linux-image-5.0.0-35-generic breaks checkpointing of container

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1857257

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Multiple projects are now disabling CRIU tests in Travis because of this bug:

https://github.com/containerd/containerd/pull/3898
https://github.com/opencontainers/runc/issues/2196
https://github.com/opencontainers/runc/pull/2198

I can confirm that this error can not be reproduced with:
- 4.15.0-74-generic
- 4.18.0-25-generic
- 5.0.0-15-generic
- 5.0.0-20-generic
- 5.0.0-23-generic
- 5.0.0-25-generic
- 5.0.0-31-generic
- 5.0.0-32-generic

I was able to reproduce the error with 5.0.0-27-generic, 5.0.0-29-generic, 5.0.0-35-generic, 5.0.0-37-generic and 5.3.0-24-generic.

However, it does not occur when using v5.4, v5.3, v5.2 v5.1, v5.0 and v5.0.21 from https://kernel.ubuntu.com/~kernel-ppa/mainline/

The error with 5.0.0-29-generic (and 5.0.0-27-generic), however, is slightly different from 5.0.0-35-generic:

5.0.0-27-generic and 5.0.0-29-generic:

(00.080120) Dumping path for -3 fd via self 14 [/]
(00.080127) Error (criu/files-reg.c:1290): Unaccessible path opened 49:24201, need 2050:547424
(00.080138) Error (criu/cr-dump.c:1243): Collect mappings (pid: 1354) failed with -1

5.0.0-35-generic:

(00.078892) Error (criu/files-reg.c:1341): Can't lookup mount=331 for fd=-3 path=/bin/sh
(00.078906) Error (criu/cr-dump.c:1243): Collect mappings (pid: 1333) failed with -1

The following commit looks suspicious. I don't know where I can find a patch:

overlayfs: allow with shiftfs as underlay
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1846272

Replying to Andrew Vagin's comment: This patch references the bug you mentioned:

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/bionic/commit/?h=hwe&id=5613773b6f576de155c39a7b7a04e45f9f6eaf46

The root cause of this fail is a wrong mount ID which is reported for file mappings:

Steps to reproduce:

root@ubuntu-s-4vcpu-8gb-nyc1-01:~# uname -a
Linux ubuntu-s-4vcpu-8gb-nyc1-01 5.3.0-26-generic #28-Ubuntu SMP Wed Dec 18 05:37:46 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

root@ubuntu-s-4vcpu-8gb-nyc1-01:~# docker run -it --rm --privileged busybox
/ # ls -l /proc/1/map_files/
total 0
lr-------- 1 root root 64 Jan 7 18:59 400000-401000 -> /bin/sh
lr-------- 1 root root 64 Jan 7 19:00 401000-4dd000 -> /bin/sh
lr-------- 1 root root 64 Jan 7 19:00 4dd000-514000 -> /bin/sh
lr-------- 1 root root 64 Jan 7 19:00 514000-516000 -> /bin/sh

/ # exec 50</proc/1/map_files/400000-401000
/ # cat /proc/self/fdinfo/50
pos: 0
flags: 0100000
mnt_id: 551
/ # cat /proc/self/mountinfo | grep 551

We can see that the mount 551 isn't listed in container mounts.

If we will try to open /bin/sh directly, we will see the mount ID of the container root mount.

/ # exec 50</bin/sh
/ # cat /proc/self/fdinfo/50
pos: 0
flags: 0100000
mnt_id: 607
/ # cat /proc/self/mountinfo | grep '^607'
607 567 0:51 / / rw,relatime master:308 - overlay overlay rw,lowerdir=/var/lib/docker/overlay2/l/DCAEKRDYRDTVUIECWWPMTFAKAO:/var/lib/docker/overlay2/l/BEYAU2IKCGHGS5UYC7C6Q6HIHG,upperdir=/var/lib/docker/overlay2/1c92eec684804fbc8642a9a4698a0099c9ff5c39915289e1fcd1b39493558c65/diff,workdir=/var/lib/docker/overlay2/1c92eec684804fbc8642a9a4698a0099c9ff5c39915289e1fcd1b39493558c65/work,xino=off

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

apport information

This change was made by a bot.

On Tue, Jan 07, 2020 at 07:07:36PM -0000, Andrew Vagin wrote:
> The root cause of this fail is a wrong mount ID which is reported for
> file mappings:

If you have cycles to come up with a patch to fix this that would be
appreciated. Otherwise this will end up lower in my priority queue since
my backlog is quite full atm.

My backlog is full too and this isn't a joke:). I am out of a context of overlayfs, so I will need to read its sources, then figure out what change in the ubuntu kernel has introduced this issue, learn how to compile and test the ubuntu kernel... All these could sound fun 10 years ago, but now there are too much fun around me to eat it all :).

Andrew absolutely right, problem introduced by commit https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/bionic/commit/?h=hwe&id=5613773b6f576de155c39a7b7a04e45f9f6eaf46

I will try to dive into overlayfs internals and find solution.

Quick fix (not sure that it's fully correct)

diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 943733d86da3..fa30b615076e 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -24,13 +24,16 @@ static char ovl_whatisit(struct inode *inode, struct inode *realinode)
 static struct file *ovl_open_realfile(const struct file *file,
                                      struct inode *realinode)
 {
+ struct path realpath;
        struct inode *inode = file_inode(file);
        struct file *realfile;
        const struct cred *old_cred;
        int flags = file->f_flags | O_NOATIME | FMODE_NONOTIFY;

        old_cred = ovl_override_creds(inode->i_sb);
- realfile = open_with_fake_path(&file->f_path, flags, realinode,
+ ovl_path_real(file->f_path.dentry, &realpath);
+ realpath.mnt = file->f_path.mnt; // important!
+ realfile = open_with_fake_path(&realpath, flags, realinode,
                                       current_cred());
        revert_creds(old_cred);

https://lists.ubuntu.com/archives/kernel-team/2020-April/109089.html

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-eoan' to 'verification-done-eoan'. If the problem still exists, change the tag 'verification-needed-eoan' to 'verification-failed-eoan'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

It seems like the patch you committed to fix this bug causes the overlay module to crash on one of my Ubuntu 18.04 machines.

When using linux-generic 5.3.0-52.46, as soon as my gitlab-runner tries to start up a Docker container, dmesg spits out the stuff you can see in the "dmesg-excerpt.txt" attachment.

Downgrading to linux-generic 5.3.0-51.44 solves the issue. I haven't bisected this, but looking at the git commit history, your patch looks like the obvious culprit to me.

https://kernel.ubuntu.com/git/ubuntu/ubuntu-eoan.git/log/?h=Ubuntu-5.3.0-52.46

Yeah, that patch is buggy and I think this might've been my fault actually. The fix should be:

diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c
index 9d16fff5342a..fbec523a67c9 100644
--- a/fs/overlayfs/file.c
+++ b/fs/overlayfs/file.c
@@ -42,6 +42,7 @@ static struct file *ovl_open_realfile(const struct file *file,
        int flags = file->f_flags | O_NOATIME | FMODE_NONOTIFY;

        old_cred = ovl_override_creds(inode->i_sb);
+ ovl_path_real(file->f_path.dentry, &realpath);
        if (realpath.dentry->d_sb->s_magic == SHIFTFS_MAGIC)
                realfile = open_with_fake_path(&realpath, flags, realinode,
                                               current_cred());

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

The fix for this bug seems to be causing bug 1876645.

Fix here:
https://lists.ubuntu.com/archives/kernel-team/2020-May/109617.html

This bug was fixed in the package linux - 5.4.0-31.35

---------------
linux (5.4.0-31.35) focal; urgency=medium

  * focal/linux: 5.4.0-31.35 -proposed tracker (LP: #1877253)

  * Intermittent display blackouts on event (LP: #1875254)
    - drm/i915: Limit audio CDCLK>=2*BCLK constraint back to GLK only

  * Unable to handle kernel pointer dereference in virtual kernel address space
    on Eoan (LP: #1876645)
    - SAUCE: overlayfs: fix shitfs special-casing

linux (5.4.0-30.34) focal; urgency=medium

  * focal/linux: 5.4.0-30.34 -proposed tracker (LP: #1875385)

  * ubuntu/focal64 fails to mount Vagrant shared folders (LP: #1873506)
    - [Packaging] Move virtualbox modules to linux-modules
    - [Packaging] Remove vbox and zfs modules from generic.inclusion-list

  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: use shiftfs hacks only with shiftfs as underlay

  * shiftfs: broken shiftfs nesting (LP: #1872094)
    - SAUCE: shiftfs: record correct creator credentials

  * Add debian/rules targets to compile/run kernel selftests (LP: #1874286)
    - [Packaging] add support to compile/run selftests

  * shiftfs: O_TMPFILE reports ESTALE (LP: #1872757)
    - SAUCE: shiftfs: fix dentry revalidation

  * LIO hanging in iscsit_free_session and iscsit_stop_session (LP: #1871688)
    - scsi: target: iscsi: calling iscsit_stop_session() inside
      iscsit_close_session() has no effect

  * [ICL] TC port in legacy/static mode can't be detected due TCCOLD
    (LP: #1868936)
    - SAUCE: drm/i915: Align power domain names with port names
    - SAUCE: drm/i915/display: Move out code to return the digital_port of the aux
      ch
    - SAUCE: drm/i915/display: Add intel_legacy_aux_to_power_domain()
    - SAUCE: drm/i915/display: Split hsw_power_well_enable() into two
    - SAUCE: drm/i915/tc/icl: Implement TC cold sequences
    - SAUCE: drm/i915/tc: Skip ref held check for TC legacy aux power wells
    - SAUCE: drm/i915/tc/tgl: Implement TC cold sequences
    - SAUCE: drm/i915/tc: Catch TC users accessing FIA registers without enable
      aux
    - SAUCE: drm/i915/tc: Do not warn when aux power well of static TC ports
      timeout

  * alsa/sof: external mic can't be deteced on Lenovo and HP laptops
    (LP: #1872569)
    - SAUCE: ASoC: intel/skl/hda - set autosuspend timeout for hda codecs

  * amdgpu kernel errors in Linux 5.4 (LP: #1871248)
    - drm/amd/display: Stop if retimer is not available

  * Focal update: v5.4.34 upstream stable release (LP: #1874111)
    - amd-xgbe: Use __napi_schedule() in BH context
    - hsr: check protocol version in hsr_newlink()
    - l2tp: Allow management of tunnels and session in user namespace
    - net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode
    - net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
    - net: ipv6: do not consider routes via gateways for anycast address check
    - net: phy: micrel: use genphy_read_status for KSZ9131
    - net: qrtr: send msgs from local of same id as broadcast
    - net: revert default NAPI poll timeout to 2 jiffies
    - net: tun: record RX queue in skb before do_xdp_gener...

This bug was fixed in the package linux - 5.3.0-53.47

---------------
linux (5.3.0-53.47) eoan; urgency=medium

  * eoan/linux: 5.3.0-53.47 -proposed tracker (LP: #1877257)

  * Intermittent display blackouts on event (LP: #1875254)
    - drm/i915: Limit audio CDCLK>=2*BCLK constraint back to GLK only

  * Unable to handle kernel pointer dereference in virtual kernel address space
    on Eoan (LP: #1876645)
    - SAUCE: overlayfs: fix shitfs special-casing

linux (5.3.0-52.46) eoan; urgency=medium

  * eoan/linux: 5.3.0-52.46 -proposed tracker (LP: #1874752)

  * alsa: make the dmic detection align to the mainline kernel-5.6
    (LP: #1871284)
    - ALSA: hda: add Intel DSP configuration / probe code
    - ALSA: hda: fix intel DSP config
    - ALSA: hda: Allow non-Intel device probe gracefully
    - ALSA: hda: More constifications
    - ALSA: hda: Rename back to dmic_detect option
    - [Config] SND_INTEL_DSP_CONFIG=m
    - [packaging] Remove snd-intel-nhlt from modules

  * built-using constraints preventing uploads (LP: #1875601)
    - temporarily drop Built-Using data

  * ubuntu/focal64 fails to mount Vagrant shared folders (LP: #1873506)
    - [Packaging] Move virtualbox modules to linux-modules
    - [Packaging] Remove vbox and zfs modules from generic.inclusion-list

  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: use shiftfs hacks only with shiftfs as underlay

  * shiftfs: broken shiftfs nesting (LP: #1872094)
    - SAUCE: shiftfs: record correct creator credentials

  * Add debian/rules targets to compile/run kernel selftests (LP: #1874286)
    - [Packaging] add support to compile/run selftests

  * shiftfs: O_TMPFILE reports ESTALE (LP: #1872757)
    - SAUCE: shiftfs: fix dentry revalidation

  * getitimer returns it_value=0 erroneously (LP: #1349028)
    - [Config] CONTEXT_TRACKING_FORCE policy should be unset

  * 5.3.0-46-generic - i915 - frequent GPU hangs / resets rcs0 (LP: #1872001)
    - drm/i915/execlists: Preempt-to-busy
    - drm/i915/gt: Detect if we miss WaIdleLiteRestore
    - drm/i915/execlists: Always force a context reload when rewinding RING_TAIL

  * alsa/sof: external mic can't be deteced on Lenovo and HP laptops
    (LP: #1872569)
    - SAUCE: ASoC: intel/skl/hda - set autosuspend timeout for hda codecs

  * Eoan update: upstream stable patchset 2020-04-22 (LP: #1874325)
    - ARM: dts: sun8i-a83t-tbs-a711: HM5065 doesn't like such a high voltage
    - bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
    - net: vxge: fix wrong __VA_ARGS__ usage
    - hinic: fix a bug of waitting for IO stopped
    - hinic: fix wrong para of wait_for_completion_timeout
    - cxgb4/ptp: pass the sign of offset delta in FW CMD
    - qlcnic: Fix bad kzalloc null test
    - i2c: st: fix missing struct parameter description
    - cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL
    - media: venus: hfi_parser: Ignore HEVC encoding for V1
    - firmware: arm_sdei: fix double-lock on hibernate with shared events
    - null_blk: Fix the null_add_dev() error path
    - null_blk: Handle null_add_dev() failures properly
    - null_blk: fix spuri...

The fixes for this bug report introduced bug 1879690 and have been reverted on Focal and Eoan kernels.

Dear Ubuntu kernel package "maintainers", it seems like you have somehow managed to push *again* a kernel with this broken patch into the bionic-proposed repo - this time, it's kernel 5.4.0-31.

Are you doing this on purpose? Kernel 5.4.0-33 with two reverted patches *for this specific bug* and *no other changes* has been out for a whole week now.

This bug was fixed in the package linux - 5.4.0-42.46

---------------
linux (5.4.0-42.46) focal; urgency=medium

  * focal/linux: 5.4.0-42.46 -proposed tracker (LP: #1887069)

  * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
    - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"

linux (5.4.0-41.45) focal; urgency=medium

  * focal/linux: 5.4.0-41.45 -proposed tracker (LP: #1885855)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2019-19642
    - kernel/relay.c: handle alloc_percpu returning NULL in relay_open

  * CVE-2019-16089
    - SAUCE: nbd_genl_status: null check for nla_nest_start

  * CVE-2020-11935
    - aufs: do not call i_readcount_inc()

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4
    kernel (LP: #1826848)
    - selftests: net: ip_defrag: ignore EPERM

  * Update lockdown patches (LP: #1884159)
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down

  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

 -- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:50:26 -0400

I tried to re-open this bug, because we still get reports on the CRIU side that this is not fixed:

https://github.com/checkpoint-restore/criu/issues/860#issuecomment-668628745

We also still see this in Travis not working.

The Eoan Ermine has reached end of life, so this bug will not be fixed for that release

This bug was fixed in the package linux - 5.8.0-16.17

---------------
linux (5.8.0-16.17) groovy; urgency=medium

  * groovy/linux: 5.8.0-16.17 -proposed tracker (LP: #1891233)

  * Miscellaneous Ubuntu changes
    - hio -- Update to use bio_{start,end}_io_acct with 5.8+
    - Enable hio driver
    - [Packaging] Temporarily disable building doc package contents

linux (5.8.0-15.16) groovy; urgency=medium

  * groovy/linux: 5.8.0-15.16 -proposed tracker (LP: #1891177)

  * Miscellaneous Ubuntu changes
    - SAUCE: Documentation: import error c_funcptr_sig_re, c_sig_re (sphinx-
      doc/sphinx@0f49e30c)

linux (5.8.0-14.15) groovy; urgency=medium

  * groovy/linux: 5.8.0-14.15 -proposed tracker (LP: #1891085)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  * msg_zerocopy.sh in net from ubuntu_kernel_selftests failed (LP: #1812620)
    - selftests/net: relax cpu affinity requirement in msg_zerocopy test

  * Fix missing HDMI/DP Audio on an HP Desktop (LP: #1890441)
    - ALSA: hda/hdmi: Add quirk to force connectivity

  * Add initial audio support for Lenovo ThinkStation P620 (LP: #1890317)
    - ALSA: usb-audio: Add support for Lenovo ThinkStation P620

  * Fix IOMMU error on AMD Radeon Pro W5700 (LP: #1890306)
    - PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken

  * Enlarge hisi_sec2 capability (LP: #1890222)
    - crypto: hisilicon - update SEC driver module parameter

  * Miscellaneous Ubuntu changes
    - [Config] Re-enable signing for ppc64el

 -- Seth Forshee <email address hidden> Tue, 11 Aug 2020 15:32:58 -0500

This remains an issue for the HWE kernel on 18.04LTS and GA kernel for 20.04LTS (both on kernel version 5.4). The only unaffected LTS release is xenial.

If there is indeed a fix (which isn't clear to me from the 2020-08-26 janitor update as it doesn't reference this bug #), will it be pushed to the affected LTS kernels?

It seems like there was no fix, after testing out 5.8.0-16.17 .

I also have the same question as buck2202 --- whenever a fix is released, can we expect a backport to affected LTS kernels?

Thanks, and happy new year!

Testing on google cloud, this is still broken for:

bionic hwe (5.4.0-1041-gcp #44~18.04.1-Ubuntu)
focal ga (5.4.0-1041-gcp #44-Ubuntu)
focal hwe (5.8.0-49-generic #55~20.04.1-Ubuntu)

In the same boat as buck2202 and nfliu; we're doing some work in IBM that uses Docker+criu so we're very interested in a fix for current LTS releases as well.

The previous fix was reverted due to https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1879690
that's weird and I can't see any logical connection between the previous fix and problem with docker registry.

We proposed a new fix https://lists.openvz.org/pipermail/criu/2021-April/045238.html

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

fine on focal linux-image-5.4.0-74-generic_5.4.0-74.83_amd64

fine on groovy linux-image-5.8.0-54-generic

fine on hirsute with linux-image-5.11.0-18-generic_5.11.0-18.19_amd64

This bug was fixed in the package linux - 5.11.0-18.19

---------------
linux (5.11.0-18.19) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-18.19 -proposed tracker (LP: #1927578)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq
    (LP: #1925522)
    - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460

  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: fix incorrect mnt_id of files opened from map_files

  * Hirsute update: v5.11.17 upstream stable release (LP: #1927535)
    - vhost-vdpa: protect concurrent access to vhost device iotlb
    - Revert "UBUNTU: SAUCE: ovl: Restore vm_file value when lower fs mmap fails"
    - ovl: fix reference counting in ovl_mmap error path
    - coda: fix reference counting in coda_file_mmap error path
    - amd/display: allow non-linear multi-planar formats
    - drm/amdgpu: reserve fence slot to update page table
    - drm/amdgpu: fix GCR_GENERAL_CNTL offset for dimgrey_cavefish
    - gpio: omap: Save and restore sysconfig
    - KEYS: trusted: Fix TPM reservation for seal/unseal
    - vdpa/mlx5: Set err = -ENOMEM in case dma_map_sg_attrs fails
    - pinctrl: lewisburg: Update number of pins in community
    - block: return -EBUSY when there are open partitions in blkdev_reread_part
    - pinctrl: core: Show pin numbers for the controllers with base = 0
    - arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS
    - bpf: Allow variable-offset stack access
    - bpf: Refactor and streamline bounds check into helper
    - bpf: Tighten speculative pointer arithmetic mask
    - perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
    - perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[]
    - perf auxtrace: Fix potential NULL pointer dereference
    - perf map: Fix error return code in maps__clone()
    - HID: google: add don USB id
    - HID: asus: Add support for 2021 ASUS N-Key keyboard
    - HID: alps: fix error return code in alps_input_configured()
    - HID cp2112: fix support for multiple gpiochips
    - HID: wacom: Assign boolean values to a bool variable
    - soc: qcom: geni: shield geni_icc_get() for ACPI boot
    - dmaengine: xilinx: dpdma: Fix descriptor issuing on video group
    - dmaengine: xilinx: dpdma: Fix race condition in done IRQ
    - ARM: dts: Fix swapped mmc order for omap3
    - m68k: fix flatmem memory model setup
    - net: geneve: check skb is large enough for IPv4/IPv6 header
    - dmaengine: tegra20: Fix runtime PM imbalance on error
    - s390/entry: save the caller of psw_idle
    - arm64: kprobes: Restore local irqflag if kprobes is cancelled
    - xen-netback: Check for hotplug-status existence before watching
    - cavium/liquidio: Fix duplicate argument
    - csky: change a Kconfig symbol name to fix e1000 build error
    - ia64: fix discontig.c section mismatches
    - ia64: tools: remove duplicate definition of ia64_mf() on ia64
    - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
    - net: hso: fix NULL-deref on disconnect regression
    - USB: CDC-ACM...

This bug was fixed in the package linux - 5.4.0-74.83

---------------
linux (5.4.0-74.83) focal; urgency=medium

  * focal/linux: 5.4.0-74.83 -proposed tracker (LP: #1927619)

  * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq
    (LP: #1925522)
    - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460

  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: fix incorrect mnt_id of files opened from map_files

  * Enable CIFS GCM256 (LP: #1921916)
    - smb3: add defines for new crypto algorithms
    - smb3.1.1: add new module load parm require_gcm_256
    - smb3.1.1: add new module load parm enable_gcm_256
    - smb3.1.1: print warning if server does not support requested encryption type
    - smb3.1.1: rename nonces used for GCM and CCM encryption
    - smb3.1.1: set gcm256 when requested
    - cifs: Adjust key sizes and key generation routines for AES256 encryption

  * locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (LP: #1926184)
    - locking/qrwlock: Fix ordering in queued_write_lock_slowpath()

  * [Ubuntu 21.04] net/mlx5: Fix HW spec violation configuring uplink
    (LP: #1925452)
    - net/mlx5: Fix HW spec violation configuring uplink

  * Focal update: v5.4.114 upstream stable release (LP: #1926493)
    - Revert "scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure"
    - Revert "scsi: qla2xxx: Fix stuck login session using prli_pend_timer"
    - scsi: qla2xxx: Dual FCP-NVMe target port support
    - scsi: qla2xxx: Fix device connect issues in P2P configuration
    - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure
    - scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport
    - scsi: qla2xxx: Fix stuck login session using prli_pend_timer
    - scsi: qla2xxx: Fix fabric scan hang
    - net/sctp: fix race condition in sctp_destroy_sock
    - Input: nspire-keypad - enable interrupts only when opened
    - gpio: sysfs: Obey valid_mask
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - lockdep: Add a missing initialization hint to the "INFO: Trying to register
      non-static key" message
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - ASoC: max98373: Added 30ms turn on/off time delay
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ARM: omap1: fix building with clang IAS
    - drm/msm: Fix a5xx/a6xx timestamps
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: forbid monitor for add llsec key
    - net: ieee802154: forbid monitor for del llsec key
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: forbid monitor for del llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee8021...

This bug was fixed in the package linux - 5.8.0-55.62

---------------
linux (5.8.0-55.62) groovy; urgency=medium

  * groovy/linux: 5.8.0-55.62 -proposed tracker (LP: #1930379)

  * [Potential Regression] Unable to create KVM with uvtool on Groovy ARM64
    (LP: #1929925)
    - SAUCE: KVM: arm64: Assign kvm_ipa_limit

linux (5.8.0-54.61) groovy; urgency=medium

  * groovy/linux: 5.8.0-54.61 -proposed tracker (LP: #1927592)

  * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq
    (LP: #1925522)
    - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460

  * linux-image-5.0.0-35-generic breaks checkpointing of container
    (LP: #1857257)
    - SAUCE: overlayfs: fix incorrect mnt_id of files opened from map_files

  * netfilter: x_tables: fix compat match/target pad out-of-bound write
    (LP: #1927682)
    - netfilter: x_tables: fix compat match/target pad out-of-bound write

  * Groovy update: upstream stable patchset 2021-05-04 (LP: #1927150)
    - mt76: fix tx skb error handling in mt76_dma_tx_queue_skb
    - net: fec: ptp: avoid register access when ipg clock is disabled
    - powerpc/4xx: Fix build errors from mfdcr()
    - atm: eni: dont release is never initialized
    - atm: lanai: dont run lanai_dev_close if not open
    - Revert "r8152: adjust the settings about MAC clock speed down for RTL8153"
    - ALSA: hda: ignore invalid NHLT table
    - ixgbe: Fix memleak in ixgbe_configure_clsu32
    - scsi: ufs: ufs-qcom: Disable interrupt in reset path
    - blk-cgroup: Fix the recursive blkg rwstat
    - net: tehuti: fix error return code in bdx_probe()
    - net: intel: iavf: fix error return code of iavf_init_get_resources()
    - sun/niu: fix wrong RXMAC_BC_FRM_CNT_COUNT count
    - cifs: ask for more credit on async read/write code paths
    - gfs2: fix use-after-free in trans_drain
    - cpufreq: blacklist Arm Vexpress platforms in cpufreq-dt-platdev
    - gpiolib: acpi: Add missing IRQF_ONESHOT
    - nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default
    - NFS: Correct size calculation for create reply length
    - net: hisilicon: hns: fix error return code of hns_nic_clear_all_rx_fetch()
    - net: wan: fix error return code of uhdlc_init()
    - net: davicom: Use platform_get_irq_optional()
    - net: enetc: set MAC RX FIFO to recommended value
    - atm: uPD98402: fix incorrect allocation
    - atm: idt77252: fix null-ptr-dereference
    - cifs: change noisy error message to FYI
    - irqchip/ingenic: Add support for the JZ4760
    - kbuild: add image_name to no-sync-config-targets
    - kbuild: dummy-tools: fix inverted tests for gcc
    - umem: fix error return code in mm_pci_probe()
    - sparc64: Fix opcode filtering in handling of no fault loads
    - habanalabs: Call put_pid() when releasing control device
    - staging: rtl8192e: fix kconfig dependency on CRYPTO
    - u64_stats,lockdep: Fix u64_stats_init() vs lockdep
    - regulator: qcom-rpmh: Correct the pmic5_hfsmps515 buck
    - block: Fix REQ_OP_ZONE_RESET_ALL handling
    - drm/amd/display: Revert dram_clock_change_latency for DCN2.1
    - drm/amdgpu: fb BO should be ttm_bo_type_device
    - drm/radeon: fix AGP dependency
    - nvme: add NVM...

This bug is awaiting verification that the linux/5.15.0-28.29 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug was fixed in the package linux - 5.15.0-35.36

---------------
linux (5.15.0-35.36) jammy; urgency=medium

  * CVE-2022-21499
    - SAUCE: debug: Lock down kgdb

linux (5.15.0-34.35) jammy; urgency=medium

  * jammy/linux: 5.15.0-34.35 -proposed tracker (LP: #1974322)

  * AMD APU s2idle is broken after the ASIC reset fix (LP: #1972134)
    - drm/amdgpu: unify BO evicting method in amdgpu_ttm
    - drm/amdgpu: explicitly check for s0ix when evicting resources

  * amd_gpio AMDI0030:00: Failed to translate GPIO pin 0x0000 to IRQ, err -517
    (LP: #1971597)
    - gpio: Request interrupts after IRQ is initialized

  * config CONFIG_HISI_PMU for kunpeng920 (LP: #1956086)
    - [Config] CONFIG_HISI_PMU=m

  * Mute/mic LEDs no function on EliteBook G9 platfroms (LP: #1970552)
    - ALSA: hda/realtek: Enable mute/micmute LEDs support for HP Laptops

  * network-manager/1.36.4-2ubuntu1 ADT test failure with linux/5.15.0-28.29
    (LP: #1971418)
    - Revert "rfkill: make new event layout opt-in"

  * PCIE LnkCtl ASPM not enabled under VMD mode for Alder Lake platforms
    (LP: #1942160)
    - SAUCE: vmd: fixup bridge ASPM by driver name instead

  * Mute/mic LEDs no function on HP EliteBook 845/865 G9 (LP: #1970178)
    - ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on EliteBook
      845/865 G9

  * Enable headset mic on Lenovo P360 (LP: #1967069)
    - ALSA: hda/realtek: Enable headset mic on Lenovo P360

  * WCN6856 BT keep in OFF state after coldboot system (LP: #1967067)
    - Bluetooth: btusb: Improve stability for QCA devices

  * Screen sometimes can't update [Failed to post KMS update: CRTC property
    (GAMMA_LUT) not found] (LP: #1967274)
    - drm/i915/xelpd: Enable Pipe color support for D13 platform
    - drm/i915: Use unlocked register accesses for LUT loads
    - drm/i915/xelpd: Enable Pipe Degamma
    - drm/i915/xelpd: Add Pipe Color Lut caps to platform config

  * Jammy update: v5.15.35 upstream stable release (LP: #1969857)
    - drm/amd/display: Add pstate verification and recovery for DCN31
    - drm/amd/display: Fix p-state allow debug index on dcn31
    - hamradio: defer 6pack kfree after unregister_netdev
    - hamradio: remove needs_free_netdev to avoid UAF
    - cpuidle: PSCI: Move the `has_lpi` check to the beginning of the function
    - ACPI: processor idle: Check for architectural support for LPI
    - ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40
    - btrfs: remove unused parameter nr_pages in add_ra_bio_pages()
    - btrfs: remove no longer used counter when reading data page
    - btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
    - soc: qcom: aoss: Expose send for generic usecase
    - dt-bindings: net: qcom,ipa: add optional qcom,qmp property
    - net: ipa: request IPA register values be retained
    - btrfs: release correct delalloc amount in direct IO write path
    - ALSA: core: Add snd_card_free_on_error() helper
    - ALSA: sis7019: Fix the missing error handling
    - ALSA: ali5451: Fix the missing snd_card_free() call at probe error
    - ALSA: als300: Fix the missing snd_card_free() call at probe error
    - ALSA: als4000: Fix ...

This bug was fixed in the package linux-azure - 5.15.0-1008.9

---------------
linux-azure (5.15.0-1008.9) jammy; urgency=medium

  * jammy/linux-azure: 5.15.0-1008.9 -proposed tracker (LP: #1974294)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2022.04.18)

  * [Azure] WARNING: CPU: 0 PID: 499 at include/linux/dma-mapping.h:555
    netvsc_probe+0x3c9/0x3e0 (LP: #1975717)
    - Drivers: hv: vmbus: Rework use of DMA_BIT_MASK(64)
    - Drivers: hv: vmbus: Fix initialization of device object in
      vmbus_device_register()

  * config CONFIG_HISI_PMU for kunpeng920 (LP: #1956086)
    - [Config] azure: CONFIG_HISI_PMU=m

  * linux: CONFIG_SERIAL_8250_MID=y (LP: #1967338)
    - [Config] azure: CONFIG_SERIAL_8250_MID=y

  * Support AMD P-State cpufreq control mechanism (LP: #1956509) // Enable
    speakup kernel modules to allow the speakup screen reader to function
    (LP: #1967702)
    - [Config] azure: Update configs after rebase

  * Azure: swiotlb patch needed for CVM (LP: #1971701) // [Azure][CVM] Fix
    swiotlb_max_mapping_size() for potential bounce buffer allocation failure in
    storvsc (LP: #1973169)
    - SAUCE: swiotlb: Max mapping size takes min align mask into account

  * Azure: swiotlb patch needed for CVM (LP: #1971701)
    - SAUCE: treewide: Replace the use of mem_encrypt_active() with
      cc_platform_has()
    - SAUCE: swiotlb: use bitmap to track free slots
    - SAUCE: swiotlb: allocate memory in a cache-friendly way
    - SAUCE: swiotlb: Split up single swiotlb lock

  * jammy/linux-azure: Update cifs to 5.15 backport (LP: #1970977)
    - improve error message when mount options conflict with posix
    - cifs: call cifs_reconnect when a connection is marked
    - cifs: call helper functions for marking channels for reconnect
    - cifs: mark sessions for reconnection in helper function
    - treewide: Replace zero-length arrays with flexible-array members
    - smb3: fix incorrect session setup check for multiuser mounts
    - cifs: truncate the inode and mapping when we simulate fcollapse
    - cifs: use a different reconnect helper for non-cifsd threads
    - cifs: do not skip link targets when an I/O fails
    - cifs: convert the path to utf16 in smb2_query_info_compound
    - cifs: change smb2_query_info_compound to use a cached fid, if available
    - cifs: fix bad fids sent over wire
    - cifs: fix incorrect use of list iterator after the loop
    - move more common protocol header definitions to smbfs_common
    - smb3: move defines for ioctl protocol header and SMB2 sizes to smbfs_common
    - smb3: move defines for query info and query fsinfo to smbfs_common
    - smb3: cleanup and clarify status of tree connections
    - smb3: fix ksmbd bigendian bug in oplock break, and move its struct to
      smbfs_common
    - fs: Remove ->readpages address space operation
    - cifs: fix potential race with cifsd thread
    - cifs: remove check of list iterator against head past the loop body
    - cifs: force new session setup and tcon for dfs
    - cifs: update internal module number
    - cifs: Check the IOCB_DIRECT flag, not O_DIRECT
    - cifs: Split the smb3_a...