Focal update: v5.4.19 upstream stable release

Bug #1863588 reported by Paolo Pisati
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description

    SRU Justification

       The upstream process for stable tree updates is quite similar
       in scope to the Ubuntu SRU process, e.g., each patch has to
       demonstrably fix a bug, and each patch is vetted by upstream
       by originating either directly from a mainline/stable Linux tree or
       a minimally backported form of that patch. The following upstream
       stable patches should be included in the Ubuntu kernel:

       v5.4.19 upstream stable release
       from git://

Linux 5.4.19
powerpc/kuap: Fix set direction in allow/prevent_user_access()
regulator fix for "regulator: core: Add regulator_is_equal() helper"
rxrpc: Fix service call disconnection
perf/core: Fix mlock accounting in perf_mmap()
clocksource: Prevent double add_timer_on() for watchdog_timer
x86/apic/msi: Plug non-maskable MSI affinity race
cifs: fail i/o on soft mounts if sessionsetup errors out
KVM: Play nice with read-only memslots when querying host page size
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: x86: fix overlap between SPTE_MMIO_MASK and generation
KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit KVM
KVM: x86: use CPUID to locate host page table reserved bits
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
drm/dp_mst: Remove VCPI while disabling topology mgr
btrfs: free block groups after free'ing fs trees
btrfs: use bool argument in free_root_pointers()
x86/timer: Don't skip PIT setup when APIC is disabled or in legacy mode
mfd: bd70528: Fix hour register mask
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug
net/mlx5: Deprecate usage of generic TLS HW capability bit
net/mlx5: Fix deadlock in fs_core
drop_monitor: Do not cancel uninitialized work item
qed: Fix timestamping issue for L2 unicast ptp packets.
ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
taprio: Fix dropping packets when using taprio + ETF offloading
taprio: Use taprio_reset_tc() to reset Traffic Classes configuration
taprio: Add missing policy validation for flags
taprio: Fix still allowing changing the flags during runtime
taprio: Fix enabling offload with wrong number of traffic classes
net: macb: Limit maximum GEM TX length in TSO
net: macb: Remove unnecessary alignment check for TSO
net/mlx5: IPsec, fix memory leak at mlx5_fpga_ipsec_delete_sa_ctx
net/mlx5: IPsec, Fix esp modify function attribute
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net: stmmac: fix a possible endless loop
net_sched: fix a resource leak in tcindex_set_parms()
net: mvneta: move rx_dropped and rx_errors in per-cpu stats
net: dsa: microchip: enable module autoprobe
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan()
dpaa_eth: support all modes with rate adapting PHYs
devlink: report 0 after hitting end in region read
bonding/alb: properly access headers in bond_alb_xmit()
ASoC: sgtl5000: Fix VDDA and VDDIO comparison
regulator: core: Add regulator_is_equal() helper
ubifs: Fix memory leak from c->sup_node
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
virtio_balloon: Fix memory leaks on errors in virtballoon_probe()
virtio-balloon: Fix memory leak when unloading while hinting is in progress
nfsd: Return the correct number of bytes written to the file
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/core: Fix ODP get user pages flow
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
ppp: Adjust indentation into ppp_async_input
NFC: pn544: Adjust indentation in pn544_hci_check_presence
drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
phy: qualcomm: Adjust indentation in read_poll_timeout
mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two
scsi: ufs: Recheck bkops level if bkops is disabled
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
ASoC: meson: axg-fifo: fix fifo threshold setup
percpu: Separate decrypted varaibles anytime encryption can be enabled
broken ping to ipv6 linklocal addresses on debian buster
fix up iter on short count in fuse_direct_io()
virtio-pci: check name when counting MSI-X vectors
virtio-balloon: initialize all vq callbacks
drm/amd/dm/mst: Ignore payload update failures
clk: tegra: Mark fuse clock as critical
mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high power mode
mm/page_alloc.c: fix uninitialized memmaps on a partially populated last section
ocfs2: fix oops when writing cloned file
KVM: s390: do not clobber registers during guest reset/store status
KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation
KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu()
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: x86: Don't let userspace set host-reserved cr4 bits
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
x86/KVM: Clean up host's steal time structure
x86/kvm: Cache gfn to pfn translation
x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed
x86/kvm: Introduce kvm_(un)map_gfn()
x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit
kvm/svm: PKU not currently supported
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
aio: prevent potential eventfd recursion on poll
eventfd: track eventfd_signal() recursion depth
bcache: add readahead cache policy options via sysfs interface
watchdog: fix UAF in reboot notifier handling in watchdog core code
xen/balloon: Support xend-based toolstack take two
tools/kvm_stat: Fix kvm_exit filter name
media: rc: ensure lirc is initialized before registering input device
media: iguanair: fix endpoint sanity check
drm/rect: Avoid division by zero
drm: atmel-hlcdc: prefer a lower pixel-clock than requested
drm: atmel-hlcdc: enable clock before configuring timing engine
drm: atmel-hlcdc: use double rate for pixel clock only if supported
gfs2: fix O_SYNC write handling
gfs2: move setting current->backing_dev_info
gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
iwlwifi: don't throw error when trying to remove IGTK
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
btrfs: Correctly handle empty trees in find_first_clear_extent_bit
btrfs: flush write bio if we loop in extent_write_cache_pages
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: drop log root for dropped roots
btrfs: set trans->drity in btrfs_commit_transaction
Btrfs: fix infinite loop during fsync after rename operations
Btrfs: make deduplication with range including the last block work
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
ext4: fix race conditions in ->d_compare() and ->d_hash()
ext4: fix deadlock allocating crypto bounce page from mempool
jbd2_seq_info_next should increase position index
nfsd: fix filecache lookup
NFS: Directory page cache pages need to be locked when read
NFS: Fix memory leaks and corruption in readdir
scsi: qla2xxx: Fix unbound NVME response length
powerpc/futex: Fix incorrect user access blocking
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
crypto: api - Fix race condition in crypto_spawn_alg
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: arm64/ghash-neon - bump priority to 150
crypto: ccp - set max RSA modulus size for v3 platform devices as well
crypto: hisilicon - Use the offset fields in sqe to avoid need to split scatterlists
crypto: api - fix unexpectedly getting generic implementation
selftests: bpf: Ignore FIN packets for reuseport tests
selftests: bpf: Use a temporary file in test_sockmap
selftests/bpf: Skip perf hw events test if the setup disabled it
selftests/bpf: Fix test_attach_probe
samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach
samples/bpf: Don't try to remove user's homedir on clean
tc-testing: fix eBPF tests failure on linux fresh clones
libbpf: Fix realloc usage in bpf_core_find_cands
bpf, devmap: Pass lockdep expression to RCU lists
selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs
riscv, bpf: Fix broken BPF tail calls
btrfs: Handle another split brain scenario with metadata uuid feature
btrfs: fix improper setting of scanned for range cyclic write cache pages
crypto: pcrypt - Avoid deadlock by using per-instance padata queues
ftrace: Protect ftrace_graph_hash with ftrace_sync
ftrace: Add comment to why rcu_dereference_sched() is open coded
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
tracing: Annotate ftrace_graph_hash pointer with __rcu
ASoC: SOF: core: release resources on errors in probe_continue
ASoC: SOF: Introduce state machine for FW boot
scsi: qla2xxx: Fix stuck login session using prli_pend_timer
dm: fix potential for q->make_request_fn NULL pointer
dm thin metadata: use pool locking at end of dm_pool_metadata_close
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm crypt: fix GFP flags passed to skcipher_request_alloc()
dm writecache: fix incorrect flush sequence when doing SSD mode commit
dm space map common: fix to ensure new block isn't already in use
dm zoned: support zone sizes smaller than 128MiB
ARM: dma-api: fix max_pfn off-by-one error in __dma_supported()
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
cpufreq: Avoid creating excessively large stack frames
PM: core: Fix handling of devices deleted during system-wide resume
f2fs: fix race conditions in ->d_compare() and ->d_hash()
f2fs: fix dcache lookup of !casefolded directories
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
ovl: fix lseek overflow on 32bit
ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
power: supply: ltc2941-battery-gauge: fix use-after-free
power: supply: axp20x_ac_power: Fix reporting online status
cpupower: Revert library ABI changes from commit ae2917093fb60bdc1ed3e
scsi: qla2xxx: Fix mtcp dump collection failure
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
erofs: fix out-of-bound read for shifted uncompressed block
scripts/find-unused-docs: Fix massive false positives
fs: allow deduplication of eof block into the end of the destination file
padata: Remove broken queue flushing
crypto: ccree - fix PM race condition
crypto: ccree - fix FDE descriptor sequence
crypto: ccree - fix pm wrongful error reporting
crypto: ccree - fix AEAD decrypt auth fail
crypto: ccree - fix backlog memory leak
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
nvmem: core: fix memory abort in cleanup path
mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
hv_balloon: Balloon up according to request page number
ASoC: SOF: core: free trace on errors
mmc: sdhci-of-at91: fix memleak on clk_get failure
ubifs: Fix deadlock in concurrent bulk-read and writepage
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Fix wrong memory allocation
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: don't print name of busy file when removing key
alarmtimer: Unregister wakeup source when module get fails
ACPI / battery: Deal better with neither design nor full capacity not being reported
ACPI / battery: Use design-cap for capacity calculations if full-cap is not available
ACPI / battery: Deal with design or full capacity being reported as -1
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
mmc: spi: Toggle SPI polarity, do not hardcode it
PCI: keystone: Fix error handling when "num-viewport" DT property is not populated
PCI: keystone: Fix link training retries initiation
PCI: keystone: Fix outbound region mapping
PCI: tegra: Fix return value check of pm_runtime_get_sync()
tracing: Fix now invalid var_ref_vals assumption in trace action
powerpc/32s: Fix CPU wake-up from sleep mode
powerpc/32s: Fix bad_kuap_fault()
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
powerpc/xmon: don't access ASDR in VMs
powerpc/ptdump: Fix W+X verification
powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
MIPS: boot: fix typo in 'vmlinux.lzma.its' target
MIPS: fix indentation of the 'RELOCS' message
MIPS: syscalls: fix indentation of the 'SYSNR' message
KVM: arm64: Only sign-extend MMIO up to register width
KVM: arm/arm64: Correct AArch32 SPSR on exception entry
KVM: arm/arm64: Correct CPSR on exception entry
KVM: arm64: Correct PSTATE on exception entry
arm64: acpi: fix DAIF manipulation with pNMI
ALSA: hda: Add JasperLake PCI ID and codec vid
ALSA: hda: Add Clevo W65_67SB the power_save blacklist
ALSA: hda: Apply aligned MMIO access only conditionally
platform/x86: intel_scu_ipc: Fix interrupt support
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
irqdomain: Fix a memory leak in irq_domain_push_irq()
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
media: v4l2-core: compat: ignore native command codes
media/v4l2-core: set pages dirty upon releasing DMA buffers
mm: move_pages: report the number of non-attempted pages
mm: thp: don't need care deferred split queue in memcg charge move path
mm/memory_hotplug: fix remove_memory() lockdep splat
utimes: Clamp the timestamps in notify_change()
mmc: sdhci-pci: Make function amd_sdhci_reset static
mm/sparse.c: reset section's mem_map when fully deactivated
memcg: fix a crash in wb_workfn when a device disappears
ALSA: dummy: Fix PCM format loop in proc output
ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk
ALSA: usb-audio: Fix endianess in descriptor validation
usb: gadget: f_ecm: Use atomic_t to track in-flight request
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer
objtool: Silence build output
usb: typec: tcpci: mask event interrupts when remove driver
usb: dwc3: gadget: Delay starting transfer
usb: dwc3: gadget: Check END_TRANSFER completion
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
Bluetooth: btusb: Disable runtime suspend on Realtek devices
Bluetooth: btusb: fix memory leak on fw
nvmet: Fix controller use after free
nvmet: Fix error print message at nvmet_install_queue function
rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
srcu: Apply *_ONCE() to ->srcu_last_gp_end
rcu: Avoid data-race in rcu_gp_fqs_check_wake()
rcu: Use *_ONCE() to protect lockless ->expmask accesses
tracing: Fix sched switch start/stop refcount racy updates
tracing/kprobes: Have uname use __get_str() in print_fmt
ipc/msg.c: consolidate all xxxctl_down() functions
netfilter: ipset: fix suspicious RCU usage in find_set_and_id
mfd: dln2: More sanity checking for endpoints
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
bnxt_en: Fix logic that disables Bus Master during firmware reset.
netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init()
MAINTAINERS: correct entries for ISDN/mISDN section
ionic: fix rxq comp packet type mask
tcp: clear tp->segs_{in|out} in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->total_retrans in tcp_disconnect()
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
rxrpc: Fix missing active use pinning of rxrpc_local object
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix use-after-free in rxrpc_put_local()
bnxt_en: Fix TC queue mapping.
net: stmmac: Delete txtimer in suspend()
net_sched: fix an OOB access in cls_tcindex
net: hsr: fix possible NULL deref in hsr_handle_frame()
l2tp: Allow duplicate session creation with UDP
gtp: use __GFP_NOWARN to avoid memalloc warning
cls_rsvp: fix rsvp_policy
bnxt_en: Move devlink_register before registering netdev
sparc32: fix struct ipc64_perm type definition

Paolo Pisati (p-pisati)
Changed in linux-5.4 (Ubuntu):
status: New → Confirmed
tags: added: kernel-stable-tracking-bug
affects: linux-5.4 (Ubuntu) → linux (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.