Bug #1953665 “bionic/linux-snapdragon: 4.15.0-1118.127 -proposed...” : Bugs : Kernel SRU Workflow

Kleber Sacilotto de Souza (kleber-souza) on 2021-12-08

tags:	added: kernel-release-tracking-bug-live
description:	updated
tags:	added: kernel-sru-cycle-2021.11.29-3
description:	updated
description:	updated
tags:	added: kernel-sru-derivative-of-1953667
Changed in kernel-sru-workflow:
status:	New → Confirmed
importance:	Undecided → Medium

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-08

Changed in linux-snapdragon (Ubuntu Bionic):
importance:	Undecided → Medium
Changed in kernel-sru-workflow:
status:	Confirmed → Triaged

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-08

description:	updated
Changed in kernel-sru-workflow:
status:	Triaged → In Progress
tags:	added: kernel-jira-issue-ksru-661

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-08

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-08

description:

updated

Stefan Bader (smb) on 2021-12-09

summary:

- bionic/linux-snapdragon: <version to be filled> -proposed tracker
+ bionic/linux-snapdragon: 4.15.0-1118.127 -proposed tracker

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-09

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Andy Whitcroft (apw) on 2021-12-10

tags:

added: kernel-signing-bot

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-10

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-12

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-14

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2021-12-21

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-01-04:

#1

Download full text (10.7 KiB)

This bug was fixed in the package linux-snapdragon - 4.15.0-1118.127

---------------
linux-snapdragon (4.15.0-1118.127) bionic; urgency=medium

* bionic/linux-snapdragon: 4.15.0-1118.127 -proposed tracker (LP: #1953665)

[ Ubuntu: 4.15.0-166.174 ]

  * bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667)
  * Ubuntu version macros overflow with high ABI numbers (LP: #1953522)
    - SAUCE: Revert "stable: clamp SUBLEVEL in 4.14"
  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287)
    - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion"
  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287) // CVE-2018-25020
    - bpf: fix truncated jump targets on heavy expansions

linux-snapdragon (4.15.0-1117.126) bionic; urgency=medium

* bionic/linux-snapdragon: 4.15.0-1117.126 -proposed tracker (LP: #1952346)

* Support builtin revoked certificates (LP: #1932029)
- [Config] snapdragon: Disable revocation key lists

[ Ubuntu: 4.15.0-165.173 ]

  * bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780)
  * Support builtin revoked certificates (LP: #1932029)
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
    - SAUCE: integrity: add informational messages when revoking certs
  * CVE-2021-4002
    - arm64: tlb: Provide forward declaration of tlb_flush() before including
      tlb.h
    - mm: mmu_notifier fix for tlb_end_vma
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

[ Ubuntu: 4.15.0-164.172 ]

  * bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)
  * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997)
    - btrfs: always wait on ordered extents at fsync time
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - netfilter: ip...

This bug was fixed in the package linux-snapdragon - 4.15.0-1118.127

---------------
linux-snapdragon (4.15.0-1118.127) bionic; urgency=medium

* bionic/linux-snapdragon: 4.15.0-1118.127 -proposed tracker (LP: #1953665)

[ Ubuntu: 4.15.0-166.174 ]

* bionic/linux: 4.15.0-166.174 -proposed tracker (LP: #1953667)
  * Ubuntu version macros overflow with high ABI numbers (LP: #1953522)
    - SAUCE: Revert "stable: clamp SUBLEVEL in 4.14"
  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287)
    - SAUCE: Revert "bpf: add also cbpf long jump test cases with heavy expansion"
  * test_bpf.sh test in net of ubuntu_kernel_selftests failed on B-4.15 and
    variants (LP: #1953287) // CVE-2018-25020
    - bpf: fix truncated jump targets on heavy expansions

linux-snapdragon (4.15.0-1117.126) bionic; urgency=medium

* bionic/linux-snapdragon: 4.15.0-1117.126 -proposed tracker (LP: #1952346)

* Support builtin revoked certificates (LP: #1932029)
    - [Config] snapdragon: Disable revocation key lists

[ Ubuntu: 4.15.0-165.173 ]

* bionic/linux: 4.15.0-165.173 -proposed tracker (LP: #1952780)
  * Support builtin revoked certificates (LP: #1932029)
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add ability to preload revocation certs
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
    - SAUCE: integrity: add informational messages when revoking certs
  * CVE-2021-4002
    - arm64: tlb: Provide forward declaration of tlb_flush() before including
      tlb.h
    - mm: mmu_notifier fix for tlb_end_vma
    - hugetlbfs: flush TLBs correctly after huge_pmd_unshare

[ Ubuntu: 4.15.0-164.172 ]

* bionic/linux: 4.15.0-164.172 -proposed tracker (LP: #1952348)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync update-dkms-versions helper
    - debian/dkms-versions -- update from kernel-versions (main/2021.11.29)
  * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997)
    - btrfs: always wait on ordered extents at fsync time
    - ARM: dts: at91: sama5d2_som1_ek: disable ISC node by default
    - xtensa: xtfpga: use CONFIG_USE_OF instead of CONFIG_OF
    - xtensa: xtfpga: Try software restart before simulating CPU reset
    - NFSD: Keep existing listeners on portlist error
    - netfilter: ipvs: make global sysctl readonly in non-init netns
    - NIOS2: irqflags: rename a redefined register name
    - can: rcar_can: fix suspend/resume
    - can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state
      notification
    - can: peak_pci: peak_pci_remove(): fix UAF
    - ocfs2: fix data corruption after conversion from inline format
    - ocfs2: mount fails with buffer overflow in strlen
    - elfcore: correct reference to CONFIG_UML
    - ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset
    - ASoC: DAPM: Fix missing kctl change notifications
    - nfc: nci: fix the UAF of rf_conn_info object
    - isdn: cpai: check ctr->cnr to avoid array index out of bound
    - netfilter: Kconfig: use 'default y' instead of 'm' for bool config option
    - btrfs: deal with errors when checking if a dir entry exists during log
      replay
    - net: stmmac: add support for dwmac 3.40a
    - ARM: dts: spear3xx: Fix gmac node
    - isdn: mISDN: Fix sleeping function called from invalid context
    - platform/x86: intel_scu_ipc: Update timeout value in comment
    - ALSA: hda: avoid write to STATESTS if controller is in reset
    - tracing: Have all levels of checks prevent recursion
    - ARM: 9122/1: select HAVE_FUTEX_CMPXCHG
    - dma-debug: fix sg checks in debug_dma_map_sg()
    - ASoC: wm8960: Fix clock configuration on slave mode
    - lan78xx: select CRC32
    - net: hns3: add limit ets dwrr bandwidth cannot be 0
    - net: hns3: disable sriov before unload hclge layer
    - ALSA: hda/realtek: Add quirk for Clevo PC50HS
    - mm, slub: fix mismatch between reconstructed freelist depth and cnt
    - gcc-plugins/structleak: add makefile var for disabling structleak
  * creat09 from ubuntu_ltp_syscalls and cve-2018-13405 from ubuntu_ltp/cve
    failed with XFS (LP: #1950239)
    - xfs: ensure that the inode uid/gid match values match the icdinode ones
    - xfs: merge the projid fields in struct xfs_icdinode
    - xfs: remove the icdinode di_uid/di_gid members
    - xfs: fix up non-directory creation in SGID directories
  * ubuntu_ltp / finit_module02 fails on v4.15 and other kernels (LP: #1950644)
    - vfs: check fd has read access in kernel_read_file_from_fd()
  * reuseport_bpf_numa in net from ubuntu_kernel_selftests fails on ppc64le
    (LP: #1867570)
    - selftests/net: Fix reuseport_bpf_numa by skipping unavailable nodes
  * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816)
    - net: mdio: introduce a shutdown method to mdio device drivers
    - xen-netback: correct success/error reporting for the SKB-with-fraglist case
    - sparc64: fix pci_iounmap() when CONFIG_PCI is not set
    - ext2: fix sleeping in atomic bugs on error
    - scsi: sd: Free scsi_disk device via put_device()
    - usb: testusb: Fix for showing the connection speed
    - usb: dwc2: check return value after calling platform_get_resource()
    - scsi: ses: Retry failed Send/Receive Diagnostic commands
    - libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
    - lib/timerqueue: Rely on rbtree semantics for next timer
    - selftests: be sure to make khdr before other targets
    - Partially revert "usb: Kconfig: using select for USB_COMMON dependency"
    - USB: cdc-acm: fix racy tty buffer accesses
    - USB: cdc-acm: fix break reporting
    - ovl: fix missing negative dentry check in ovl_rename()
    - nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero
    - xen/balloon: fix cancelled balloon action
    - ARM: dts: omap3430-sdp: Fix NAND device node
    - ARM: dts: qcom: apq8064: use compatible which contains chipid
    - bpf: add also cbpf long jump test cases with heavy expansion
    - bpf, mips: Validate conditional branch offsets
    - xtensa: call irqchip_init only when CONFIG_USE_OF is selected
    - bpf: Fix integer overflow in prealloc_elems_and_freelist()
    - phy: mdio: fix memory leak
    - net_sched: fix NULL deref in fifo_set_limit()
    - powerpc/fsl/dts: Fix phy-connection-type for fm1mac3
    - ptp_pch: Load module automatically if ID matches
    - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
      sequence
    - net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size()
    - netlink: annotate data races around nlk->bound
    - drm/nouveau/debugfs: fix file release memory leak
    - rtnetlink: fix if_nlmsg_stats_size() under estimation
    - i40e: fix endless loop under rtnl
    - i2c: acpi: fix resource leak in reconfiguration device addition
    - net: phy: bcm7xxx: Fixed indirect MMD operations
    - HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS
    - netfilter: ip6_tables: zero-initialize fragment offset
    - mac80211: Drop frames from invalid MAC address in ad-hoc mode
    - m68k: Handle arrivals of multiple signals correctly
    - net: sun: SUNVNET_COMMON should depend on INET
    - scsi: ses: Fix unsigned comparison with less than zero
    - scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
    - perf/x86: Reset destroy callback on event init failure
    - sched: Always inline is_percpu_thread()
    - bpf, arm: Fix register clobbering in div/mod implementation
    - i40e: Fix freeing of uninitialized misc IRQ vector
    - mac80211: check return value of rhashtable_init
    - stable: clamp SUBLEVEL in 4.14
    - ALSA: seq: Fix a potential UAF by wrong private_free call order
    - s390: fix strrchr() implementation
    - btrfs: deal with errors when replaying dir entry during log replay
    - btrfs: deal with errors when adding inode reference during log replay
    - btrfs: check for error when looking up inode during dir entry replay
    - xhci: Fix command ring pointer corruption while aborting a command
    - xhci: Enable trust tx length quirk for Fresco FL11 USB controller
    - cb710: avoid NULL pointer subtraction
    - efi/cper: use stack buffer for error record decoding
    - efi: Change down_interruptible() in virt_efi_reset_system() to
      down_trylock()
    - usb: musb: dsps: Fix the probe error path
    - Input: xpad - add support for another USB ID of Nacon GC-100
    - USB: serial: qcserial: add EM9191 QDL support
    - USB: serial: option: add Quectel EC200S-CN module support
    - USB: serial: option: add Telit LE910Cx composition 0x1204
    - USB: serial: option: add prod. id for Quectel EG91
    - virtio: write back F_VERSION_1 before validate
    - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
    - x86/Kconfig: Do not enable AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT automatically
    - iio: adc: aspeed: set driver data when adc probe.
    - iio: adc128s052: Fix the error handling path of 'adc128_probe()'
    - iio: light: opt3001: Fixed timeout error when 0 lux
    - iio: ssp_sensors: add more range checking in ssp_parse_dataframe()
    - iio: ssp_sensors: fix error code in ssp_print_mcu_debug()
    - sctp: account stream padding length for reconf chunk
    - net: arc: select CRC32
    - net: korina: select CRC32
    - net: encx24j600: check error in devm_regmap_init_encx24j600
    - ethernet: s2io: fix setting mac address during resume
    - nfc: fix error handling of nfc_proto_register()
    - NFC: digital: fix possible memory leak in digital_tg_listen_mdaa()
    - NFC: digital: fix possible memory leak in digital_in_send_sdd_req()
    - pata_legacy: fix a couple uninitialized variable bugs
    - drm/msm: Fix null pointer dereference on pointer edp
    - drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling
    - acpi/arm64: fix next_platform_timer() section mismatch error
    - qed: Fix missing error code in qed_slowpath_start()
    - r8152: select CRC32 and CRYPTO/CRYPTO_HASH/CRYPTO_SHA256

-- Stefan Bader <stefan.bader@canonical.com>  Thu, 09 Dec 2021 08:54:17 +0100

Changed in linux-snapdragon (Ubuntu Bionic):
status:	New → Fix Released

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Ubuntu Kernel Bot (ubuntu-kernel-bot) on 2022-01-04

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-01-05: Workflow done!

#2

All tasks have been completed and the bug is being set to Fix Released

Changed in kernel-sru-workflow:
status:	In Progress → Fix Released
tags:	removed: kernel-release-tracking-bug-live

Kernel SRU Workflow

bionic/linux-snapdragon: 4.15.0-1118.127 -proposed tracker

Bug Description

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
Kernel SRU Workflow	Fix Released	Medium	Unassigned
Automated-testing	Fix Released	Medium	Canonical Kernel Team
Boot-testing	Invalid	Medium	Unassigned
Certification-testing	Invalid	Medium	Canonical Hardware Certification
Prepare-package	Fix Released	Medium	Stefan Bader
Prepare-package-meta	Fix Released	Medium	Stefan Bader
Promote-signing-to-proposed	Invalid	Medium	Unassigned
Promote-to-proposed	Fix Released	Medium	Andy Whitcroft
Promote-to-security	Fix Released	Medium	Andy Whitcroft
Promote-to-updates	Fix Released	Medium	Andy Whitcroft
Regression-testing	Invalid	Medium	Unassigned
Security-signoff	Fix Released	Medium	Steve Beattie
Sru-review	Fix Released	Medium	Andy Whitcroft
Verification-testing	Fix Released	Medium	Canonical Kernel Team
linux-snapdragon (Ubuntu)
Bionic	Fix Released	Medium	Unassigned