    - NFC: nxp-nci: don't print header length mismatch on i2c error
    - net: sfp: fix memory leak in sfp_probe()
    - ASoC: ops: Fix off by one in range control validation
    - ASoC: wm5110: Fix DRE control
    - irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
    - x86: Clear .brk area at early boot
    - signal handling: don't use BUG_ON() for debugging
    - USB: serial: ftdi_sio: add Belimo device ids
    - usb: dwc3: gadget: Fix event pending check
    - tty: serial: samsung_tty: set dma burst_size to 1
    - serial: 8250: fix return error code in serial8250_request_std_resource()
    - mm: invalidate hwpoison page cache page in fault path
    - can: m_can: m_can_tx_handler(): fix use after free of skb
    - ASoC: sgtl5000: Fix noise on shutdown/remove
    - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
  * Bionic update: upstream stable patchset 2022-09-12 (LP: #1989374)
    - [Config] dkms-versions -- force wireguard-dkms update
    - Revert "random: Make getrandom() ready earlier"
    - 9p: missing chunk of "fs/9p: Don't update file type when updating file
      attributes"
    - crypto: chacha20 - Fix keystream alignment for chacha20_block()
    - random: always fill buffer in get_random_bytes_wait
    - random: optimize add_interrupt_randomness
    - drivers/char/random.c: remove unused dont_count_entropy
    - random: Fix whitespace pre random-bytes work
    - random: Return nbytes filled from hw RNG
    - [Config] updateconfigs for RANDOM_TRUST_CPU, RANDOM_TRUST_BOOTLOADER
    - random: add a config option to trust the CPU's hwrng
    - random: remove preempt disabled region
    - random: Make crng state queryable
    - random: make CPU trust a boot parameter
    - drivers/char/random.c: constify poolinfo_table
    - drivers/char/random.c: remove unused stuct poolinfo::poolbits
    - drivers/char/random.c: make primary_crng static
    - random: only read from /dev/random after its pool has received 128 bits
    - random: move rand_initialize() earlier
    - random: document get_random_int() family
    - latent_entropy: avoid build error when plugin cflags are not set
    - random: fix soft lockup when trying to read from an uninitialized blocking
      pool
    - random: Support freezable kthreads in add_hwgenerator_randomness()
    - fdt: add support for rng-seed
    - random: Use wait_event_freezable() in add_hwgenerator_randomness()
    - char/random: Add a newline at the end of the file
    - Revert "hwrng: core - Freeze khwrng thread during suspend"
    - crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array()
    - crypto: blake2s - generic C library implementation and selftest
    - lib/crypto: blake2s: move hmac construction into wireguard
    - lib/crypto: sha1: re-roll loops to reduce code size
    - random: Don't wake crng_init_wait when crng_init == 1
    - random: Add a urandom_read_nowait() for random APIs that don't warn
    - random: add GRND_INSECURE to return best-effort non-cryptographic bytes
    - random: ignore GRND_RANDOM in getentropy(2)
    - random: make /dev/random be almost like /dev/urandom
    - random: fix crash on multiple early calls to add_bootloader_randomness()
    - random: remove the blocking pool
    - random: delete code to pull data into pools
    - random: remove kernel.random.read_wakeup_threshold
    - random: remove unnecessary unlikely()
    - random: convert to ENTROPY_BITS for better code readability
    - random: Add and use pr_fmt()
    - random: fix typo in add_timer_randomness()
    - random: remove some dead code of poolinfo
    - random: split primary/secondary crng init paths
    - random: avoid warnings for !CONFIG_NUMA builds
    - x86: Remove arch_has_random, arch_has_random_seed
    - powerpc: Remove arch_has_random, arch_has_random_seed
    - s390: Remove arch_has_random, arch_has_random_seed
    - linux/random.h: Remove arch_has_random, arch_has_random_seed
    - linux/random.h: Use false with bool
    - linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
    - powerpc: Use bool in archrandom.h
    - random: add arch_get_random_*long_early()
    - random: avoid arch_get_random_seed_long() when collecting IRQ randomness
    - random: remove dead code left over from blocking pool
    - MAINTAINERS: co-maintain random.c
    - crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
    - crypto: blake2s - adjust include guard naming
    - random: document add_hwgenerator_randomness() with other input functions
    - random: remove unused irq_flags argument from add_interrupt_randomness()
    - random: use BLAKE2s instead of SHA1 in extraction
    - random: do not sign extend bytes for rotation when mixing
    - random: do not re-init if crng_reseed completes before primary init
    - random: mix bootloader randomness into pool
    - random: harmonize "crng init done" messages
    - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
    - random: initialize ChaCha20 constants with correct endianness
    - random: early initialization of ChaCha constants
    - random: avoid superfluous call to RDRAND in CRNG extraction
    - random: don't reset crng_init_cnt on urandom_read()
    - random: fix typo in comments
    - random: cleanup poolinfo abstraction
    - crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
    - random: cleanup integer types
    - random: remove incomplete last_data logic
    - random: remove unused extract_entropy() reserved argument
    - random: rather than entropy_store abstraction, use global
    - random: remove unused OUTPUT_POOL constants
    - random: de-duplicate INPUT_POOL constants
    - random: prepend remaining pool constants with POOL_
    - random: cleanup fractional entropy shift constants
    - random: access input_pool_data directly rather than through pointer
    - random: simplify arithmetic function flow in account()
    - random: continually use hwgenerator randomness
    - random: access primary_pool directly rather than through pointer
    - random: only call crng_finalize_init() for primary_crng
    - random: use computational hash for entropy extraction
    - random: simplify entropy debiting
    - random: use linear min-entropy accumulation crediting
    - random: always wake up entropy writers after extraction
    - random: make credit_entropy_bits() always safe
    - random: remove use_input_pool parameter from crng_reseed()
    - random: remove batched entropy locking
    - random: fix locking in crng_fast_load()
    - random: use RDSEED instead of RDRAND in entropy extraction
    - random: inline leaves of rand_initialize()
    - random: ensure early RDSEED goes through mixer on init
    - random: do not xor RDRAND when writing into /dev/random
    - random: absorb fast pool into input pool after fast load
    - random: use hash function for crng_slow_load()
    - random: remove outdated INT_MAX >> 6 check in urandom_read()
    - random: zero buffer after reading entropy from userspace
    - random: tie batched entropy generation to base_crng generation
    - random: remove ifdef'd out interrupt bench
    - random: remove unused tracepoints
    - random: add proper SPDX header
    - random: deobfuscate irq u32/u64 contributions
    - random: introduce drain_entropy() helper to declutter crng_reseed()
    - random: remove useless header comment
    - random: remove whitespace and reorder includes
    - random: group initialization wait functions
    - random: group entropy extraction functions
    - random: group entropy collection functions
    - random: group userspace read/write functions
    - random: group sysctl functions
    - random: rewrite header introductory comment
    - random: defer fast pool mixing to worker
    - random: do not take pool spinlock at boot
    - random: unify early init crng load accounting
    - random: check for crng_init == 0 in add_device_randomness()
    - random: pull add_hwgenerator_randomness() declaration into random.h
    - random: clear fast pool, crng, and batches in cpuhp bring up
    - random: round-robin registers as ulong, not u32
    - random: only wake up writers after zap if threshold was passed
    - random: cleanup UUID handling
    - random: unify cycles_t and jiffies usage and types
    - random: do crng pre-init loading in worker rather than irq
    - random: give sysctl_random_min_urandom_seed a more sensible value
    - random: don't let 644 read-only sysctls be written to
    - random: replace custom notifier chain with standard one
    - random: use SipHash as interrupt entropy accumulator
    - random: make consistent usage of crng_ready()
    - random: reseed more often immediately after booting
    - random: check for signal and try earlier when generating entropy
    - random: skip fast_init if hwrng provides large chunk of entropy
    - random: treat bootloader trust toggle the same way as cpu trust toggle
    - random: re-add removed comment about get_random_{u32,u64} reseeding
    - random: mix build-time latent entropy into pool at init
    - random: do not split fast init input in add_hwgenerator_randomness()
    - random: do not allow user to keep crng key around on stack
    - random: check for signal_pending() outside of need_resched() check
    - random: check for signals every PAGE_SIZE chunk of /dev/[u]random
    - random: make random_get_entropy() return an unsigned long
    - random: document crng_fast_key_erasure() destination possibility
    - random: fix sysctl documentation nits
    - init: call time_init() before rand_initialize()
    - ia64: define get_cycles macro for arch-override
    - s390: define get_cycles macro for arch-override
    - parisc: define get_cycles macro for arch-override
    - alpha: define get_cycles macro for arch-override
    - powerpc: define get_cycles macro for arch-override
    - timekeeping: Add raw clock fallback for random_get_entropy()
    - m68k: use fallback for random_get_entropy() instead of zero
    - mips: use fallback for random_get_entropy() instead of just c0 random
    - arm: use fallback for random_get_entropy() instead of zero
    - nios2: use fallback for random_get_entropy() instead of zero
    - x86/tsc: Use fallback for random_get_entropy() instead of zero
    - um: use fallback for random_get_entropy() instead of zero
    - sparc: use fallback for random_get_entropy() instead of zero
    - xtensa: use fallback for random_get_entropy() instead of zero
    - random: insist on random_get_entropy() existing in order to simplify
    - random: do not use batches when !crng_ready()
    - random: do not pretend to handle premature next security model
    - random: order timer entropy functions below interrupt functions
    - random: do not use input pool from hard IRQs
    - random: help compiler out with fast_mix() by using simpler arguments
    - siphash: use one source of truth for siphash permutations
    - random: use symbolic constants for crng_init states
    - random: avoid initializing twice in credit race
    - random: remove ratelimiting for in-kernel unseeded randomness
    - random: use proper jiffies comparison macro
    - random: handle latent entropy and command line from random_init()
    - random: credit architectural init the exact amount
    - random: use static branch for crng_ready()
    - random: remove extern from functions in header
    - random: use proper return types on get_random_{int,long}_wait()
    - random: move initialization functions out of hot pages
    - random: move randomize_page() into mm where it belongs
    - random: convert to using fops->write_iter()
    - random: wire up fops->splice_{read,write}_iter()
    - random: check for signals after page of pool writes
    - Revert "random: use static branch for crng_ready()"
    - crypto: drbg - add FIPS 140-2 CTRNG for noise source
    - crypto: drbg - always seeded with SP800-90B compliant noise source
    - crypto: drbg - prepare for more fine-grained tracking of seeding state
    - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
    - crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
    - crypto: drbg - always try to free Jitter RNG instance
    - crypto: drbg - make reseeding from get_random_bytes() synchronous
    - random: avoid checking crng_ready() twice in random_init()
    - random: mark bootloader randomness code as __init
    - random: account for arch randomness in bits
    - ASoC: cs42l52: Fix TLV scales for mixer controls
    - ASoC: cs53l30: Correct number of volume levels on SX controls
    - ASoC: cs42l52: Correct TLV for Bypass Volume
    - ASoC: cs42l56: Correct typo in minimum level for SX volume controls
    - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
    - ASoC: wm8962: Fix suspend while playing music
    - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
    - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
    - scsi: ipr: Fix missing/incorrect resource cleanup in error case
    - scsi: pmcraid: Fix missing resource cleanup in error case
    - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration
      failed
    - nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
    - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
    - net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface
      netdev[napi]_alloc_frag
    - random: credit cpu and bootloader seeds by default
    - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
    - i40e: Fix call trace in setup_tx_descriptors
    - tty: goldfish: Fix free_irq() on remove
    - misc: atmel-ssc: Fix IRQ check in ssc_probe
    - net: bgmac: Fix an erroneous kfree() in bgmac_remove()
    - arm64: ftrace: fix branch range checks
    - certs/blacklist_hashes.c: fix const confusion in certs blacklist
    - irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
    - comedi: vmk80xx: fix expression for tx buffer size
    - USB: serial: option: add support for Cinterion MV31 with new baseline
    - USB: serial: io_ti: add Agilent E5805A support
    - usb: dwc2: Fix memory leak in dwc2_hcd_init
    - usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
    - serial: 8250: Store to lsr_save_flags after lsr read
    - ext4: fix bug_on ext4_mb_use_inode_pa
    - ext4: make variable "count" signed
    - ext4: add reserved GDT blocks check
    - virtio-pci: Remove wrong address verification in vp_del_vqs()
    - s390/mm: use non-quiescing sske for KVM switch to keyed guest
    - usb: gadget: u_ether: fix regression in setting fixed MAC address
    - xprtrdma: fix incorrect header size calculations
    - tcp: add some entropy in __inet_hash_connect()
    - tcp: use different parts of the port_offset for index and offset
    - tcp: add small random increments to the source port
    - tcp: dynamically allocate the perturb table used by source ports
    - tcp: increase source port perturb table to 2^16
    - tcp: drop the hash_32() part from the index calculation
    - powerpc/kasan: Silence KASAN warnings in __get_wchan()
    - ASoC: es8328: Fix event generation for deemphasis control
    - ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()
    - i40e: Fix adding ADQ filter to TC0
    - mlxsw: spectrum_cnt: Reorder counter pools
    - net: openvswitch: fix misuse of the cached connection on tuple changes
    - RISC-V: fix barrier() use in <vdso/processor.h>
    - powerpc/mm: Switch obsolete dssall to .long

Date: 2022-09-26 08:24:08.565504+00:00
Changed-By: Juerg Haefliger <juerg.haefliger at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1120.128
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list