Bug #1984103 “[UBUNTU 22.04] s390/qeth: cache link_info for etht...” : Bugs : Ubuntu on IBM z Systems

bugproxy (bugproxy) on 2022-08-09

tags:	added: architecture-s39064 bugnameltc-199325 severity-high targetmilestone-inin---
Changed in ubuntu:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)
affects:	ubuntu → kernel-package (Ubuntu)

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-08-09:

#1

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in kernel-package (Ubuntu):
status:	New → Confirmed

Revision history for this message

Thomas Staudt (tstaudt2) wrote on 2022-08-09:

#2

Hello Frank,

I mirrored this while Boris is on vacation for your awareness - please adjust accordingly.
Thanks

Revision history for this message

bugproxy (bugproxy) wrote on 2022-08-10: Comment bridged from LTC Bugzilla

#3

------- Comment From <email address hidden> 2022-08-10 04:10 EDT-------
clarification from development on the overall situation:

Symptoms:
A) Since
02d5cb5bb20b ("qeth: Accurate ethtool output")
query_card_info is called for each qeth_get_link_ksettings
Frequent calls to ethtool?s get_link_ksetting can put pressure on the zVM VSwitch
that lead to timeouts in the qeth driver that responds with recovering the affected interface.

B) Since
e6e771b3d897 ("s390/qeth: detach netdevice while card is offline")
there is a window condition that query_card_info can interfere with recovery and
lead to failing recovery.

7a07a29e4f67 ("s390/qeth: cache link_info for ethtool") solves both problems.

Backport considerations:
A) 02d5cb5bb20b ("qeth: Accurate ethtool output")
went into kernel v3.14 and was backported to RHEL7.9

B) e6e771b3d897 ("s390/qeth: detach netdevice while card is offline")
went into kernel v5.1 and was backported to RHEL8.2

Frank Heimes (fheimes) on 2022-08-10

affects:	kernel-package (Ubuntu) → ethtool (Ubuntu)
Changed in ubuntu-z-systems:
status:	New → Confirmed
importance:	Undecided → High
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)
Changed in ethtool (Ubuntu):
assignee:	Skipper Bug Screeners (skipper-screen-team) → nobody
Changed in ethtool (Ubuntu Jammy):
status:	New → Confirmed

Frank Heimes (fheimes) on 2022-08-10

Changed in ethtool (Ubuntu Kinetic):
assignee:	nobody → Canonical Kernel Team (canonical-kernel-team)
Changed in ethtool (Ubuntu Jammy):
assignee:	nobody → Canonical Kernel Team (canonical-kernel-team)

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2022-08-30:

#4

canonical-kernel-team does not monitor or respond to userpsace ethtool package bugs; this bug should have gone to the server team triage.

Changed in ethtool (Ubuntu Jammy):
assignee:	Canonical Kernel Team (canonical-kernel-team) → Ubuntu Server (ubuntu-server)
Changed in ethtool (Ubuntu Kinetic):
assignee:	Canonical Kernel Team (canonical-kernel-team) → Ubuntu Server (ubuntu-server)
tags:	added: rls-incoming-jj rls-incoming-kk

Frank Heimes (fheimes) on 2022-08-30

no longer affects:	ethtool (Ubuntu)
Changed in ethtool (Ubuntu Jammy):
assignee:	Ubuntu Server (ubuntu-server) → nobody
Changed in ethtool (Ubuntu Kinetic):
assignee:	Ubuntu Server (ubuntu-server) → nobody
no longer affects:	ethtool (Ubuntu Kinetic)
no longer affects:	ethtool (Ubuntu Jammy)
Changed in linux (Ubuntu Jammy):
status:	New → Confirmed
Changed in linux (Ubuntu Kinetic):
status:	New → Confirmed

Dimitri John Ledkov (xnox) on 2022-08-30

tags:

removed: rls-incoming-jj rls-incoming-kk

Revision history for this message

bugproxy (bugproxy) wrote on 2022-08-30:

#5

------- Comment From <email address hidden> 2022-08-30 08:13 EDT-------
(In reply to comment #12)
> canonical-kernel-team does not monitor or respond to userpsace ethtool
> package bugs; this bug should have gone to the server team triage.

This is a _kernel_ patch that fixes output used by ethtool.

Revision history for this message

Frank Heimes (fheimes) wrote on 2022-08-30:

#6

Yepp, it's all about kernel patches.
This bug was wrongly marked as affecting the ethtool (well, it affects the ethtool, but not in the 'affects' send of Launchpad), which caused some confusion.
I just changed that, pointing now to the kernel (which is "linux (Ubuntu)" in the above affects section).

Revision history for this message

Marcelo Cerri (mhcerri) wrote on 2022-08-30:

#7

0001-s390-qeth-cache-link_info-for-ethtool.patch Edit (9.2 KiB, text/plain)

Revision history for this message

Marcelo Cerri (mhcerri) wrote on 2022-08-30:

#8

I prepared a test kernel with the proposed patch (that was a clear cherry pick for 5.15). Frank do you think you can help me validating the test kernel?

You can find a tarball with the debian packages for the test kernel at:

https://kernel.ubuntu.com/~mhcerri/test/lp1984103/linux-unsigned-debs-5.15.0-48.54+lp1984103.1_s390x.tgz

Ubuntu Foundations Team Bug Bot (crichton) on 2022-08-30

tags:

added: patch

bugproxy (bugproxy) on 2022-08-31

tags:

added: targetmilestone-inin2204
removed: targetmilestone-inin---

Revision history for this message

bugproxy (bugproxy) wrote on 2022-08-31:

#9

------- Comment From <email address hidden> 2022-08-31 12:47 EDT-------
new test kernel works as expected:

Linux version 5.15.0-47-generic

# grep qcrdinfo /5.15.0-48-genericsys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
7
# ethtool encbd00 | grep Duplex
Duplex: Full
# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
9

afterupdate to Linux version 5.15.0-48-generic

# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
0
# ethtool encbd00 | grep Duplex
Duplex: Full
# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
0
# ethtool encbd00
Settings for encbd00:
Supported ports: [ FIBRE ]
Supported link modes: 10000baseSR/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10000baseSR/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 10000Mb/s
Duplex: Full
Auto-negotiation: on
Port: FIBRE
PHYAD: 0
Transceiver: internal
Link detected: yes

Joseph Salisbury (jsalisbury) on 2022-09-12

Changed in linux (Ubuntu Jammy):
importance:	Undecided → High
Changed in linux (Ubuntu Kinetic):
importance:	Undecided → High
Changed in linux (Ubuntu Jammy):
assignee:	nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu Kinetic):
assignee:	nobody → Joseph Salisbury (jsalisbury)

Joseph Salisbury (jsalisbury) on 2022-09-12

description:	updated
Changed in linux (Ubuntu Jammy):
status:	Confirmed → In Progress
Changed in linux (Ubuntu Kinetic):
status:	Confirmed → In Progress
description:	updated
description:	updated

Revision history for this message

Joseph Salisbury (jsalisbury) wrote on 2022-09-12:

#10

SRU request submitted to UKT mailing list:
https://lists.ubuntu.com/archives/kernel-team/2022-September/133102.html

Frank Heimes (fheimes) on 2022-09-12

Changed in ubuntu-z-systems:
status:	Confirmed → In Progress

Stefan Bader (smb) on 2022-09-14

Changed in linux (Ubuntu Kinetic):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Jammy):
status:	In Progress → Fix Committed

Frank Heimes (fheimes) on 2022-09-14

Changed in ubuntu-z-systems:
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-09-21:

#11

This bug is awaiting verification that the linux/5.15.0-50.56 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Revision history for this message

Frank Heimes (fheimes) wrote on 2022-09-21:

#12

Verification done on jammy (on a slightly different setup):
root@s1lp15:~# uname -a
Linux s1lp15 5.15.0-27-generic #28-Ubuntu SMP Thu Apr 14 04:55:23 UTC 2022 s390x s390x s390x GNU/Linux
root@s1lp15:~# ethtool encc000 | grep Duplex
Duplex: Full
root@s1lp15:~# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
3
root@s1lp15:~# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii
/sys/kernel/debug/s390dbf/qeth_card_0.0.c000/hex_ascii:00 01664021373:134002 2 - 0001 000003ff81066676 71 63 72 64 69 6e 66 6f | qcrdinfo
/sys/kernel/debug/s390dbf/qeth_card_0.0.c000/hex_ascii:00 01664021384:308308 2 - 0007 000003ff81066676 71 63 72 64 69 6e 66 6f | qcrdinfo
/sys/kernel/debug/s390dbf/qeth_card_0.0.c000/hex_ascii:00 01664021384:308804 2 - 0007 000003ff81066676 71 63 72 64 69 6e 66 6f | qcrdinfo
root@s1lp15:~# ethtool encc000
Settings for encc000:
Supported ports: [ FIBRE ]
Supported link modes: 10000baseSR/Full
Supported pause frame use: No
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10000baseSR/Full
Advertised pause frame use: No
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 10000Mb/s
Duplex: Full
Auto-negotiation: on
Port: FIBRE
PHYAD: 0
Transceiver: internal
Link detected: yes
(adjusting tags accordingly)

tags:

added: verification-done verification-done-jammy

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-10-04:

#13

Download full text (18.6 KiB)

This bug was fixed in the package linux - 5.19.0-18.18

---------------
linux (5.19.0-18.18) kinetic; urgency=medium

* kinetic/linux: 5.19.0-18.18 -proposed tracker (LP: #1990366)

  * 5.19.0-17.17: kernel NULL pointer dereference, address: 0000000000000084
    (LP: #1990236)
    - Revert "UBUNTU: SAUCE: apparmor: Fix regression in stacking due to label
      flags"
    - Revert "UBUNTU: [Config] disable SECURITY_APPARMOR_RESTRICT_USERNS"
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - add an internal buffer""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - don't wait on cleanup""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - don't waste entropy""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - always add a pending
      request""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - unregister device before
      reset""
    - Revert "UBUNTU: SAUCE: Revert "virtio-rng: make device ready before making
      request""
    - Revert "UBUNTU: [Config] update configs after apply new apparmor patch set"
    - Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation"
    - Revert "UBUNTU: SAUCE: selinux: Implement userns_create hook"
    - Revert "UBUNTU: SAUCE: bpf-lsm: Make bpf_lsm_userns_create() sleepable"
    - Revert "UBUNTU: SAUCE: security, lsm: Introduce security_create_user_ns()"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: AppArmor: Remove the exclusive
      flag"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Add /proc attr entry for full
      LSM context"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Removed scaffolding function
      lsmcontext_init"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: netlabel: Use a struct lsmblob in
      audit data"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Add record for multiple
      object contexts"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: audit: multiple subject lsm values
      for netlabel"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Add record for multiple task
      security contexts"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Allow multiple records in an
      audit_buffer"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Add a function to report
      multiple LSMs"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Create audit_stamp
      structure"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Keep multiple LSM data in
      audit_names"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: security_secid_to_secctx
      module selection"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: binder: Pass LSM identifier for
      confirmation"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: NET: Store LSM netlabel data in a
      lsmblob"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: security_secid_to_secctx in
      netlink netfilter"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_dentry_init_security"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_inode_getsecctx"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_secid_to_secctx"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM:...

This bug was fixed in the package linux - 5.19.0-18.18

---------------
linux (5.19.0-18.18) kinetic; urgency=medium

* kinetic/linux: 5.19.0-18.18 -proposed tracker (LP: #1990366)

* 5.19.0-17.17: kernel NULL pointer dereference, address: 0000000000000084
    (LP: #1990236)
    - Revert "UBUNTU: SAUCE: apparmor: Fix regression in stacking due to label
      flags"
    - Revert "UBUNTU: [Config] disable SECURITY_APPARMOR_RESTRICT_USERNS"
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - add an internal buffer""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - don't wait on cleanup""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - don't waste entropy""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - always add a pending
      request""
    - Revert "UBUNTU: SAUCE: Revert "hwrng: virtio - unregister device before
      reset""
    - Revert "UBUNTU: SAUCE: Revert "virtio-rng: make device ready before making
      request""
    - Revert "UBUNTU: [Config] update configs after apply new apparmor patch set"
    - Revert "UBUNTU: SAUCE: apparmor: add user namespace creation mediation"
    - Revert "UBUNTU: SAUCE: selinux: Implement userns_create hook"
    - Revert "UBUNTU: SAUCE: bpf-lsm: Make bpf_lsm_userns_create() sleepable"
    - Revert "UBUNTU: SAUCE: security, lsm: Introduce security_create_user_ns()"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: AppArmor: Remove the exclusive
      flag"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Add /proc attr entry for full
      LSM context"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Removed scaffolding function
      lsmcontext_init"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: netlabel: Use a struct lsmblob in
      audit data"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Add record for multiple
      object contexts"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: audit: multiple subject lsm values
      for netlabel"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Add record for multiple task
      security contexts"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Allow multiple records in an
      audit_buffer"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Add a function to report
      multiple LSMs"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Create audit_stamp
      structure"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: Audit: Keep multiple LSM data in
      audit_names"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: security_secid_to_secctx
      module selection"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: binder: Pass LSM identifier for
      confirmation"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: NET: Store LSM netlabel data in a
      lsmblob"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: security_secid_to_secctx in
      netlink netfilter"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_dentry_init_security"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_inode_getsecctx"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmcontext in
      security_secid_to_secctx"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Ensure the correct LSM context
      releaser"
    - Revert "UBUNTU: SAUCE: fixup lsm stacking v37: LSM: Specify which LSM to
      display"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Specify which LSM to display"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_cred_getsecid"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_inode_getsecid"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_current_getsecid"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_ipc_getsecid"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_secid_to_secctx"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_secctx_to_secid"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_kernel_act_as"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Use lsmblob in
      security_audit_rule_match"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: IMA: avoid label collisions with
      stacked LSMs"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: provide lsm name and id slot
      mappings"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Add the lsmblob data
      structure."
    - Revert "UBUNTU: SAUCE: lsm stacking v37: LSM: Infrastructure management of
      the sock security"
    - Revert "UBUNTU: SAUCE: lsm stacking v37: integrity: disassociate
      ima_filter_rule from security_audit_rule"
    - Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX() to
      aa_sock()"
    - Revert "UBUNTU: SAUCE: apparmor: Add fine grained mediation of posix
      mqueues"
    - Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()"
    - Revert "UBUNTU: SAUCE: fix shutdown unix socket owner conditional check"
    - Revert "UBUNTU: SAUCE: apparmor: af_unix mediation"
    - Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with v2.x
      net rules"
    - Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string hex value"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: fix aa_class_names[] to
      match reserved classes"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: rework profile->rules to
      be a list"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: refactor profile rules
      and attachments"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: verify loaded permission
      bits masks don't overlap"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: cleanup: move perm
      accumulation into perms.h"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: make sure perm indexes
      are accumulated"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: verify permission table
      indexes"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: add the ability for
      policy to specify a permission table"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: make unpack_array return
      a trianary value"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: group dfa policydb
      unpacking"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: make transition table
      unpack generic so it can be reused"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: add user mode flag"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: add mediation class
      information to auditing"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: extend permissions to
      support a label and tag string"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: isolate policy backwards
      compatibility to its own file"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: extend xindex size"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: move dfa perm macros
      into policy_unpack"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: extend policydb
      permission set by making use of the xbits"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: fix apparmor mediating
      locking non-fs unix sockets"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: Fix abi check to include
      v8 abi"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: preparse for state being
      more than just an integer"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: convert policy lookup to
      use accept as an index"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: cleanup shared
      permission struct"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: convert xmatch lookup to
      use accept as an index"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: convert fperm lookup to
      use accept as an index"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: convert xmatch to using
      the new shared policydb struct"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: combine file_rules and
      aa_policydb into a single shared struct"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: compute policydb
      permission on profile load"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: convert xmatch to use
      aa_perms structure"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: rework and cleanup fperm
      computation"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: move fperm computation
      into policy_unpack"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: compute xmatch
      permissions on profile load"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: compute file permissions
      on profile load"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: expose compression level
      limits in sysfs"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: use zstd compression for
      profile data"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: reserve mediation
      classes"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: fix lockdep warning when
      removing a namespace"
    - Revert "UBUNTU: SAUCE: apparmor-next 6.1: apparmor: fix a memleak in
      multi_transaction_new()"
    - Revert "UBUNTU: SAUCE: upstream v6.0: Smack: Provide read control for
      io_uring_cmd"
    - Revert "UBUNTU: SAUCE: upstream v6.0: selinux: implement the
      security_uring_cmd() LSM hook"
    - Revert "UBUNTU: SAUCE: upstream v6.0: lsm,io_uring: add LSM hooks for the
      new uring_cmd file op"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: correct config reference to
      intended one"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: move ptrace mediation to
      more logical task.{h,c}"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: extend policydb permission
      set by making use of the xbits"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: allow label to carry debug
      flags"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix some kernel-doc
      comments"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Mark alloc_unconfined() as
      static"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: disable showing the mode as
      part of a secid to secctx"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Convert secid mapping to
      XArrays instead of IDR"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: add a kernel label to use on
      kernel objects"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: test: Remove some casts
      which are no-longer required"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix some kernel-doc
      comments"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix undefined reference to
      `zlib_deflate_workspacesize'"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix some kernel-doc
      comments"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix some kernel-doc
      comments"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix match_mnt_path_str() and
      match_mnt() kernel-doc comment"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Use struct_size() helper in
      kmalloc()"
    - Revert "UBUNTU: SAUCE: upstream v6.0: security/apparmor: remove redundant
      ret variable"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: resolve uninitialized symbol
      warnings in policy_unpack_test.c"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: don't create raw_sha1
      symlink if sha1 hashing is disabled"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Enable tuning of policy
      paranoid load for embedded systems"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: make export of raw binary
      profile to userspace optional"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Update help description of
      policy hash for introspection"
    - Revert "UBUNTU: SAUCE: upstream v6.0: lsm: Fix kernel-doc"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: Fix kernel-doc"
    - Revert "UBUNTU: SAUCE: upstream v6.0: apparmor: fix absroot causing audited
      secids to begin with ="
    - Revert "Revert "UBUNTU: SAUCE: apparmor: add/use fns to print hash string
      hex value""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: patch to provide compatibility with
      v2.x net rules""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: af_unix mediation""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: fix use after free in
      sk_peer_label""
    - Revert "Revert "UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-
      fs, unix sockets""
    - Revert "Revert "apparmor: fix absroot causing audited secids to begin with
      =""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: disable showing the mode as part of
      a secid to secctx""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: rename aa_sock() to aa_unix_sk()""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: LSM stacking: switch from SK_CTX()
      to aa_sock()""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Infrastructure management of the sock
      security""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Create and manage the lsmblob data
      structure.""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
      security_audit_rule_match""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_kernel_act_as""
    - Revert "Revert "UBUNTU: SAUCE: net: Prepare UDS for security module
      stacking""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
      security_secctx_to_secid""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in
      security_secid_to_secctx""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_ipc_getsecid""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_task_getsecid""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_inode_getsecid""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in security_cred_getsecid""
    - Revert "Revert "UBUNTU: SAUCE: IMA: Change internal interfaces to use
      lsmblobs""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Ensure the correct LSM context
      releaser""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in
      security_secid_to_secctx""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmcontext in
      security_inode_getsecctx""
    - Revert "Revert "UBUNTU: SAUCE: LSM: security_secid_to_secctx in netlink
      netfilter""
    - Revert "Revert "UBUNTU: SAUCE: NET: Store LSM netlabel data in a lsmblob""
    - Revert "Revert "UBUNTU: SAUCE: Audit: Add new record for multiple process
      LSM attributes""
    - Revert "Revert "UBUNTU: SAUCE: Audit: Fix incorrect static inline function
      declration.""
    - Revert "Revert "UBUNTU: SAUCE: Audit: Add a new record for multiple object
      LSM attributes""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Add /proc attr entry for full LSM
      context""
    - Revert "Revert "UBUNTU: SAUCE: AppArmor: Remove the exclusive flag""
    - Revert "Revert "UBUNTU: SAUCE: Audit: Fix for missing NULL check""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: rename kzfree() to
      kfree_sensitive()""
    - Revert "Revert "UBUNTU: SAUCE: LSM: change ima_read_file() to use lsmblob""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Use lsmblob in smk_netlbl_mls()""
    - Revert "Revert "UBUNTU: SAUCE: apparmor: Fix build error, make sk parameter
      const""
    - Revert "Revert "UBUNTU: SAUCE: LSM: Specify which LSM to display (using
      struct cred as input)""

* [22.04 FEAT] Enhanced Interpretation for PCI Functions on s390x - kernel
    part (LP: #1853306)
    - s390/sclp: detect the zPCI load/store interpretation facility
    - s390/sclp: detect the AISII facility
    - s390/sclp: detect the AENI facility
    - s390/sclp: detect the AISI facility
    - s390/airq: pass more TPI info to airq handlers
    - s390/airq: allow for airq structure that uses an input vector
    - s390/pci: externalize the SIC operation controls and routine
    - s390/pci: stash associated GISA designation
    - s390/pci: stash dtsm and maxstbl
    - vfio/pci: introduce CONFIG_VFIO_PCI_ZDEV_KVM
    - KVM: s390: pci: add basic kvm_zdev structure
    - KVM: s390: pci: do initial setup for AEN interpretation
    - KVM: s390: pci: enable host forwarding of Adapter Event Notifications
    - KVM: s390: mechanism to enable guest zPCI Interpretation
    - KVM: s390: pci: provide routines for enabling/disabling interrupt forwarding
    - KVM: s390: pci: add routines to start/stop interpretive execution
    - vfio-pci/zdev: add open/close device hooks
    - vfio-pci/zdev: add function handle to clp base capability
    - vfio-pci/zdev: different maxstbl for interpreted devices
    - KVM: s390: add KVM_S390_ZPCI_OP to manage guest zPCI devices
    - MAINTAINERS: additional files related kvm s390 pci passthrough
    - Documentation: kvm: extend KVM_S390_ZPCI_OP subheading underline
    - KVM: s390: pci: Hook to access KVM lowlevel from VFIO

* [22.10 FEAT] [IO2201] Independent Usage of Secondary Physical Function
    (LP: #1959542)
    - PCI: Clean up pci_scan_slot()
    - PCI: Split out next_ari_fn() from next_fn()
    - PCI: Move jailhouse's isolated function handling to pci_scan_slot()
    - PCI: Extend isolated function probing to s390
    - s390/pci: allow zPCI zbus without a function zero

* AMD ACP 6.2 DMIC support (LP: #1989518)
    - ASoC: amd: add Pink Sardine platform ACP IP register header
    - ASoC: amd: add Pink Sardine ACP PCI driver
    - ASoC: amd: add acp6.2 init/de-init functions
    - ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver
    - ASoC: amd: add acp6.2 pdm platform driver
    - ASoC: amd: add acp6.2 irq handler
    - ASoC: amd: add acp6.2 pdm driver dma ops
    - ASoC: amd: add acp6.2 pci driver pm ops
    - ASoC: amd: add acp6.2 pdm driver pm ops
    - ASoC: amd: enable Pink Sardine acp6.2 drivers build
    - ASoC: amd: create platform device for acp6.2 machine driver
    - ASoC: amd: add Pink Sardine machine driver using dmic
    - ASoC: amd: enable Pink sardine platform machine driver build.
    - [Config] Enable audio for AMD PinkSardine

* support independent clock and LED GPIOs for Intel IPU6 platforms
    (LP: #1989046)
    - SAUCE: platform/x86: int3472: support independent clock and LED GPIOs

* CVE-2022-2978
    - SAUCE: fs: fix UAF/GPF bug in nilfs_mdt_destroy

* Miscellaneous Ubuntu changes
    - [Config] disable SECURITY_APPARMOR_RESTRICT_USERNS
    - SAUCE: Add mdev_set_iommu_device() kABI.
    - SAUCE: apparmor: Fix regression in stacking due to label flags
    - [Config] update toolchain version

* Miscellaneous upstream changes
    - Revert "drm/i915/opregion: check port number bounds for SWSCI display power
      state"

-- Andrea Righi <andrea.righi@canonical.com>  Wed, 21 Sep 2022 16:28:46 +0200

Changed in linux (Ubuntu Kinetic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2022-10-10:

#14

Download full text (42.9 KiB)

This bug was fixed in the package linux - 5.15.0-50.56

---------------
linux (5.15.0-50.56) jammy; urgency=medium

* jammy/linux: 5.15.0-50.56 -proposed tracker (LP: #1990148)

  * CVE-2022-3176
    - io_uring: refactor poll update
    - io_uring: move common poll bits
    - io_uring: kill poll linking optimisation
    - io_uring: inline io_poll_complete
    - io_uring: correct fill events helpers types
    - io_uring: clean cqe filling functions
    - io_uring: poll rework
    - io_uring: remove poll entry from list when canceling all
    - io_uring: bump poll refs to full 31-bits
    - io_uring: fail links when poll fails
    - io_uring: fix wrong arm_poll error handling
    - io_uring: fix UAF due to missing POLLFREE handling

  * ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809)
    - selftests/net: test nexthop without gw

  * ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809) // icmp_redirect.sh in ubuntu_kernel_selftests failed on
    Jammy 5.15.0-49.55 (LP: #1990124)
    - ip: fix triggering of 'icmp redirect'

linux (5.15.0-49.55) jammy; urgency=medium

* jammy/linux: 5.15.0-49.55 -proposed tracker (LP: #1989785)

* amdgpu module crash after 5.15 kernel update (LP: #1981883)
- drm/amdgpu: fix check in fbdev init

  * scsi: hisi_sas: Increase debugfs_dump_index after dump is completed
    (LP: #1982070)
    - scsi: hisi_sas: Increase debugfs_dump_index after dump is completed

* [UBUNTU 22.04] s390/qeth: cache link_info for ethtool (LP: #1984103)
- s390/qeth: cache link_info for ethtool

* WARN in trace_event_dyn_put_ref (LP: #1987232)
- tracing/perf: Fix double put of trace event when init fails

  * Jammy update: v5.15.60 upstream stable release (LP: #1989221)
    - x86/speculation: Make all RETbleed mitigations 64-bit only
    - selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
    - selftests/bpf: Check dst_port only on the client socket
    - block: fix default IO priority handling again
    - tools/vm/slabinfo: Handle files in debugfs
    - ACPI: video: Force backlight native for some TongFang devices
    - ACPI: video: Shortening quirk list by identifying Clevo by board_name only
    - ACPI: APEI: Better fix to avoid spamming the console with old error logs
    - crypto: arm64/poly1305 - fix a read out-of-bound
    - KVM: x86: do not report a vCPU as preempted outside instruction boundaries
    - KVM: x86: do not set st->preempted when going back to user space
    - KVM: selftests: Make hyperv_clock selftest more stable
    - tools/kvm_stat: fix display of error when multiple processes are found
    - selftests: KVM: Handle compiler optimizations in ucall
    - KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user()
    - arm64: set UXN on swapper page tables
    - btrfs: zoned: prevent allocation from previous data relocation BG
    - btrfs: zoned: fix critical section of relocation inode writeback
    - Bluetooth: hci_bcm: Add BCM4349B1 variant
    - Bluetooth: hci_bcm: Add DT compatible for CYW55572
    - dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding
    - Bluetooth: btusb: Add support of IMC Netw...

This bug was fixed in the package linux - 5.15.0-50.56

---------------
linux (5.15.0-50.56) jammy; urgency=medium

* jammy/linux: 5.15.0-50.56 -proposed tracker (LP: #1990148)

* CVE-2022-3176
    - io_uring: refactor poll update
    - io_uring: move common poll bits
    - io_uring: kill poll linking optimisation
    - io_uring: inline io_poll_complete
    - io_uring: correct fill events helpers types
    - io_uring: clean cqe filling functions
    - io_uring: poll rework
    - io_uring: remove poll entry from list when canceling all
    - io_uring: bump poll refs to full 31-bits
    - io_uring: fail links when poll fails
    - io_uring: fix wrong arm_poll error handling
    - io_uring: fix UAF due to missing POLLFREE handling

* ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809)
    - selftests/net: test nexthop without gw

* ip/nexthop: fix default address selection for connected nexthop
    (LP: #1988809) // icmp_redirect.sh in ubuntu_kernel_selftests failed on
    Jammy 5.15.0-49.55 (LP: #1990124)
    - ip: fix triggering of 'icmp redirect'

linux (5.15.0-49.55) jammy; urgency=medium

* jammy/linux: 5.15.0-49.55 -proposed tracker (LP: #1989785)

* amdgpu module crash after 5.15 kernel update (LP: #1981883)
    - drm/amdgpu: fix check in fbdev init

* scsi: hisi_sas: Increase debugfs_dump_index after dump is  completed
    (LP: #1982070)
    - scsi: hisi_sas: Increase debugfs_dump_index after dump is completed

* [UBUNTU 22.04] s390/qeth: cache link_info for ethtool (LP: #1984103)
    - s390/qeth: cache link_info for ethtool

* WARN in trace_event_dyn_put_ref (LP: #1987232)
    - tracing/perf: Fix double put of trace event when init fails

* Jammy update: v5.15.60 upstream stable release (LP: #1989221)
    - x86/speculation: Make all RETbleed mitigations 64-bit only
    - selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
    - selftests/bpf: Check dst_port only on the client socket
    - block: fix default IO priority handling again
    - tools/vm/slabinfo: Handle files in debugfs
    - ACPI: video: Force backlight native for some TongFang devices
    - ACPI: video: Shortening quirk list by identifying Clevo by board_name only
    - ACPI: APEI: Better fix to avoid spamming the console with old error logs
    - crypto: arm64/poly1305 - fix a read out-of-bound
    - KVM: x86: do not report a vCPU as preempted outside instruction boundaries
    - KVM: x86: do not set st->preempted when going back to user space
    - KVM: selftests: Make hyperv_clock selftest more stable
    - tools/kvm_stat: fix display of error when multiple processes are found
    - selftests: KVM: Handle compiler optimizations in ucall
    - KVM: x86/svm: add __GFP_ACCOUNT to __sev_dbg_{en,de}crypt_user()
    - arm64: set UXN on swapper page tables
    - btrfs: zoned: prevent allocation from previous data relocation BG
    - btrfs: zoned: fix critical section of relocation inode writeback
    - Bluetooth: hci_bcm: Add BCM4349B1 variant
    - Bluetooth: hci_bcm: Add DT compatible for CYW55572
    - dt-bindings: bluetooth: broadcom: Add BCM4349B1 DT binding
    - Bluetooth: btusb: Add support of IMC Networks PID 0x3568
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
    - Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
    - macintosh/adb: fix oob read in do_adb_query() function
    - x86/speculation: Add RSB VM Exit protections
    - x86/speculation: Add LFENCE to RSB fill sequence
    - Linux 5.15.60

* Jammy update: v5.15.59 upstream stable release (LP: #1989218)
    - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
    - Revert "ocfs2: mount shared volume without ha stack"
    - ntfs: fix use-after-free in ntfs_ucsncmp()
    - fs: sendfile handles O_NONBLOCK of out_fd
    - secretmem: fix unhandled fault in truncate
    - mm: fix page leak with multiple threads mapping the same page
    - hugetlb: fix memoryleak in hugetlb_mcopy_atomic_pte
    - asm-generic: remove a broken and needless ifdef conditional
    - s390/archrandom: prevent CPACF trng invocations in interrupt context
    - nouveau/svm: Fix to migrate all requested pages
    - drm/simpledrm: Fix return type of simpledrm_simple_display_pipe_mode_valid()
    - watch_queue: Fix missing rcu annotation
    - watch_queue: Fix missing locking in add_watch_to_object()
    - tcp: Fix data-races around sysctl_tcp_dsack.
    - tcp: Fix a data-race around sysctl_tcp_app_win.
    - tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
    - tcp: Fix a data-race around sysctl_tcp_frto.
    - tcp: Fix a data-race around sysctl_tcp_nometrics_save.
    - tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
    - ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
    - ice: do not setup vlan for loopback VSI
    - scsi: ufs: host: Hold reference returned by of_parse_phandle()
    - Revert "tcp: change pingpong threshold to 3"
    - octeontx2-pf: Fix UDP/TCP src and dst port tc filters
    - tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
    - tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
    - tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
    - scsi: core: Fix warning in scsi_alloc_sgtables()
    - scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown
    - net: ping6: Fix memleak in ipv6_renew_options().
    - ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
    - net/tls: Remove the context from the list in tls_device_down
    - igmp: Fix data-races around sysctl_igmp_qrv.
    - net: pcs: xpcs: propagate xpcs_read error to xpcs_get_state_c37_sgmii
    - net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
    - tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
    - tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
    - tcp: Fix a data-race around sysctl_tcp_autocorking.
    - tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
    - Documentation: fix sctp_wmem in ip-sysctl.rst
    - macsec: fix NULL deref in macsec_add_rxsa
    - macsec: fix error message in macsec_add_rxsa and _txsa
    - macsec: limit replay window size with XPN
    - macsec: always read MACSEC_SA_ATTR_PN as a u64
    - net: macsec: fix potential resource leak in macsec_add_rxsa() and
      macsec_add_txsa()
    - net: mld: fix reference count leak in mld_{query | report}_work()
    - tcp: Fix data-races around sk_pacing_rate.
    - net: Fix data-races around sysctl_[rw]mem(_offset)?.
    - tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
    - tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
    - tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
    - tcp: Fix data-races around sysctl_tcp_reflect_tos.
    - ipv4: Fix data-races around sysctl_fib_notify_on_flag_change.
    - i40e: Fix interface init with MSI interrupts (no MSI-X)
    - sctp: fix sleep in atomic context bug in timer handlers
    - octeontx2-pf: cn10k: Fix egress ratelimit configuration
    - virtio-net: fix the race between refill work and close
    - perf symbol: Correct address for bss symbols
    - sfc: disable softirqs for ptp TX
    - sctp: leave the err path free in sctp_stream_init to sctp_stream_free
    - ARM: crypto: comment out gcc warning that breaks clang builds
    - mm/hmm: fault non-owner device private entries
    - page_alloc: fix invalid watermark check on a negative value
    - ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow
    - EDAC/ghes: Set the DIMM label unconditionally
    - docs/kernel-parameters: Update descriptions for "mitigations=" param with
      retbleed
    - locking/rwsem: Allow slowpath writer to ignore handoff bit if not set by
      first waiter
    - x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
    - Linux 5.15.59

* Jammy update: v5.15.58 upstream stable release (LP: #1988479)
    - pinctrl: stm32: fix optional IRQ support to gpios
    - riscv: add as-options for modules with assembly compontents
    - mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
    - lockdown: Fix kexec lockdown bypass with ima policy
    - drm/ttm: fix locking in vmap/vunmap TTM GEM helpers
    - bus: mhi: host: pci_generic: add Telit FN980 v1 hardware revision
    - bus: mhi: host: pci_generic: add Telit FN990
    - Revert "selftest/vm: verify remap destination address in mremap_test"
    - Revert "selftest/vm: verify mmap addr in mremap_test"
    - PCI: hv: Fix multi-MSI to allow more than one MSI vector
    - PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
    - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
    - PCI: hv: Fix interrupt mapping for multi-MSI
    - serial: mvebu-uart: correctly report configured baudrate value
    - batman-adv: Use netif_rx_any_context() any.
    - xfs: fix maxlevels comparisons in the btree staging code
    - xfs: fold perag loop iteration logic into helper function
    - xfs: rename the next_agno perag iteration variable
    - xfs: terminate perag iteration reliably on agcount
    - xfs: fix perag reference leak on iteration race with growfs
    - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list()
    - r8152: fix a WOL issue
    - ip: Fix data-races around sysctl_ip_default_ttl.
    - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in
      xfrm_bundle_lookup()
    - power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
    - RDMA/irdma: Do not advertise 1GB page size for x722
    - RDMA/irdma: Fix sleep from invalid context BUG
    - pinctrl: ralink: rename MT7628(an) functions to MT76X8
    - pinctrl: ralink: rename pinctrl-rt2880 to pinctrl-ralink
    - pinctrl: ralink: Check for null return of devm_kcalloc
    - perf/core: Fix data race between perf_event_set_output() and
      perf_mmap_close()
    - ipv4/tcp: do not use per netns ctl sockets
    - net: tun: split run_ebpf_filter() and pskb_trim() into different "if
      statement"
    - mm/pagealloc: sysctl: change watermark_scale_factor max limit to 30%
    - sysctl: move some boundary constants from sysctl.c to sysctl_vals
    - tcp: Fix data-races around sysctl_tcp_ecn.
    - drm/amd/display: Add option to defer works of hpd_rx_irq
    - drm/amd/display: Fork thread to offload work of hpd_rx_irq
    - drm/amdgpu/display: add quirk handling for stutter mode
    - drm/amd/display: Ignore First MST Sideband Message Return Error
    - scsi: megaraid: Clear READ queue map's nr_queues
    - scsi: ufs: core: Drop loglevel of WriteBoost message
    - nvme: check for duplicate identifiers earlier
    - nvme: fix block device naming collision
    - igc: Reinstate IGC_REMOVED logic and implement it properly
    - ip: Fix data-races around sysctl_ip_no_pmtu_disc.
    - ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
    - ip: Fix data-races around sysctl_ip_fwd_update_priority.
    - ip: Fix data-races around sysctl_ip_nonlocal_bind.
    - ip: Fix a data-race around sysctl_ip_autobind_reuse.
    - ip: Fix a data-race around sysctl_fwmark_reflect.
    - tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
    - tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if()
    - tcp: Fix data-races around sysctl_tcp_l3mdev_accept.
    - tcp: Fix data-races around sysctl_tcp_mtu_probing.
    - tcp: Fix data-races around sysctl_tcp_base_mss.
    - tcp: Fix data-races around sysctl_tcp_min_snd_mss.
    - tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
    - tcp: Fix a data-race around sysctl_tcp_probe_threshold.
    - tcp: Fix a data-race around sysctl_tcp_probe_interval.
    - net: stmmac: fix pm runtime issue in stmmac_dvr_remove()
    - net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
    - mtd: rawnand: gpmi: validate controller clock rate
    - mtd: rawnand: gpmi: Set WAIT_FOR_READY timeout based on program/erase times
    - net: dsa: microchip: ksz_common: Fix refcount leak bug
    - net: skb: introduce kfree_skb_reason()
    - net: skb: use kfree_skb_reason() in tcp_v4_rcv()
    - net: skb: use kfree_skb_reason() in __udp4_lib_rcv()
    - net: socket: rename SKB_DROP_REASON_SOCKET_FILTER
    - net: skb_drop_reason: add document for drop reasons
    - net: netfilter: use kfree_drop_reason() for NF_DROP
    - net: ipv4: use kfree_skb_reason() in ip_rcv_core()
    - net: ipv4: use kfree_skb_reason() in ip_rcv_finish_core()
    - i2c: mlxcpld: Fix register setting for 400KHz frequency
    - i2c: cadence: Change large transfer count reset logic to be unconditional
    - perf tests: Fix Convert perf time to TSC test for hybrid
    - net: stmmac: fix dma queue left shift overflow issue
    - net/tls: Fix race in TLS device down flow
    - igmp: Fix data-races around sysctl_igmp_llm_reports.
    - igmp: Fix a data-race around sysctl_igmp_max_memberships.
    - igmp: Fix data-races around sysctl_igmp_max_msf.
    - tcp: Fix data-races around keepalive sysctl knobs.
    - tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.
    - tcp: Fix data-races around sysctl_tcp_syncookies.
    - tcp: Fix data-races around sysctl_tcp_migrate_req.
    - tcp: Fix data-races around sysctl_tcp_reordering.
    - tcp: Fix data-races around some timeout sysctl knobs.
    - tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
    - tcp: Fix a data-race around sysctl_tcp_tw_reuse.
    - tcp: Fix data-races around sysctl_max_syn_backlog.
    - tcp: Fix data-races around sysctl_tcp_fastopen.
    - tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
    - iavf: Fix handling of dummy receive descriptors
    - pinctrl: armada-37xx: Use temporary variable for struct device
    - pinctrl: armada-37xx: Make use of the devm_platform_ioremap_resource()
    - pinctrl: armada-37xx: Convert to use dev_err_probe()
    - pinctrl: armada-37xx: use raw spinlocks for regmap to avoid invalid wait
      context
    - i40e: Fix erroneous adapter reinitialization during recovery process
    - ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
    - net: stmmac: remove redunctant disable xPCS EEE call
    - gpio: pca953x: only use single read/write for No AI mode
    - gpio: pca953x: use the correct range when do regmap sync
    - gpio: pca953x: use the correct register address when regcache sync during
      init
    - be2net: Fix buffer overflow in be_get_module_eeprom
    - net: dsa: sja1105: silent spi_device_id warnings
    - net: dsa: vitesse-vsc73xx: silent spi_device_id warnings
    - drm/imx/dcss: Add missing of_node_put() in fail path
    - ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
    - ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.
    - ipv4: Fix data-races around sysctl_fib_multipath_hash_fields.
    - ip: Fix data-races around sysctl_ip_prot_sock.
    - udp: Fix a data-race around sysctl_udp_l3mdev_accept.
    - tcp: Fix data-races around sysctl knobs related to SYN option.
    - tcp: Fix a data-race around sysctl_tcp_early_retrans.
    - tcp: Fix data-races around sysctl_tcp_recovery.
    - tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
    - tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
    - tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
    - tcp: Fix a data-race around sysctl_tcp_stdurg.
    - tcp: Fix a data-race around sysctl_tcp_rfc1337.
    - tcp: Fix a data-race around sysctl_tcp_abort_on_overflow.
    - tcp: Fix data-races around sysctl_tcp_max_reordering.
    - gpio: gpio-xilinx: Fix integer overflow
    - KVM: selftests: Fix target thread to be migrated in rseq_test
    - spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA
      transfers
    - KVM: Don't null dereference ops->destroy
    - mm/mempolicy: fix uninit-value in mpol_rebind_policy()
    - bpf: Make sure mac_header was set before using it
    - sched/deadline: Fix BUG_ON condition for deboosted tasks
    - x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
    - dlm: fix pending remove if msg allocation fails
    - x86/uaccess: Implement macros for CMPXCHG on user addresses
    - bitfield.h: Fix "type of reg too small for mask" test
    - x86/entry_32: Remove .fixup usage
    - x86/extable: Extend extable functionality
    - x86/msr: Remove .fixup usage
    - x86/futex: Remove .fixup usage
    - KVM: x86: Use __try_cmpxchg_user() to emulate atomic accesses
    - xhci: dbc: refactor xhci_dbc_init()
    - xhci: dbc: create and remove dbc structure in dbgtty driver.
    - xhci: dbc: Rename xhci_dbc_init and xhci_dbc_exit
    - xhci: Set HCD flag to defer primary roothub registration
    - mt76: fix use-after-free by removing a non-RCU wcid pointer
    - iwlwifi: fw: uefi: add missing include guards
    - crypto: qat - set to zero DH parameters before free
    - crypto: qat - use pre-allocated buffers in datapath
    - crypto: qat - refactor submission logic
    - crypto: qat - add backlog mechanism
    - crypto: qat - fix memory leak in RSA
    - crypto: qat - remove dma_free_coherent() for RSA
    - crypto: qat - remove dma_free_coherent() for DH
    - crypto: qat - add param check for RSA
    - crypto: qat - add param check for DH
    - crypto: qat - re-enable registration of algorithms
    - exfat: fix referencing wrong parent directory information after renaming
    - tracing: Have event format check not flag %p* on __get_dynamic_array()
    - tracing: Place trace_pid_list logic into abstract functions
    - tracing: Fix return value of trace_pid_write()
    - um: virtio_uml: Allow probing from devicetree
    - um: virtio_uml: Fix broken device handling in time-travel
    - Bluetooth: Add bt_skb_sendmsg helper
    - Bluetooth: Add bt_skb_sendmmsg helper
    - Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
    - Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
    - Bluetooth: Fix passing NULL to PTR_ERR
    - Bluetooth: SCO: Fix sco_send_frame returning skb->len
    - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
    - exfat: use updated exfat_chain directly during renaming
    - x86/amd: Use IBPB for firmware calls
    - x86/alternative: Report missing return thunk details
    - watchqueue: make sure to serialize 'wqueue->defunct' properly
    - tty: drivers/tty/, stop using tty_schedule_flip()
    - tty: the rest, stop using tty_schedule_flip()
    - tty: drop tty_schedule_flip()
    - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
    - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
    - watch-queue: remove spurious double semicolon
    - drm/amd/display: invalid parameter check in dmub_hpd_callback
    - x86/extable: Prefer local labels in .set directives
    - KVM: x86: fix typo in __try_cmpxchg_user causing non-atomicness
    - x86: drop bogus "cc" clobber from __try_cmpxchg_user_asm()
    - drm/amdgpu: Off by one in dm_dmub_outbox1_low_irq()
    - x86/entry_32: Fix segment exceptions
    - Linux 5.15.58

* Jammy update: v5.15.57 upstream stable release (LP: #1988353)
    - x86/xen: Fix initialisation in hypercall_page after rethunk
    - tools arch x86: Sync the msr-index.h copy with the kernel sources
    - tools headers cpufeatures: Sync with the kernel sources
    - um: Add missing apply_returns()
    - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
    - Linux 5.15.57

* Jammy update: v5.15.56 upstream stable release (LP: #1988351)
    - ALSA: hda - Add fixup for Dell Latitidue E5430
    - ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
    - ALSA: hda/realtek: Fix headset mic for Acer SF313-51
    - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
    - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
    - ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
    - xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
    - fix race between exit_itimers() and /proc/pid/timers
    - mm: userfaultfd: fix UFFDIO_CONTINUE on fallocated shmem pages
    - mm: split huge PUD on wp_huge_pud fallback
    - tracing/histograms: Fix memory leak problem
    - net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
      pointer
    - ip: fix dflt addr selection for connected nexthop
    - ARM: 9213/1: Print message about disabled Spectre workarounds only once
    - ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
    - wifi: mac80211: fix queue selection for mesh/OCB interfaces
    - cgroup: Use separate src/dst nodes when preloading css_sets for migration
    - btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline
      extents
    - drm/panfrost: Put mapping instead of shmem obj on
      panfrost_mmu_map_fault_addr() error
    - drm/panfrost: Fix shrinker list corruption by madvise IOCTL
    - fs/remap: constrain dedupe of EOF blocks
    - nilfs2: fix incorrect masking of permission flags for symlinks
    - sh: convert nommu io{re,un}map() to static inline functions
    - Revert "evm: Fix memleak in init_desc"
    - xfs: only run COW extent recovery when there are no live extents
    - xfs: don't include bnobt blocks when reserving free block pool
    - xfs: run callbacks before waking waiters in xlog_state_shutdown_callbacks
    - xfs: drop async cache flushes from CIL commits.
    - reset: Fix devm bulk optional exclusive control getter
    - ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count
    - spi: amd: Limit max transfer and message size
    - ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
    - ARM: 9210/1: Mark the FDT_FIXED sections as shareable
    - net/mlx5e: kTLS, Fix build time constant test in TX
    - net/mlx5e: kTLS, Fix build time constant test in RX
    - net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
    - net/mlx5e: Fix capability check for updating vnic env counters
    - net/mlx5e: Ring the TX doorbell on DMA errors
    - drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
    - ima: Fix a potential integer overflow in ima_appraise_measurement
    - ASoC: sgtl5000: Fix noise on shutdown/remove
    - ASoC: tas2764: Add post reset delays
    - ASoC: tas2764: Fix and extend FSYNC polarity handling
    - ASoC: tas2764: Correct playback volume range
    - ASoC: tas2764: Fix amp gain register offset & default
    - ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks()
    - ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
    - net: stmmac: dwc-qos: Disable split header for Tegra194
    - net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
    - sysctl: Fix data races in proc_dointvec().
    - sysctl: Fix data races in proc_douintvec().
    - sysctl: Fix data races in proc_dointvec_minmax().
    - sysctl: Fix data races in proc_douintvec_minmax().
    - sysctl: Fix data races in proc_doulongvec_minmax().
    - sysctl: Fix data races in proc_dointvec_jiffies().
    - tcp: Fix a data-race around sysctl_tcp_max_orphans.
    - inetpeer: Fix data-races around sysctl.
    - net: Fix data-races around sysctl_mem.
    - cipso: Fix data-races around sysctl.
    - icmp: Fix data-races around sysctl.
    - ipv4: Fix a data-race around sysctl_fib_sync_mem.
    - ARM: dts: at91: sama5d2: Fix typo in i2s1 node
    - ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
    - arm64: dts: broadcom: bcm4908: Fix timer node for BCM4906 SoC
    - arm64: dts: broadcom: bcm4908: Fix cpu node for smp boot
    - netfilter: nf_log: incorrect offset to network header
    - netfilter: nf_tables: replace BUG_ON by element length check
    - drm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist()
    - xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
    - lockd: set fl_owner when unlocking files
    - lockd: fix nlm_close_files
    - tracing: Fix sleeping while atomic in kdb ftdump
    - drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
    - drm/i915/dg2: Add Wa_22011100796
    - drm/i915/gt: Serialize GRDOM access between multiple engine resets
    - drm/i915/gt: Serialize TLB invalidates with GT resets
    - drm/i915/uc: correctly track uc_fw init failure
    - drm/i915: Require the vm mutex for i915_vma_bind()
    - bnxt_en: Fix bnxt_reinit_after_abort() code path
    - bnxt_en: Fix bnxt_refclk_read()
    - sysctl: Fix data-races in proc_dou8vec_minmax().
    - sysctl: Fix data-races in proc_dointvec_ms_jiffies().
    - icmp: Fix data-races around sysctl_icmp_echo_enable_probe.
    - icmp: Fix a data-race around sysctl_icmp_ignore_bogus_error_responses.
    - icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.
    - icmp: Fix a data-race around sysctl_icmp_ratelimit.
    - icmp: Fix a data-race around sysctl_icmp_ratemask.
    - raw: Fix a data-race around sysctl_raw_l3mdev_accept.
    - tcp: Fix a data-race around sysctl_tcp_ecn_fallback.
    - ipv4: Fix data-races around sysctl_ip_dynaddr.
    - nexthop: Fix data-races around nexthop_compat_mode.
    - net: ftgmac100: Hold reference returned by of_get_child_by_name()
    - net: stmmac: fix leaks in probe
    - ima: force signature verification when CONFIG_KEXEC_SIG is configured
    - ima: Fix potential memory leak in ima_init_crypto()
    - drm/amd/display: Only use depth 36 bpp linebuffers on DCN display engines.
    - drm/amd/pm: Prevent divide by zero
    - sfc: fix use after free when disabling sriov
    - ceph: switch netfs read ops to use rreq->inode instead of
      rreq->mapping->host
    - seg6: fix skb checksum evaluation in SRH encapsulation/insertion
    - seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
    - seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
    - sfc: fix kernel panic when creating VF
    - KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()
    - net/tls: Check for errors in tls_device_init
    - ACPI: video: Fix acpi_video_handles_brightness_key_presses()
    - mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
    - btrfs: rename btrfs_bio to btrfs_io_context
    - btrfs: zoned: fix a leaked bioc in read_zone_info
    - ksmbd: use SOCK_NONBLOCK type for kernel_accept()
    - powerpc/xive/spapr: correct bitmap allocation size
    - vdpa/mlx5: Initialize CVQ vringh only once
    - vduse: Tie vduse mgmtdev and its device
    - virtio_mmio: Add missing PM calls to freeze/restore
    - virtio_mmio: Restore guest page size on resume
    - netfilter: br_netfilter: do not skip all hooks with 0 priority
    - scsi: hisi_sas: Limit max hw sectors for v3 HW
    - cpufreq: pmac32-cpufreq: Fix refcount leak bug
    - firmware: sysfb: Make sysfb_create_simplefb() return a pdev pointer
    - firmware: sysfb: Add sysfb_disable() helper function
    - fbdev: Disable sysfb device registration when removing conflicting FBs
    - net: tipc: fix possible refcount leak in tipc_sk_create()
    - NFC: nxp-nci: don't print header length mismatch on i2c error
    - nvme-tcp: always fail a request when sending it failed
    - nvme: fix regression when disconnect a recovering ctrl
    - net: sfp: fix memory leak in sfp_probe()
    - ASoC: ops: Fix off by one in range control validation
    - pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
    - ASoC: Realtek/Maxim SoundWire codecs: disable pm_runtime on remove
    - ASoC: rt711-sdca-sdw: fix calibrate mutex initialization
    - ASoC: Intel: sof_sdw: handle errors on card registration
    - ASoC: rt711: fix calibrate mutex initialization
    - ASoC: rt7*-sdw: harden jack_detect_handler
    - ASoC: codecs: rt700/rt711/rt711-sdca: initialize workqueues in probe
    - ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
    - ASoC: wcd938x: Fix event generation for some controls
    - ASoC: Intel: bytcr_wm5102: Fix GPIO related probe-ordering problem
    - ASoC: wm5110: Fix DRE control
    - ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
    - ASoC: dapm: Initialise kcontrol data for mux/demux controls
    - ASoC: cs47l15: Fix event generation for low power mux control
    - ASoC: madera: Fix event generation for OUT1 demux
    - ASoC: madera: Fix event generation for rate controls
    - irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
    - x86: Clear .brk area at early boot
    - soc: ixp4xx/npe: Fix unused match warning
    - ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
    - Revert "can: xilinx_can: Limit CANFD brp to 2"
    - ALSA: usb-audio: Add quirks for MacroSilicon MS2100/MS2106 devices
    - ALSA: usb-audio: Add quirk for Fiero SC-01
    - ALSA: usb-audio: Add quirk for Fiero SC-01 (fw v1.0.0)
    - nvme-pci: phison e16 has bogus namespace ids
    - signal handling: don't use BUG_ON() for debugging
    - USB: serial: ftdi_sio: add Belimo device ids
    - usb: typec: add missing uevent when partner support PD
    - usb: dwc3: gadget: Fix event pending check
    - tty: serial: samsung_tty: set dma burst_size to 1
    - vt: fix memory overlapping when deleting chars in the buffer
    - serial: 8250: fix return error code in serial8250_request_std_resource()
    - serial: stm32: Clear prev values before setting RTS delays
    - serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
    - serial: 8250: Fix PM usage_count for console handover
    - x86/pat: Fix x86_has_pat_wp()
    - drm/aperture: Run fbdev removal before internal helpers
    - Linux 5.15.56

* Jammy update: v5.15.55 upstream stable release (LP: #1988338)
    - Linux 5.15.55

* Jammy update: v5.15.54 upstream stable release (LP: #1987451)
    - mm/slub: add missing TID updates on slab deactivation
    - mm/filemap: fix UAF in find_lock_entries
    - Revert "selftests/bpf: Add test for bpf_timer overwriting crash"
    - ALSA: usb-audio: Workarounds for Behringer UMC 204/404 HD
    - ALSA: hda/realtek: Add quirk for Clevo L140PU
    - ALSA: cs46xx: Fix missing snd_card_free() call at probe error
    - can: bcm: use call_rcu() instead of costly synchronize_rcu()
    - can: grcan: grcan_probe(): remove extra of_node_get()
    - can: gs_usb: gs_usb_open/close(): fix memory leak
    - can: m_can: m_can_chip_config(): actually enable internal timestamping
    - can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32
      bits
    - can: mcp251xfd: mcp251xfd_regmap_crc_read(): improve workaround handling for
      mcp2517fd
    - can: mcp251xfd: mcp251xfd_regmap_crc_read(): update workaround broken CRC on
      TBC register
    - bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
    - bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
    - usbnet: fix memory leak in error case
    - net: rose: fix UAF bug caused by rose_t0timer_expiry
    - netfilter: nft_set_pipapo: release elements in clone from abort path
    - btrfs: rename btrfs_alloc_chunk to btrfs_create_chunk
    - btrfs: add additional parameters to btrfs_init_tree_ref/btrfs_init_data_ref
    - btrfs: fix invalid delayed ref after subvolume creation failure
    - btrfs: fix warning when freeing leaf after subvolume creation failure
    - Input: cpcap-pwrbutton - handle errors from platform_get_irq()
    - Input: goodix - change goodix_i2c_write() len parameter type to int
    - Input: goodix - add a goodix.h header file
    - Input: goodix - refactor reset handling
    - Input: goodix - try not to touch the reset-pin on x86/ACPI devices
    - dma-buf/poll: Get a file reference for outstanding fence callbacks
    - btrfs: fix deadlock between chunk allocation and chunk btree modifications
    - drm/i915: Disable bonding on gen12+ platforms
    - drm/i915/gt: Register the migrate contexts with their engines
    - drm/i915: Replace the unconditional clflush with drm_clflush_virt_range()
    - media: ir_toy: prevent device from hanging during transmit
    - memory: renesas-rpc-if: Avoid unaligned bus access for HyperFlash
    - ath11k: add hw_param for wakeup_mhi
    - qed: Improve the stack space of filter_config()
    - platform/x86: wmi: introduce helper to convert driver to WMI driver
    - platform/x86: wmi: Replace read_takes_no_args with a flags field
    - platform/x86: wmi: Fix driver->notify() vs ->probe() race
    - mt76: mt7921: get rid of mt7921_mac_set_beacon_filter
    - mt76: mt7921: introduce mt7921_mcu_set_beacon_filter utility routine
    - mt76: mt7921: fix a possible race enabling/disabling runtime-pm
    - bpf: Stop caching subprog index in the bpf_pseudo_func insn
    - bpf, arm64: Use emit_addr_mov_i64() for BPF_PSEUDO_FUNC
    - riscv: defconfig: enable DRM_NOUVEAU
    - RISC-V: defconfigs: Set CONFIG_FB=y, for FB console
    - net/mlx5e: Check action fwd/drop flag exists also for nic flows
    - net/mlx5e: Split actions_match_supported() into a sub function
    - net/mlx5e: TC, Reject rules with drop and modify hdr action
    - net/mlx5e: TC, Reject rules with forward and drop actions
    - ASoC: rt5682: Avoid the unexpected IRQ event during going to suspend
    - ASoC: rt5682: Re-detect the combo jack after resuming
    - ASoC: rt5682: Fix deadlock on resume
    - netfilter: nf_tables: convert pktinfo->tprot_set to flags field
    - netfilter: nft_payload: support for inner header matching / mangling
    - netfilter: nft_payload: don't allow th access for fragments
    - s390/boot: allocate amode31 section in decompressor
    - s390/setup: use physical pointers for memblock_reserve()
    - s390/setup: preserve memory at OLDMEM_BASE and OLDMEM_SIZE
    - ibmvnic: init init_done_rc earlier
    - ibmvnic: clear fop when retrying probe
    - ibmvnic: Allow queueing resets during probe
    - virtio-blk: avoid preallocating big SGL for data
    - io_uring: ensure that fsnotify is always called
    - block: use bdev_get_queue() in bio.c
    - block: only mark bio as tracked if it really is tracked
    - block: fix rq-qos breakage from skipping rq_qos_done_bio()
    - stddef: Introduce struct_group() helper macro
    - media: omap3isp: Use struct_group() for memcpy() region
    - media: davinci: vpif: fix use-after-free on driver unbind
    - mt76: mt76_connac: fix MCU_CE_CMD_SET_ROC definition error
    - mt76: mt7921: do not always disable fw runtime-pm
    - cxl/port: Hold port reference until decoder release
    - clk: renesas: r9a07g044: Update multiplier and divider values for PLL2/3
    - KVM: x86/mmu: Use yield-safe TDP MMU root iter in MMU notifier unmapping
    - KVM: x86/mmu: Use common TDP MMU zap helper for MMU notifier unmap hook
    - scsi: qla2xxx: Move heartbeat handling from DPC thread to workqueue
    - scsi: qla2xxx: Fix laggy FC remote port session recovery
    - scsi: qla2xxx: edif: Replace list_for_each_safe with
      list_for_each_entry_safe
    - scsi: qla2xxx: Fix crash during module load unload test
    - gfs2: Fix gfs2_file_buffered_write endless loop workaround
    - vdpa/mlx5: Avoid processing works if workqueue was destroyed
    - btrfs: handle device lookup with btrfs_dev_lookup_args
    - btrfs: add a btrfs_get_dev_args_from_path helper
    - btrfs: use btrfs_get_dev_args_from_path in dev removal ioctls
    - btrfs: remove device item and update super block in the same transaction
    - drbd: add error handling support for add_disk()
    - drbd: Fix double free problem in drbd_create_device
    - drbd: fix an invalid memory access caused by incorrect use of list iterator
    - drm/amd/display: Set min dcfclk if pipe count is 0
    - drm/amd/display: Fix by adding FPU protection for dcn30_internal_validate_bw
    - NFSD: De-duplicate net_generic(nf->nf_net, nfsd_net_id)
    - NFSD: COMMIT operations must not return NFS?ERR_INVAL
    - riscv/mm: Add XIP_FIXUP for riscv_pfn_base
    - iio: accel: mma8452: use the correct logic to get mma8452_data
    - batman-adv: Use netif_rx().
    - mtd: spi-nor: Skip erase logic when SPI_NOR_NO_ERASE is set
    - Compiler Attributes: add __alloc_size() for better bounds checking
    - mm: vmalloc: introduce array allocation functions
    - KVM: use __vcalloc for very large allocations
    - btrfs: don't access possibly stale fs_info data in device_list_add
    - KVM: s390x: fix SCK locking
    - scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
    - powerpc/32: Don't use lmw/stmw for saving/restoring non volatile regs
    - powerpc: flexible GPR range save/restore macros
    - powerpc/tm: Fix more userspace r13 corruption
    - serial: sc16is7xx: Clear RS485 bits in the shutdown
    - bus: mhi: core: Use correctly sized arguments for bit field
    - bus: mhi: Fix pm_state conversion to string
    - stddef: Introduce DECLARE_FLEX_ARRAY() helper
    - uapi/linux/stddef.h: Add include guards
    - ASoC: rt5682: move clk related code to rt5682_i2c_probe
    - ASoC: rt5682: fix an incorrect NULL check on list iterator
    - drm/amd/vcn: fix an error msg on vcn 3.0
    - KVM: Don't create VM debugfs files outside of the VM directory
    - tty: n_gsm: Modify CR,PF bit when config requester
    - tty: n_gsm: Save dlci address open status when config requester
    - tty: n_gsm: fix frame reception handling
    - ALSA: usb-audio: add mapping for MSI MPG X570S Carbon Max Wifi.
    - ALSA: usb-audio: add mapping for MSI MAG X570S Torpedo MAX.
    - tty: n_gsm: fix missing update of modem controls after DLCI open
    - btrfs: zoned: encapsulate inode locking for zoned relocation
    - btrfs: zoned: use dedicated lock for data relocation
    - KVM: Initialize debugfs_dentry when a VM is created to avoid NULL deref
    - mm/hwpoison: mf_mutex for soft offline and unpoison
    - mm/hwpoison: avoid the impact of hwpoison_filter() return value on mce
      handler
    - mm/memory-failure.c: fix race with changing page compound again
    - mm/hwpoison: fix race between hugetlb free/demotion and
      memory_failure_hugetlb()
    - tty: n_gsm: fix invalid use of MSC in advanced option
    - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output()
    - serial: 8250_mtk: Make sure to select the right FEATURE_SEL
    - tty: n_gsm: fix invalid gsmtty_write_room() result
    - drm/i915: Fix a race between vma / object destruction and unbinding
    - drm/mediatek: Use mailbox rx_callback instead of cmdq_task_cb
    - drm/mediatek: Remove the pointer of struct cmdq_client
    - drm/mediatek: Detect CMDQ execution timeout
    - drm/mediatek: Add cmdq_handle in mtk_crtc
    - drm/mediatek: Add vblank register/unregister callback functions
    - Bluetooth: protect le accept and resolv lists with hdev->lock
    - Bluetooth: btmtksdio: fix use-after-free at btmtksdio_recv_event
    - io_uring: avoid io-wq -EAGAIN looping for !IOPOLL
    - irqchip/gic-v3: Ensure pseudo-NMIs have an ISB between ack and handling
    - irqchip/gic-v3: Refactor ISB + EOIR at ack time
    - rxrpc: Fix locking issue
    - dt-bindings: soc: qcom: smd-rpm: Add compatible for MSM8953 SoC
    - dt-bindings: soc: qcom: smd-rpm: Fix missing MSM8936 compatible
    - module: change to print useful messages from elf_validity_check()
    - module: fix [e_shstrndx].sh_size=0 OOB access
    - iommu/vt-d: Fix PCI bus rescan device hot add
    - fbdev: fbmem: Fix logo center image dx issue
    - PM: runtime: Redefine pm_runtime_release_supplier()
    - memregion: Fix memregion_free() fallback definition
    - video: of_display_timing.h: include errno.h
    - powerpc/powernv: delay rng platform device creation until later in boot
    - net: dsa: qca8k: reset cpu port on MTU change
    - can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info
    - can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
    - can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
    - xfs: remove incorrect ASSERT in xfs_rename
    - Revert "serial: sc16is7xx: Clear RS485 bits in the shutdown"
    - btrfs: fix error pointer dereference in btrfs_ioctl_rm_dev_v2()
    - virtio-blk: modify the value type of num in virtio_queue_rq()
    - btrfs: fix use of uninitialized variable at rm device ioctl
    - tty: n_gsm: fix encoding of command/response bit
    - ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
    - pinctrl: sunxi: a83t: Fix NAND function name for some pins
    - ASoC: rt711: Add endianness flag in snd_soc_component_driver
    - ASoC: rt711-sdca: Add endianness flag in snd_soc_component_driver
    - ASoC: codecs: rt700/rt711/rt711-sdca: resume bus/codec in .set_jack_detect
    - arm64: dts: qcom: msm8994: Fix CPU6/7 reg values
    - arm64: dts: qcom: sdm845: use dispcc AHB clock for mdss node
    - ARM: mxs_defconfig: Enable the framebuffer
    - arm64: dts: imx8mp-evk: correct mmc pad settings
    - arm64: dts: imx8mp-evk: correct the uart2 pinctl value
    - arm64: dts: imx8mp-evk: correct gpio-led pad settings
    - arm64: dts: imx8mp-evk: correct vbus pad settings
    - arm64: dts: imx8mp-evk: correct eqos pad settings
    - arm64: dts: imx8mp-evk: correct I2C1 pad settings
    - arm64: dts: imx8mp-evk: correct I2C3 pad settings
    - arm64: dts: imx8mp-phyboard-pollux-rdk: correct uart pad settings
    - arm64: dts: imx8mp-phyboard-pollux-rdk: correct eqos pad settings
    - arm64: dts: imx8mp-phyboard-pollux-rdk: correct i2c2 & mmc settings
    - pinctrl: sunxi: sunxi_pconf_set: use correct offset
    - arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
    - ARM: at91: pm: use proper compatible for sama5d2's rtc
    - ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt
    - ARM: at91: pm: use proper compatibles for sama7g5's rtc and rtt
    - ARM: dts: at91: sam9x60ek: fix eeprom compatible and size
    - ARM: dts: at91: sama5d2_icp: fix eeprom compatibles
    - ARM: at91: fix soc detection for SAM9X60 SiPs
    - xsk: Clear page contiguity bit when unmapping pool
    - i2c: piix4: Fix a memory leak in the EFCH MMIO support
    - i40e: Fix dropped jumbo frames statistics
    - i40e: Fix VF's MAC Address change on VM
    - ARM: dts: stm32: use usbphyc ck_usbo_48m as USBH OHCI clock on stm32mp151
    - ARM: dts: stm32: add missing usbh clock and fix clk order on stm32mp15
    - ibmvnic: Properly dispose of all skbs during a failover.
    - selftests: forwarding: fix flood_unicast_test when h2 supports
      IFF_UNICAST_FLT
    - selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT
    - selftests: forwarding: fix error message in learning_test
    - r8169: fix accessing unset transport header
    - i2c: cadence: Unregister the clk notifier in error path
    - dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
    - misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
    - misc: rtsx_usb: use separate command and response buffers
    - misc: rtsx_usb: set return value in rsp_buf alloc err path
    - Revert "mm/memory-failure.c: fix race with changing page compound again"
    - Revert "serial: 8250_mtk: Make sure to select the right FEATURE_SEL"
    - dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
    - ida: don't use BUG_ON() for debugging
    - dmaengine: pl330: Fix lockdep warning about non-static key
    - dmaengine: lgm: Fix an error handling path in intel_ldma_probe()
    - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
    - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
    - dmaengine: qcom: bam_dma: fix runtime PM underflow
    - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
    - dmaengine: idxd: force wq context cleanup on device disable path
    - selftests/net: fix section name when using xdp_dummy.o
    - Linux 5.15.54

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 20 Sep 2022 11:17:11 +0200

Changed in linux (Ubuntu Jammy):
status:	Fix Committed → Fix Released

Frank Heimes (fheimes) on 2022-10-10

Changed in ubuntu-z-systems:
status:	Fix Committed → Fix Released

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-10-14:

#15

This bug is awaiting verification that the linux-gkeop-5.15/5.15.0-1005.7~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Revision history for this message

Frank Heimes (fheimes) wrote on 2022-10-14:

#16

This bug was not requested for linux-gkeop-5.15 nor for focal.
Hence I'll just set the tag 'verification-done-focal' to unblock the SRU process.

tags:

added: verification-done-focal

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-12-07:

#17

This bug is awaiting verification that the linux-bluefield/5.15.0-1010.12 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-bluefield verification-needed-jammy
removed: verification-done verification-done-jammy

Revision history for this message

Frank Heimes (fheimes) wrote on 2022-12-07:

#18

This bug was not requested for linux-bluefield.
Hence I'll just set the tag 'verification-done-jammy' to unblock the further process.

tags:

added: verification-done-jammy
removed: verification-needed-jammy

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-12-12:

#19

This bug is awaiting verification that the linux-nvidia/5.15.0-1011.11 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: kernel-spammed-jammy-linux-nvidia verification-needed-jammy
removed: verification-done-jammy

Revision history for this message

Frank Heimes (fheimes) wrote on 2022-12-12:

#20

This bug was not opened against linux-nvidia/5.15.0-1011.11 and is also not relevant for this kernel.
However, I'm setting the tag to done to unblock the process.

tags:

added: verification-done-jammy
removed: verification-needed-jammy

Revision history for this message

bugproxy (bugproxy) wrote on 2022-12-12:

#21

------- Comment From <email address hidden> 2022-12-12 08:36 EDT-------
still fine with latest updates:

# uname -a
Linux a83lp78.lnxne.boe 5.15.0-56-generic #62-Ubuntu SMP Tue Nov 22 19:57:26 UTC 2022 s390x s390x s390x GNU/Linux
# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
0
# ethtool encbd00 | grep Duplex
Duplex: Full
# grep qcrdinfo /sys/kernel/debug/s390dbf/qeth*/hex_ascii | wc -l
0

Ubuntu on IBM z Systems

[UBUNTU 22.04] s390/qeth: cache link_info for ethtool

Bug Description

CVE References

Other bug subscribers

Patches

Remote bug watches

	Status	Importance	Assigned to
Ubuntu on IBM z Systems	Fix Released	High	Skipper Bug Screeners
linux (Ubuntu)	Fix Released	High	Joseph Salisbury
Jammy	Fix Released	High	Joseph Salisbury
Kinetic	Fix Released	High	Joseph Salisbury