Bug #1944390 “Fix ignoring ct state match of OVS offload to TC/H...” : Bugs : linux-bluefield package : Ubuntu

Stefan Bader (smb) on 2021-10-07

Changed in linux-bluefield (Ubuntu Focal):
assignee:	nobody → Bodong Wang (bodong-wang)
importance:	Undecided → Medium
status:	New → In Progress

Luke Nowakowski-Krijger (lukenow) on 2021-10-13

Changed in linux-bluefield (Ubuntu Focal):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-10-22:

#1

This bug is awaiting verification that the linux-bluefield/5.4.0-1021.24 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-focal

Revision history for this message

Kelsey Steele (kelsey-steele) wrote on 2021-10-29:

#2

Hi Bodong, may you please verify the focal/bluefield kernel in -proposed resolves this bug? You can find more instructions in comment #1. Thank you!

Bodong Wang (bodong-wang) on 2021-11-02

tags:

added: verification-done-focal
removed: verification-needed-focal

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-11-08:

#3

Download full text (33.5 KiB)

This bug was fixed in the package linux-bluefield - 5.4.0-1021.24

---------------
linux-bluefield (5.4.0-1021.24) focal; urgency=medium

* focal/linux-bluefield: 5.4.0-1021.24 -proposed tracker (LP: #1947236)

* Packaging resync (LP: #1786013)
- [Packaging] update Ubuntu.md

  * Add psample tunnel support and also two fixes for psample issues.
    (LP: #1946266)
    - net: psample: Add tunnel support
    - net: psample: fix build error when CONFIG_INET is not enabled
    - net: psample: Fix netlink skb length with tunnel info
    - psample: Fix user API breakage

  * Fix ignoring ct state match of OVS offload to TC/HW (LP: #1944390)
    - netlink: add mask validation
    - net/sched: cls_flower: Reject invalid ct_state flags rules
    - net/sched: cls_flower: validate ct_state for invalid and reply flags
    - net/sched: cls_flower: fix only mask bit check in the validate_ct_state

  * Fix byte count on fragmented packets in tc ct action (LP: #1946393)
    - net/sched: act_ct: add miss tcf_lastuse_update.
    - SAUCE: net/sched: act_ct: Fix byte count on fragmented packets

[ Ubuntu: 5.4.0-90.101 ]

  * focal/linux: 5.4.0-90.101 -proposed tracker (LP: #1947260)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.10.18)
  * Add final-checks to check certificates (LP: #1947174)
    - [Packaging] Add system trusted and revocation keys final check
  * No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s
    Gen2 (LP: #1939052)
    - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
      15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
    - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s
      Gen2
  * CVE-2020-36385
    - RDMA/cma: Add missing locking to rdma_accept()
    - RDMA/ucma: Fix the locking of ctx->file
    - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
  * Focal update: v5.4.148 upstream stable release (LP: #1946802)
    - rtc: tps65910: Correct driver module alias
    - btrfs: wake up async_delalloc_pages waiters after submit
    - btrfs: reset replace target device to allocation state on close
    - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
    - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
    - PCI/MSI: Skip masking MSI-X on Xen PV
    - powerpc/perf/hv-gpci: Fix counter value parsing
    - xen: fix setting of max_pfn in shared_info
    - include/linux/list.h: add a macro to test if entry is pointing to the head
    - 9p/xen: Fix end of loop tests for list_for_each_entry
    - tools/thermal/tmon: Add cross compiling support
    - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
    - pinctrl: ingenic: Fix incorrect pull up/down info
    - soc: qcom: aoss: Fix the out of bound usage of cooling_devs
    - soc: aspeed: lpc-ctrl: Fix boundary check for mmap
    - soc: aspeed: p2a-ctrl: Fix boundary check for mmap
    - arm64: head: avoid over-mapping in map_memory
    - crypto: public_key: fix overflow during implicit conversion
    - block: bfq: fix bfq_set_next_ioprio_data()
    - power: supply: max17042: handle fails of reading st...

This bug was fixed in the package linux-bluefield - 5.4.0-1021.24

---------------
linux-bluefield (5.4.0-1021.24) focal; urgency=medium

* focal/linux-bluefield: 5.4.0-1021.24 -proposed tracker (LP: #1947236)

* Packaging resync (LP: #1786013)
    - [Packaging] update Ubuntu.md

* Add psample tunnel support and also two fixes for psample issues.
    (LP: #1946266)
    - net: psample: Add tunnel support
    - net: psample: fix build error when CONFIG_INET is not enabled
    - net: psample: Fix netlink skb length with tunnel info
    - psample: Fix user API breakage

* Fix ignoring ct state match of OVS offload to TC/HW (LP: #1944390)
    - netlink: add mask validation
    - net/sched: cls_flower: Reject invalid ct_state flags rules
    - net/sched: cls_flower: validate ct_state for invalid and reply flags
    - net/sched: cls_flower: fix only mask bit check in the validate_ct_state

* Fix byte count on fragmented packets in tc ct action (LP: #1946393)
    - net/sched: act_ct: add miss tcf_lastuse_update.
    - SAUCE: net/sched: act_ct: Fix byte count on fragmented packets

[ Ubuntu: 5.4.0-90.101 ]

* focal/linux: 5.4.0-90.101 -proposed tracker (LP: #1947260)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.10.18)
  * Add final-checks to check certificates (LP: #1947174)
    - [Packaging] Add system trusted and revocation keys final check
  * No sound on Lenovo laptop models Legion 15IMHG05, Yoga 7 14ITL5, and 13s
    Gen2 (LP: #1939052)
    - ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i
      15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops.
    - ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s
      Gen2
  * CVE-2020-36385
    - RDMA/cma: Add missing locking to rdma_accept()
    - RDMA/ucma: Fix the locking of ctx->file
    - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy
  * Focal update: v5.4.148 upstream stable release (LP: #1946802)
    - rtc: tps65910: Correct driver module alias
    - btrfs: wake up async_delalloc_pages waiters after submit
    - btrfs: reset replace target device to allocation state on close
    - blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
    - blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN
    - PCI/MSI: Skip masking MSI-X on Xen PV
    - powerpc/perf/hv-gpci: Fix counter value parsing
    - xen: fix setting of max_pfn in shared_info
    - include/linux/list.h: add a macro to test if entry is pointing to the head
    - 9p/xen: Fix end of loop tests for list_for_each_entry
    - tools/thermal/tmon: Add cross compiling support
    - pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast
    - pinctrl: ingenic: Fix incorrect pull up/down info
    - soc: qcom: aoss: Fix the out of bound usage of cooling_devs
    - soc: aspeed: lpc-ctrl: Fix boundary check for mmap
    - soc: aspeed: p2a-ctrl: Fix boundary check for mmap
    - arm64: head: avoid over-mapping in map_memory
    - crypto: public_key: fix overflow during implicit conversion
    - block: bfq: fix bfq_set_next_ioprio_data()
    - power: supply: max17042: handle fails of reading status register
    - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
    - VMCI: fix NULL pointer dereference when unmapping queue pair
    - media: uvc: don't do DMA on stack
    - media: rc-loopback: return number of emitters rather than error
    - Revert "dmaengine: imx-sdma: refine to load context only once"
    - dmaengine: imx-sdma: remove duplicated sdma_load_context
    - libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
    - ARM: 9105/1: atags_to_fdt: don't warn about stack size
    - PCI/portdrv: Enable Bandwidth Notification only if port supports it
    - PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
    - PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
    - PCI: xilinx-nwl: Enable the clock through CCF
    - PCI: aardvark: Fix checking for PIO status
    - PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response
    - PCI: aardvark: Fix masking and unmasking legacy INTx interrupts
    - HID: input: do not report stylus battery state as "full"
    - f2fs: quota: fix potential deadlock
    - scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND
    - IB/hfi1: Adjust pkey entry in index 0
    - RDMA/iwcm: Release resources if iw_cm module initialization fails
    - docs: Fix infiniband uverbs minor number
    - pinctrl: samsung: Fix pinctrl bank pin count
    - vfio: Use config not menuconfig for VFIO_NOIOMMU
    - powerpc/stacktrace: Include linux/delay.h
    - RDMA/efa: Remove double QP type assignment
    - f2fs: show f2fs instance in printk_ratelimited
    - f2fs: reduce the scope of setting fsck tag when de->name_len is zero
    - openrisc: don't printk() unconditionally
    - dma-debug: fix debugfs initialization order
    - SUNRPC: Fix potential memory corruption
    - scsi: fdomain: Fix error return code in fdomain_probe()
    - pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
    - scsi: smartpqi: Fix an error code in pqi_get_raid_map()
    - scsi: qedi: Fix error codes in qedi_alloc_global_queues()
    - scsi: qedf: Fix error codes in qedf_alloc_global_queues()
    - powerpc/config: Renable MTD_PHYSMAP_OF
    - scsi: target: avoid per-loop XCOPY buffer allocations
    - HID: i2c-hid: Fix Elan touchpad regression
    - KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs
      are live
    - platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from
      run_smbios_call
    - fscache: Fix cookie key hashing
    - clk: at91: sam9x60: Don't use audio PLL
    - clk: at91: clk-generated: pass the id of changeable parent at registration
    - clk: at91: clk-generated: Limit the requested rate to our range
    - KVM: PPC: Fix clearing never mapped TCEs in realmode
    - f2fs: fix to account missing .skipped_gc_rwsem
    - f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
    - f2fs: fix to unmap pages from userspace process in punch_hole()
    - MIPS: Malta: fix alignment of the devicetree buffer
    - kbuild: Fix 'no symbols' warning when CONFIG_TRIM_UNUSD_KSYMS=y
    - userfaultfd: prevent concurrent API initialization
    - drm/amdgpu: Fix amdgpu_ras_eeprom_init()
    - ASoC: atmel: ATMEL drivers don't need HAS_DMA
    - media: dib8000: rewrite the init prbs logic
    - crypto: mxs-dcp - Use sg_mapping_iter to copy data
    - PCI: Use pci_update_current_state() in pci_enable_device_flags()
    - tipc: keep the skb in rcv queue until the whole data is read
    - iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
    - iavf: do not override the adapter state in the watchdog task
    - iavf: fix locking of critical sections
    - ARM: dts: qcom: apq8064: correct clock names
    - video: fbdev: kyro: fix a DoS bug by restricting user input
    - netlink: Deal with ESRCH error in nlmsg_notify()
    - Smack: Fix wrong semantics in smk_access_entry()
    - drm: avoid blocking in drm_clients_info's rcu section
    - igc: Check if num of q_vectors is smaller than max before array access
    - usb: host: fotg210: fix the endpoint's transactional opportunities
      calculation
    - usb: host: fotg210: fix the actual_length of an iso packet
    - usb: gadget: u_ether: fix a potential null pointer dereference
    - USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable()
    - usb: gadget: composite: Allow bMaxPower=0 if self-powered
    - staging: board: Fix uninitialized spinlock when attaching genpd
    - tty: serial: jsm: hold port lock when reporting modem line changes
    - drm/amd/display: Fix timer_per_pixel unit error
    - drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex
    - bpf/tests: Fix copy-and-paste error in double word test
    - bpf/tests: Do not PASS tests without actually testing the result
    - video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
    - video: fbdev: kyro: Error out if 'pixclock' equals zero
    - video: fbdev: riva: Error out if 'pixclock' equals zero
    - ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
    - flow_dissector: Fix out-of-bounds warnings
    - s390/jump_label: print real address in a case of a jump label bug
    - s390: make PCI mio support a machine flag
    - serial: 8250: Define RX trigger levels for OxSemi 950 devices
    - xtensa: ISS: don't panic in rs_init
    - hvsi: don't panic on tty_register_driver failure
    - serial: 8250_pci: make setup_port() parameters explicitly unsigned
    - staging: ks7010: Fix the initialization of the 'sleep_status' structure
    - samples: bpf: Fix tracex7 error raised on the missing argument
    - ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
    - Bluetooth: skip invalid hci_sync_conn_complete_evt
    - workqueue: Fix possible memory leaks in wq_numa_init()
    - bonding: 3ad: fix the concurrency between __bond_release_one() and
      bond_3ad_state_machine_handler()
    - arm64: tegra: Fix Tegra194 PCIe EP compatible string
    - ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the
      matching in-/output
    - media: imx258: Rectify mismatch of VTS value
    - media: imx258: Limit the max analogue gain to 480
    - media: v4l2-dv-timings.c: fix wrong condition in two for-loops
    - media: TDA1997x: fix tda1997x_query_dv_timings() return value
    - media: tegra-cec: Handle errors of clk_prepare_enable()
    - ARM: dts: imx53-ppd: Fix ACHC entry
    - arm64: dts: qcom: sdm660: use reg value for memory node
    - net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe()
    - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit
    - selftests/bpf: Fix xdp_tx.c prog section name
    - Bluetooth: schedule SCO timeouts with delayed_work
    - Bluetooth: avoid circular locks in sco_sock_connect
    - net/mlx5: Fix variable type to match 64bit
    - gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable
      access in amdgpu_i2c_router_select_ddc_port()
    - drm/display: fix possible null-pointer dereference in dcn10_set_clock()
    - mac80211: Fix monitor MTU limit so that A-MSDUs get through
    - ARM: tegra: tamonten: Fix UART pad setting
    - arm64: tegra: Fix compatible string for Tegra132 CPUs
    - arm64: dts: ls1046a: fix eeprom entries
    - nvme-tcp: don't check blk_mq_tag_to_rq when receiving pdu data
    - Bluetooth: Fix handling of LE Enhanced Connection Complete
    - opp: Don't print an error if required-opps is missing
    - serial: sh-sci: fix break handling for sysrq
    - tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD
    - rpc: fix gss_svc_init cleanup on failure
    - staging: rts5208: Fix get_ms_information() heap buffer size
    - gfs2: Don't call dlm after protocol is unmounted
    - usb: chipidea: host: fix port index underflow and UBSAN complains
    - lockd: lockd server-side shouldn't set fl_ops
    - drm/exynos: Always initialize mapping in exynos_drm_register_dma()
    - m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch
    - btrfs: tree-log: check btrfs_lookup_data_extent return value
    - ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER
    - ASoC: Intel: Skylake: Fix passing loadable flag for module
    - of: Don't allow __of_attached_node_sysfs() without CONFIG_SYSFS
    - mmc: sdhci-of-arasan: Check return value of non-void funtions
    - mmc: rtsx_pci: Fix long reads when clock is prescaled
    - selftests/bpf: Enlarge select() timeout for test_maps
    - mmc: core: Return correct emmc response in case of ioctl error
    - cifs: fix wrong release in sess_alloc_buffer() failed path
    - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST
      quirk set"
    - usb: musb: musb_dsps: request_irq() after initializing musb
    - usbip: give back URBs for unsent unlink requests during cleanup
    - usbip:vhci_hcd USB port can get stuck in the disabled state
    - ASoC: rockchip: i2s: Fix regmap_ops hang
    - ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B
    - drm/amdkfd: Account for SH/SE count when setting up cu masks.
    - iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed
    - iwlwifi: mvm: avoid static queue number aliasing
    - iwlwifi: mvm: fix access to BSS elements
    - net/mlx5: DR, Enable QP retransmission
    - parport: remove non-zero check on count
    - ath9k: fix OOB read ar9300_eeprom_restore_internal
    - ath9k: fix sleeping in atomic context
    - net: fix NULL pointer reference in cipso_v4_doi_free
    - fix array-index-out-of-bounds in taprio_change
    - net: w5100: check return value after calling platform_get_resource()
    - parisc: fix crash with signals and alloca
    - ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup()
    - scsi: BusLogic: Fix missing pr_cont() use
    - scsi: qla2xxx: Changes to support kdump kernel
    - scsi: qla2xxx: Sync queue idx with queue_pair_map idx
    - cpufreq: powernv: Fix init_chip_info initialization in numa=off
    - s390/pv: fix the forcing of the swiotlb
    - mm/hugetlb: initialize hugetlb_usage in mm_init
    - mm,vmscan: fix divide by zero in get_scan_count
    - memcg: enable accounting for pids in nested pid namespaces
    - platform/chrome: cros_ec_proto: Send command again when timeout occurs
    - lib/test_stackinit: Fix static initializer test
    - net: dsa: lantiq_gswip: fix maximum frame length
    - drm/msi/mdp4: populate priv->kms in mdp4_kms_init
    - drm/amdgpu: Fix BUG_ON assert
    - drm/panfrost: Simplify lock_region calculation
    - drm/panfrost: Use u64 for size in lock_region
    - drm/panfrost: Clamp lock region to Bifrost minimum
    - btrfs: fix upper limit for max_inline for page size 64K
    - xen: reset legacy rtc flag for PV domU
    - bnx2x: Fix enabling network interfaces without VFs
    - arm64/sve: Use correct size when reinitialising SVE state
    - PM: base: power: don't try to use non-existing RTC for storing data
    - PCI: Add AMD GPU multi-function power dependencies
    - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10
    - drm/etnaviv: return context from etnaviv_iommu_context_get
    - drm/etnaviv: put submit prev MMU context when it exists
    - drm/etnaviv: stop abusing mmu_context as FE running marker
    - drm/etnaviv: keep MMU context across runtime suspend/resume
    - drm/etnaviv: exec and MMU state is lost when resetting the GPU
    - drm/etnaviv: fix MMU context leak on GPU reset
    - drm/etnaviv: reference MMU context when setting up hardware state
    - drm/etnaviv: add missing MMU context put when reaping MMU mapping
    - s390/sclp: fix Secure-IPL facility detection
    - x86/mm: Fix kern_addr_valid() to cope with existing but not present entries
    - tipc: fix an use-after-free issue in tipc_recvmsg
    - net-caif: avoid user-triggerable WARN_ON(1)
    - ptp: dp83640: don't define PAGE0
    - net/l2tp: Fix reference count leak in l2tp_udp_recv_core
    - r6040: Restore MDIO clock frequency after MAC reset
    - tipc: increase timeout in tipc_sk_enqueue()
    - perf machine: Initialize srcline string member in add_location struct
    - net/mlx5: FWTrace, cancel work on alloc pd error flow
    - net/mlx5: Fix potential sleeping in atomic context
    - events: Reuse value read using READ_ONCE instead of re-reading it
    - vhost_net: fix OoB on sendmsg() failure.
    - net/af_unix: fix a data-race in unix_dgram_poll
    - net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup
    - tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
    - qed: Handle management FW error
    - dt-bindings: arm: Fix Toradex compatible typo
    - ibmvnic: check failover_pending in login response
    - KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing
      registers
    - net: hns3: pad the short tunnel frame before sending to hardware
    - net: hns3: change affinity_mask to numa node range
    - net: hns3: disable mac in flr process
    - net: hns3: fix the timing issue of VF clearing interrupt sources
    - mm/memory_hotplug: use "unsigned long" for PFN in zone_for_pfn_range()
    - dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
    - mfd: db8500-prcmu: Adjust map to reality
    - PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms
    - fuse: fix use after free in fuse_read_interrupt()
    - mfd: Don't use irq_create_mapping() to resolve a mapping
    - tracing/probes: Reject events which have the same name of existing one
    - PCI: Add ACS quirks for Cavium multi-function devices
    - Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6
    - net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
    - PCI: ibmphp: Fix double unmap of io_mem
    - ethtool: Fix an error code in cxgb2.c
    - NTB: Fix an error code in ntb_msit_probe()
    - NTB: perf: Fix an error code in perf_setup_inbuf()
    - mfd: axp20x: Update AXP288 volatile ranges
    - PCI: Fix pci_dev_str_match_path() alloc while atomic bug
    - mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set
    - KVM: arm64: Handle PSCI resets before userspace touches vCPU state
    - PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
    - mtd: rawnand: cafe: Fix a resource leak in the error handling path of
      'cafe_nand_probe()'
    - ARC: export clear_user_page() for modules
    - perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64}
    - net: dsa: b53: Fix calculating number of switch ports
    - netfilter: socket: icmp6: fix use-after-scope
    - fq_codel: reject silly quantum parameters
    - qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
    - ip_gre: validate csum_start only on pull
    - net: renesas: sh_eth: Fix freeing wrong tx descriptor
    - Linux 5.4.148
  * Focal update: v5.4.147 upstream stable release (LP: #1946795)
    - Linux 5.4.147
    - upstream stable to v5.4.147
  * CVE-2021-3428
    - ext4: save the error code which triggered an ext4_error() in the superblock
    - ext4: simulate various I/O and checksum errors when reading metadata
    - ext4: save all error info in save_error_info() and drop ext4_set_errno()
    - ext4: check journal inode extents more carefully
  * ip6gretap / erspan / ip6erspan in rtnetlink.sh from net of
    ubuntu_kernel_selftests failed on B-5.4-aws / B-5.4-gke / B-5.4-oracle /
    B-5.4-azure / B-5.4 (LP: #1896448)
    - SAUCE: selftests: rtnetlink: fixes for older iproute2
  * CVE-2019-19449
    - f2fs: fix wrong total_sections check and fsmeta check
    - f2fs: fix to do sanity check on segment/section count
  * kernel bug found when disconnecting one fiber channel interface on Cisco
    Chassis with fnic DRV_VERSION "1.6.0.47" (LP: #1944586)
    - scsi: fnic: Do not call 'scsi_done()' for unhandled commands
  * memfd from ubuntu_kernel_selftests failed to build on B-5.4 (unknown type
    name ‘__u64’) (LP: #1944613)
    - SAUCE: selftests/memfd: fix __u64 not defined build issue
  * Medion Notebook Keyboard not working (LP: #1909814)
    - ACPI: resources: Add DMI-based legacy IRQ override quirk
  * vrf: fix refcnt leak with vxlan slaves (LP: #1945180)
    - ipv4: Fix device used for dst_alloc with local routes
  * Check for changes relevant for security certifications (LP: #1945989)
    - [Packaging] Add a new fips-checks script
    - [Packaging] Add fips-checks as part of finalchecks
  * Fix cold plugged USB device on certain PCIe USB cards (LP: #1945211)
    - Revert "UBUNTU: SAUCE: Revert "usb: core: reduce power-on-good delay time of
      root hub""
    - usb: core: hcd: Add support for deferring roothub registration
    - xhci: Set HCD flag to defer primary roothub registration
    - usb: core: hcd: Modularize HCD stop configuration in usb_stop_hcd()
  * CVE-2021-3759
    - memcg: enable accounting of ipc resources
  * Focal update: v5.4.146 upstream stable release (LP: #1946024)
    - locking/mutex: Fix HANDOFF condition
    - regmap: fix the offset of register error log
    - crypto: mxs-dcp - Check for DMA mapping errors
    - sched/deadline: Fix reset_on_fork reporting of DL tasks
    - power: supply: axp288_fuel_gauge: Report register-address on readb / writeb
      errors
    - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop()
    - sched/deadline: Fix missing clock update in migrate_task_rq_dl()
    - rcu/tree: Handle VM stoppage in stall detection
    - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns()
    - hrtimer: Ensure timerfd notification for HIGHRES=n
    - udf: Check LVID earlier
    - udf: Fix iocharset=utf8 mount option
    - isofs: joliet: Fix iocharset=utf8 mount option
    - bcache: add proper error unwinding in bcache_device_init
    - nvme-tcp: don't update queue count when failing to set io queues
    - nvme-rdma: don't update queue count when failing to set io queues
    - nvmet: pass back cntlid on successful completion
    - power: supply: max17042_battery: fix typo in MAx17042_TOFF
    - s390/cio: add dev_busid sysfs entry for each subchannel
    - libata: fix ata_host_start()
    - crypto: qat - do not ignore errors from enable_vf2pf_comms()
    - crypto: qat - handle both source of interrupt in VF ISR
    - crypto: qat - fix reuse of completion variable
    - crypto: qat - fix naming for init/shutdown VF to PF notifications
    - crypto: qat - do not export adf_iov_putmsg()
    - fcntl: fix potential deadlock for &fasync_struct.fa_lock
    - udf_get_extendedattr() had no boundary checks.
    - s390/kasan: fix large PMD pages address alignment check
    - s390/debug: fix debug area life cycle
    - m68k: emu: Fix invalid free in nfeth_cleanup()
    - sched: Fix UCLAMP_FLAG_IDLE setting
    - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config
    - spi: spi-pic32: Fix issue with uninitialized dma_slave_config
    - genirq/timings: Fix error return code in irq_timings_test_irqs()
    - lib/mpi: use kcalloc in mpi_resize
    - clocksource/drivers/sh_cmt: Fix wrong setting if don't request IRQ for clock
      source channel
    - crypto: qat - use proper type for vf_mask
    - certs: Trigger creation of RSA module signing key if it's not an RSA key
    - regulator: vctrl: Use locked regulator_get_voltage in probe path
    - regulator: vctrl: Avoid lockdep warning in enable/disable ops
    - spi: sprd: Fix the wrong WDG_LOAD_VAL
    - spi: spi-zynq-qspi: use wait_for_completion_timeout to make
      zynq_qspi_exec_mem_op not interruptible
    - EDAC/i10nm: Fix NVDIMM detection
    - drm/panfrost: Fix missing clk_disable_unprepare() on error in
      panfrost_clk_init()
    - media: TDA1997x: enable EDID support
    - soc: rockchip: ROCKCHIP_GRF should not default to y, unconditionally
    - media: cxd2880-spi: Fix an error handling path
    - bpf: Fix a typo of reuseport map in bpf.h.
    - bpf: Fix potential memleak and UAF in the verifier.
    - ARM: dts: aspeed-g6: Fix HVI3C function-group in pinctrl dtsi
    - arm64: dts: renesas: r8a77995: draak: Remove bogus adv7511w properties
    - soc: qcom: rpmhpd: Use corner in power_off
    - media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
    - media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
    - media: dvb-usb: Fix error handling in dvb_usb_i2c_init
    - media: go7007: remove redundant initialization
    - media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats
    - Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
    - 6lowpan: iphc: Fix an off-by-one check of array index
    - netns: protect netns ID lookups with RCU
    - tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
    - ARM: dts: meson8: Use a higher default GPU clock frequency
    - ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties
    - ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties
    - ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties
    - net/mlx5e: Prohibit inner indir TIRs in IPoIB
    - cgroup/cpuset: Fix a partition bug with hotplug
    - net: cipso: fix warnings in netlbl_cipsov4_add_std
    - i2c: highlander: add IRQ check
    - leds: lt3593: Put fwnode in any case during ->probe()
    - leds: trigger: audio: Add an activate callback to ensure the initial
      brightness is set
    - media: em28xx-input: fix refcount bug in em28xx_usb_disconnect
    - media: venus: venc: Fix potential null pointer dereference on pointer fmt
    - PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently
    - PCI: PM: Enable PME if it can be signaled from D3cold
    - soc: qcom: smsm: Fix missed interrupts if state changes while masked
    - debugfs: Return error during {full/open}_proxy_open() on rmmod
    - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
    - PM: EM: Increase energy calculation precision
    - drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs
    - arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7
    - counter: 104-quad-8: Return error when invalid mode during ceiling_write
    - Bluetooth: fix repeated calls to sco_sock_kill
    - drm/msm/dsi: Fix some reference counted resource leaks
    - usb: gadget: udc: at91: add IRQ check
    - usb: phy: fsl-usb: add IRQ check
    - usb: phy: twl6030: add IRQ checks
    - usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse
    - usb: host: ohci-tmio: add IRQ check
    - usb: phy: tahvo: add IRQ check
    - mac80211: Fix insufficient headroom issue for AMSDU
    - lockd: Fix invalid lockowner cast after vfs_test_lock
    - nfsd4: Fix forced-expiry locking
    - usb: gadget: mv_u3d: request_irq() after initializing UDC
    - mm/swap: consider max pages in iomap_swapfile_add_extent
    - Bluetooth: add timeout sanity check to hci_inquiry
    - i2c: iop3xx: fix deferred probing
    - i2c: s3c2410: fix IRQ check
    - rsi: fix error code in rsi_load_9116_firmware()
    - rsi: fix an error code in rsi_probe()
    - ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs
    - ASoC: Intel: Skylake: Fix module resource and format selection
    - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
    - mmc: moxart: Fix issue with uninitialized dma_slave_config
    - bpf: Fix possible out of bound write in narrow load handling
    - CIFS: Fix a potencially linear read overflow
    - i2c: mt65xx: fix IRQ check
    - usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
    - usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA
      config is available
    - tty: serial: fsl_lpuart: fix the wrong mapbase value
    - ASoC: wcd9335: Fix a double irq free in the remove function
    - ASoC: wcd9335: Fix a memory leak in the error handling path of the probe
      function
    - ASoC: wcd9335: Disable irq on slave ports in the remove function
    - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
    - bcma: Fix memory leak for internally-handled cores
    - brcmfmac: pcie: fix oops on failure to resume and reprobe
    - ipv6: make exception cache less predictible
    - ipv4: make exception cache less predictible
    - net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed
    - net: qualcomm: fix QCA7000 checksum handling
    - octeontx2-af: Fix loop in free and unmap counter
    - ipv4: fix endianness issue in inet_rtm_getroute_build_skb()
    - bpf: Introduce BPF nospec instruction for mitigating Spectre v4
    - bpf: Fix leakage due to insufficient speculative store bypass mitigation
    - bpf: verifier: Allocate idmap scratch in verifier env
    - bpf: Fix pointer arithmetic mask tightening under state pruning
    - tty: Fix data race between tiocsti() and flush_to_ldisc()
    - perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op
    - x86/resctrl: Fix a maybe-uninitialized build warning treated as error
    - KVM: s390: index kvm->arch.idle_mask by vcpu_idx
    - KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is
      adjusted
    - KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter
    - fuse: truncate pagecache on atomic_o_trunc
    - fuse: flush extending writes
    - IMA: remove -Wmissing-prototypes warning
    - IMA: remove the dependency on CRYPTO_MD5
    - fbmem: don't allow too huge resolutions
    - backlight: pwm_bl: Improve bootloader/kernel device handover
    - clk: kirkwood: Fix a clocking boot regression
    - Linux 5.4.146
  * AMD A8-7680 (amdgpu): broken Xorg acceleration and hibernation
    (LP: #1920674) // Focal update: v5.4.146 upstream stable release
    (LP: #1946024)
    - drm/amdgpu/acp: Make PM domain really work
  * Focal update: v5.4.145 upstream stable release (LP: #1945517)
    - fscrypt: add fscrypt_symlink_getattr() for computing st_size
    - ext4: report correct st_size for encrypted symlinks
    - f2fs: report correct st_size for encrypted symlinks
    - ubifs: report correct st_size for encrypted symlinks
    - kthread: Fix PF_KTHREAD vs to_kthread() race
    - xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
    - gpu: ipu-v3: Fix i.MX IPU-v3 offset calculations for (semi)planar U/V
      formats
    - reset: reset-zynqmp: Fixed the argument data type
    - qed: Fix the VF msix vectors flow
    - net: macb: Add a NULL check on desc_ptp
    - qede: Fix memset corruption
    - perf/x86/intel/pt: Fix mask of num_address_ranges
    - perf/x86/amd/ibs: Work around erratum #1197
    - perf/x86/amd/power: Assign pmu.module
    - cryptoloop: add a deprecation warning
    - ARM: 8918/2: only build return_address() if needed
    - ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
    - ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
    - ARC: wireup clone3 syscall
    - media: stkwebcam: fix memory leak in stk_camera_probe
    - igmp: Add ip_mc_list lock in ip_check_mc_rcu
    - USB: serial: mos7720: improve OOM-handling in read_mos_reg()
    - ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing
      table (v2)
    - powerpc/boot: Delete unneeded .globl _zimage_start
    - net: ll_temac: Remove left-over debug message
    - mm/page_alloc: speed up the iteration of max_order
    - Revert "r8169: avoid link-up interrupt issue on RTL8106e if user enables
      ASPM"
    - x86/events/amd/iommu: Fix invalid Perf result due to IOMMU PMC power-gating
    - Revert "btrfs: compression: don't try to compress if we don't have enough
      pages"
    - ALSA: usb-audio: Add registration quirk for JBL Quantum 800
    - usb: host: xhci-rcar: Don't reload firmware after the completion
    - usb: mtu3: use @mult for HS isoc or intr
    - usb: mtu3: fix the wrong HS mult value
    - xhci: fix unsafe memory usage in xhci tracing
    - x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
    - PCI: Call Max Payload Size-related fixup quirks early
    - Linux 5.4.145
  * Focal update: v5.4.144 upstream stable release (LP: #1944756)
    - net: qrtr: fix another OOB Read in qrtr_endpoint_post
    - ARC: Fix CONFIG_STACKDEPOT
    - netfilter: conntrack: collect all entries in one cycle
    - once: Fix panic when module unload
    - ovl: fix uninitialized pointer read in ovl_lookup_real_one()
    - mmc: sdhci-msm: Update the software timeout value for sdhc
    - mm, oom: make the calculation of oom badness more accurate
    - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX
      and TX error counters
    - Revert "USB: serial: ch341: fix character loss at high transfer rates"
    - USB: serial: option: add new VID/PID to support Fibocom FG150
    - usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
    - usb: dwc3: gadget: Stop EP0 transfers during pullup disable
    - scsi: core: Fix hang of freezing queue between blocking and running device
    - RDMA/bnxt_re: Add missing spin lock initialization
    - IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
    - e1000e: Fix the max snoop/no-snoop latency for 10M
    - RDMA/efa: Free IRQ vectors on error flow
    - ip_gre: add validation for csum_start
    - xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()'
    - net: marvell: fix MVNETA_TX_IN_PRGRS bit number
    - rtnetlink: Return correct error on changing device netns
    - net: hns3: clear hardware resource when loading driver
    - net: hns3: fix duplicate node in VLAN list
    - net: hns3: fix get wrong pfc_en when query PFC configuration
    - drm/i915: Fix syncmap memory leak
    - usb: gadget: u_audio: fix race condition on endpoint stop
    - perf/x86/intel/uncore: Fix integer overflow on 23 bit left shift of a u32
    - opp: remove WARN when no valid OPPs remain
    - virtio: Improve vq->broken access to avoid any compiler optimization
    - virtio_pci: Support surprise removal of virtio pci device
    - vringh: Use wiov->used to check for read/write desc order
    - qed: qed ll2 race condition fixes
    - qed: Fix null-pointer dereference in qed_rdma_create_qp()
    - drm: Copy drm_wait_vblank to user before returning
    - drm/nouveau/disp: power down unused DP links during init
    - net/rds: dma_map_sg is entitled to merge entries
    - btrfs: fix race between marking inode needs to be logged and log syncing
    - vt_kdsetmode: extend console locking
    - bpf: Track contents of read-only maps as scalars
    - bpf: Fix cast to pointer from integer of different size warning
    - net: dsa: mt7530: fix VLAN traffic leaks again
    - KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
    - arm64: dts: qcom: msm8994-angler: Fix gpio-reserved-ranges 85-88
    - btrfs: fix NULL pointer dereference when deleting device by invalid id
    - Revert "floppy: reintroduce O_NDELAY fix"
    - Revert "parisc: Add assembly implementations for memset, strlen, strcpy,
      strncpy and strcat"
    - net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
    - audit: move put_tree() to avoid trim_trees refcount underflow and UAF
    - Linux 5.4.144

-- Kelsey Skunberg <kelsey.skunberg@canonical.com>  Thu, 21 Oct 2021 16:46:56 -0600

Changed in linux-bluefield (Ubuntu Focal):
status:	Fix Committed → Fix Released

Affects		Status	Importance	Assigned to	Milestone
	linux-bluefield (Ubuntu)	New	Undecided	Unassigned
	Focal	Fix Released	Medium	Bodong Wang

Ubuntu
linux-bluefield package

Fix ignoring ct state match of OVS offload to TC/HW

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntulinux-bluefield package

Fix ignoring ct state match of OVS offload to TC/HW

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux-bluefield package