[ubuntu/focal-proposed] linux 5.4.0-154.171 (Accepted)
Andy Whitcroft
apw at canonical.com
Mon Jun 19 11:40:51 UTC 2023
linux (5.4.0-154.171) focal; urgency=medium
* focal/linux: 5.4.0-154.171 -proposed tracker (LP: #2024170)
* Severe NFS performance degradation after LP #2003053 (LP: #2022098)
- SAUCE: Make NFS file-access stale cache behaviour opt-in
* Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled
guest (LP: #2020319)
- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
* Focal update: v5.4.240 upstream stable release (LP: #2023601)
- net: tls: fix possible race condition between do_tls_getsockopt_conf() and
do_tls_setsockopt_conf()
- power: supply: da9150: Fix use after free bug in da9150_charger_remove due
to race condition
- iavf: fix inverted Rx hash condition leading to disabled hash
- iavf: fix non-tunneled IPv6 UDP packet type and hashing
- intel/igbvf: free irq on the error path in igbvf_request_msix()
- igbvf: Regard vf reset nack as success
- i2c: imx-lpi2c: check only for enabled interrupt flags
- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
- net: usb: smsc95xx: Limit packet length to skb->len
- qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
- net: qcom/emac: Fix use after free bug in emac_remove due to race condition
- net/ps3_gelic_net: Fix RX sk_buff length
- net/ps3_gelic_net: Use dma_mapping_error
- keys: Do not cache key in task struct if key is requested from kernel thread
- bpf: Adjust insufficient default bpf_jit_limit
- net/mlx5: Read the TC mapping of all priorities on ETS query
- atm: idt77252: fix kmemleak when rmmod idt77252
- erspan: do not use skb_mac_header() in ndo_start_xmit()
- net/sonic: use dma_mapping_error() for error check
- nvme-tcp: fix nvme_tcp_term_pdu to match spec
- hvc/xen: prevent concurrent accesses to the shared ring
- net: mdio: thunder: Add missing fwnode_handle_put()
- Bluetooth: btqcomsmd: Fix command timeout after setting BD address
- platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
- hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs
- scsi: qla2xxx: Perform lockless command completion in abort path
- uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2
- thunderbolt: Use const qualifier for `ring_interrupt_index`
- riscv: Bump COMMAND_LINE_SIZE value to 1024
- ca8210: fix mac_len negative array access
- m68k: Only force 030 bus error if PC not in exception table
- selftests/bpf: check that modifier resolves after pointer
- scsi: target: iscsi: Fix an error message in iscsi_check_key()
- scsi: ufs: core: Add soft dependency on governor_simpleondemand
- scsi: lpfc: Avoid usage of list iterator variable after loop
- net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990
- net: usb: qmi_wwan: add Telit 0x1080 composition
- sh: sanitize the flags on sigreturn
- cifs: empty interface list when server doesn't support query interfaces
- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR
- usb: gadget: u_audio: don't let userspace block driver unbind
- fsverity: Remove WQ_UNBOUND from fsverity read workqueue
- igb: revert rtnl_lock() that causes deadlock
- dm thin: fix deadlock when swapping to thin device
- usb: cdns3: Fix issue with using incorrect PCI device function
- usb: chipdea: core: fix return -EINVAL if request role is the same with
current role
- usb: chipidea: core: fix possible concurrent when switch role
- wifi: mac80211: fix qos on mesh interfaces
- nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer()
- dm stats: check for and propagate alloc_percpu failure
- dm crypt: add cond_resched() to dmcrypt_write()
- sched/fair: sanitize vruntime of entity being placed
- sched/fair: Sanitize vruntime of entity being migrated
- tun: avoid double free in tun_free_netdev
- ocfs2: fix data corruption after failed write
- fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY
- bus: imx-weim: fix branch condition evaluates to a garbage value
- md: avoid signed overflow in slot_store()
- ALSA: asihpi: check pao in control_message()
- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
- fbdev: tgafb: Fix potential divide by zero
- sched_getaffinity: don't assume 'cpumask_size()' is fully initialized
- fbdev: nvidia: Fix potential divide by zero
- fbdev: intelfb: Fix potential divide by zero
- fbdev: lxfb: Fix potential divide by zero
- fbdev: au1200fb: Fix potential divide by zero
- ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx()
- dma-mapping: drop the dev argument to arch_sync_dma_for_*
- mips: bmips: BCM6358: disable RAC flush for TP1
- mtd: rawnand: meson: invalidate cache on polling ECC bit
- scsi: megaraid_sas: Fix crash after a double completion
- ptp_qoriq: fix memory leak in probe()
- regulator: fix spelling mistake "Cant" -> "Can't"
- regulator: Handle deferred clk
- net/net_failover: fix txq exceeding warning
- can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
- s390/vfio-ap: fix memory leak in vfio_ap device driver
- i40e: fix registers dump after run ethtool adapter self test
- bnxt_en: Fix typo in PCI id to device description string mapping
- net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only
- net: mvneta: make tx buffer array agnostic
- pinctrl: ocelot: Fix alt mode for ocelot
- Input: alps - fix compatibility with -funsigned-char
- Input: focaltech - use explicitly signed char type
- cifs: prevent infinite recursion in CIFSGetDFSRefer()
- cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL
- Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table
- xen/netback: don't do grant copy across page boundary
- pinctrl: at91-pio4: fix domain name assignment
- NFSv4: Fix hangs when recovering open state after a server reboot
- ALSA: hda/conexant: Partial revert of a quirk for Lenovo
- ALSA: usb-audio: Fix regression on detection of Roland VS-100
- drm/etnaviv: fix reference leak when mmaping imported buffer
- btrfs: scan device in non-exclusive mode
- ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
- net_sched: add __rcu annotation to netdev->qdisc
- net: sched: fix race condition in qdisc_graft()
- firmware: arm_scmi: Fix device node validation for mailbox transport
- gfs2: Always check inode size of inline inodes
- Linux 5.4.240
* Focal update: v5.4.239 upstream stable release (LP: #2023600)
- Linux 5.4.239
* CVE-2023-2124
- xfs: verify buffer contents when we skip log replay
* CVE-2020-36691
- netlink: limit recursion depth in policy validation
* CVE-2022-1184
- ext4: check if directory block is within i_size
- ext4: fix check for block being out of directory size
* cls_flower: off-by-one in fl_set_geneve_opt (LP: #2023577)
- net/sched: flower: fix possible OOB write in fl_set_geneve_opt()
* Some INVLPG implementations can leave Global translations unflushed when
PCIDs are enabled (LP: #2023220)
- x86/mm: Avoid incomplete Global INVLPG flushes
* CVE-2022-4269
- net: sched: extract qstats update code into functions
- net: sched: don't expose action qstats to skb_tc_reinsert()
- net/sched: act_mirred: refactor the handle of xmit
- net: sched: remove unused tcf_result extension
- net/sched: act_mirred: better wording on protection against excessive stack
growth
- act_mirred: use the backlog for nested calls to mirred ingress
* Focal update: v5.4.238 upstream stable release (LP: #2023427)
- ext4: fix cgroup writeback accounting with fs-layer encryption
- xfrm: Allow transport-mode states with AF_UNSPEC selector
- drm/panfrost: Don't sync rpm suspension after mmu flushing
- cifs: Move the in_send statistic to __smb_send_rqst()
- drm/meson: fix 1px pink line on GXM when scaling video overlay
- clk: HI655X: select REGMAP instead of depending on it
- docs: Correct missing "d_" prefix for dentry_operations member
d_weak_revalidate
- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
- ALSA: hda - add Intel DG1 PCI and HDMI ids
- ALSA: hda - controller is in GPU on the DG1
- ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid
- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid
- ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU()
- netfilter: nft_redir: correct value of inet type `.maxattrs`
- scsi: core: Fix a comment in function scsi_host_dev_release()
- scsi: core: Fix a procfs host directory removal regression
- tcp: tcp_make_synack() can be called from process context
- nfc: pn533: initialize struct pn533_out_arg properly
- ipvlan: Make skb->skb_iif track skb->dev for l3s mode
- i40e: Fix kernel crash during reboot when adapter is in recovery mode
- qed/qed_dev: guard against a possible division by zero
- net: tunnels: annotate lockless accesses to dev->needed_headroom
- net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails
- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
- net: usb: smsc75xx: Limit packet length to skb->len
- nvmet: avoid potential UAF in nvmet_req_complete()
- block: sunvdc: add check for mdesc_grab() returning NULL
- ipv4: Fix incorrect table ID in IOCTL path
- net: usb: smsc75xx: Move packet length check to prevent kernel panic in
skb_pull
- net/iucv: Fix size of interrupt data
- ethernet: sun: add check for the mdesc_grab()
- hwmon: (adt7475) Display smoothing attributes in correct order
- hwmon: (adt7475) Fix masking of hysteresis registers
- hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race
condition
- hwmon: (ina3221) return prober error code
- media: m5mols: fix off-by-one loop termination error
- mmc: atmel-mci: fix race between stop command and start of next command
- jffs2: correct logic when creating a hole in jffs2_write_begin
- ext4: fail ext4_iget if special inode unallocated
- ext4: fix task hung in ext4_xattr_delete_inode
- drm/amdkfd: Fix an illegal memory access
- sh: intc: Avoid spurious sizeof-pointer-div warning
- ext4: fix possible double unlock when moving a directory
- tty: serial: fsl_lpuart: skip waiting for transmission complete when
UARTCTRL_SBK is asserted
- interconnect: fix mem leak when freeing nodes
- tracing: Check field value in hist_field_name()
- tracing: Make tracepoint lockdep check actually test something
- ftrace: Fix invalid address access in lookup_rec() when index is 0
- fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks
- x86/mm: Fix use of uninitialized buffer in sme_enable()
- drm/i915: Don't use stolen memory for ring buffers with LLC
- serial: 8250_em: Fix UART port type
- s390/ipl: add missing intersection check to ipl_report handling
- PCI: Unify delay handling for reset and resume
- HID: core: Provide new max_buffer_size attribute to over-ride the default
- HID: uhid: Over-ride the default maximum data buffer value with our own
- Linux 5.4.238
* Focal update: v5.4.237 upstream stable release (LP: #2023420)
- fs: prevent out-of-bounds array speculation when closing a file descriptor
- x86/CPU/AMD: Disable XSAVES on AMD family 0x17
- drm/connector: print max_requested_bpc in state debugfs
- ext4: fix RENAME_WHITEOUT handling for inline directories
- ext4: fix another off-by-one fsmap error on 1k block filesystems
- ext4: move where set the MAY_INLINE_DATA flag is set
- ext4: fix WARNING in ext4_update_inline_data
- ext4: zero i_disksize when initializing the bootloader inode
- nfc: change order inside nfc_se_io error path
- iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid] commands
- iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options
- iommu/amd: Add a length limitation for the ivrs_acpihid command-line
parameter
- ipmi:ssif: make ssif_i2c_send() void
- ipmi:ssif: resend_msg() cannot fail
- ipmi:ssif: Remove rtc_us_timer
- ipmi:ssif: Increase the message retry time
- ipmi:ssif: Add a timer between request retries
- irqdomain: Change the type of 'size' in __irq_domain_add() to be consistent
- irqdomain: Fix domain registration race
- iommu/vt-d: Fix PASID directory pointer coherency
- SMB3: Backup intent flag missing from some more ops
- cifs: Fix uninitialized memory read in smb3_qfs_tcon()
- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
- ext4: Fix possible corruption when moving a directory
- drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register
- nfc: fdp: add null check of devm_kmalloc_array in
fdp_nci_i2c_read_device_properties
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()
- selftests: nft_nat: ensuring the listening side is up before starting the
client
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables
- net: lan78xx: fix accessing the LAN7800's internal phy specific registers
from the MAC driver
- net: caif: Fix use-after-free in cfusbl_device_notify()
- bnxt_en: Avoid order-5 memory allocation for TPA data
- netfilter: tproxy: fix deadlock due to missing BH disable
- btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR
- scsi: megaraid_sas: Update max supported LD IDs to 240
- net/smc: fix fallback failed while sendmsg with fastopen
- riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode
- ext4: Fix deadlock during directory rename
- MIPS: Fix a compilation issue
- alpha: fix R_ALPHA_LITERAL reloc for large modules
- macintosh: windfarm: Use unsigned type for 1-bit bitfields
- PCI: Add SolidRun vendor ID
- media: ov5640: Fix analogue gain control
- ipmi/watchdog: replace atomic_add() and atomic_sub()
- ipmi:watchdog: Set panic count to proper value on a panic
- drm/i915: Don't use BAR mappings for ring buffers with LLC
- x86, vmlinux.lds: Add RUNTIME_DISCARD_EXIT to generic DISCARDS
- arch: fix broken BuildID for arm64 and riscv
- powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT
- powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds
- s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36
- sh: define RUNTIME_DISCARD_EXIT
- UML: define RUNTIME_DISCARD_EXIT
- s390/dasd: add missing discipline function
- Linux 5.4.237
* Focal update: v5.4.236 upstream stable release (LP: #2020390)
- staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script
- staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh
- Linux 5.4.236
Date: 2023-06-16 16:26:08.440302+00:00
Changed-By: Stefan Bader <stefan.bader at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux/5.4.0-154.171
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list