Bug #1785780 “TB 16 issue on Dell Lattitude 7490 with large amou...” : Cosmic (18.10) : Bugs : linux package : Ubuntu

Ondřej Kolín (ondrej-kolin) on 2018-08-07

description:	updated
summary:	- TB 16 issue on Dell Lattitude 7490 + TB 16 issue on Dell Lattitude 7490 with large amount of data

Ondřej Kolín (ondrej-kolin) on 2018-08-07

description:	updated
description:	updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2018-08-07: Missing required logs.

#1

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1785780

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete
tags:	added: bionic

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: AlsaInfo.txt

#2

AlsaInfo.txt Edit (46.2 KiB, text/plain)

apport information

tags:	added: apport-collected
description:	updated

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: CRDA.txt

#3

CRDA.txt Edit (2.9 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: CurrentDmesg.txt

#4

CurrentDmesg.txt Edit (101.4 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: IwConfig.txt

#5

IwConfig.txt Edit (331 bytes, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: Lspci.txt

#6

Lspci.txt Edit (23.3 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: Lsusb.txt

#7

Lsusb.txt Edit (891 bytes, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: ProcCpuinfo.txt

#8

ProcCpuinfo.txt Edit (9.9 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: ProcCpuinfoMinimal.txt

#9

ProcCpuinfoMinimal.txt Edit (1.2 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: ProcInterrupts.txt

#10

ProcInterrupts.txt Edit (6.1 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: ProcModules.txt

#11

ProcModules.txt Edit (8.5 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: PulseList.txt

#12

PulseList.txt Edit (32.3 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: RfKill.txt

#13

RfKill.txt Edit (303 bytes, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: UdevDb.txt

#14

UdevDb.txt Edit (259.0 KiB, text/plain)

apport information

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-08: WifiSyslog.txt

#15

WifiSyslog.txt Edit (141.5 KiB, text/plain)

apport information

Changed in linux (Ubuntu):
status:	Incomplete → Confirmed

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2018-08-08:

#16

Ok, I think that's because the r8152's serial number on your TB16 is different:
E: ID_SERIAL=Realtek_USB_10_100_1000_LAN_000002000000

Changed in linux (Ubuntu):
assignee:	nobody → Kai-Heng Feng (kaihengfeng)

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2018-08-08:

#17

Please try the kernel in https://people.canonical.com/~khfeng/r8152-tb16-lp1785780/

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-09:

#18

That fixed the issue. Thanks for help :]

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-09:

#19

Is there a way to do the checksum turn off to be delivered f.e. through a kernel module which is able to check if it is necessary the change?

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2018-08-10:

#20

`dmesg | grep TB16`

You should see "Dell TB16 Dock, disable RX aggregation".

Revision history for this message

Ondřej Kolín (ondrej-kolin) wrote on 2018-08-17:

#21

Will this patch go in upstream Ubuntu Kernel or into Linux Kernel?

Revision history for this message

Kai-Heng Feng (kaihengfeng) wrote on 2018-08-20:

#22

Yes.

https://lkml.org/lkml/2018/8/20/42

Kai-Heng Feng (kaihengfeng) on 2018-08-28

description:

updated

Seth Forshee (sforshee) on 2018-08-30

Changed in linux (Ubuntu Cosmic):
status:	Confirmed → Fix Committed

Kleber Sacilotto de Souza (kleber-souza) on 2018-09-04

Changed in linux (Ubuntu Bionic):
status:	New → Fix Committed

Revision history for this message

Brad Figg (brad-figg) wrote on 2018-09-14:

#23

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2018-09-27:

#24

Hi @ondrej-kolin,

Could you please verify if the latest Bionic kernel in -proposed fixes the issue?

Thank you.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-01:

#25

Download full text (23.5 KiB)

This bug was fixed in the package linux - 4.15.0-36.39

---------------
linux (4.15.0-36.39) bionic; urgency=medium

* CVE-2018-14633
- iscsi target: Use hex2bin instead of a re-implementation

* CVE-2018-17182
- mm: get rid of vmacache_flush_all() entirely

linux (4.15.0-35.38) bionic; urgency=medium

* linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

  * device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

  * L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

* CVE-2018-15594
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

  * CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

  * Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

  * Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

  * Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

  * Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

* CVE-2018-15572
- x86/speculation: Protect against userspace-userspace spectreRSB

  * Support Power Management for Thunderbolt Controller (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

* random oopses on s390 systems using NVMe devices (LP: #1790480)
- s390/pci: fix out of bounds access during irq setup

  * [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018...

This bug was fixed in the package linux - 4.15.0-36.39

---------------
linux (4.15.0-36.39) bionic; urgency=medium

* CVE-2018-14633
    - iscsi target: Use hex2bin instead of a re-implementation

* CVE-2018-17182
    - mm: get rid of vmacache_flush_all() entirely

linux (4.15.0-35.38) bionic; urgency=medium

* linux: 4.15.0-35.38 -proposed tracker (LP: #1791719)

* device hotplug of vfio devices can lead to deadlock in vfio_pci_release
    (LP: #1792099)
    - SAUCE: vfio -- release device lock before userspace requests

* L1TF mitigation not effective in some CPU and RAM combinations
    (LP: #1788563)
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+

* CVE-2018-15594
    - x86/paravirt: Fix spectre-v2 mitigations for paravirt guests

* CVE-2017-5715 (Spectre v2 s390x)
    - KVM: s390: implement CPU model only facilities
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - SAUCE: s390: use expoline thunks for all branches generated by the BPF JIT

* Ubuntu18.04.1: cpuidle: powernv: Fix promotion from snooze if next state
    disabled (performance) (LP: #1790602)
    - cpuidle: powernv: Fix promotion from snooze if next state disabled

* Watchdog CPU:19 Hard LOCKUP when kernel crash was triggered (LP: #1790636)
    - powerpc: hard disable irqs in smp_send_stop loop
    - powerpc: Fix deadlock with multiple calls to smp_send_stop
    - powerpc: smp_send_stop do not offline stopped CPUs
    - powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled

* Security fix: check if IOMMU page is contained in the pinned physical page
    (LP: #1785675)
    - vfio/spapr: Use IOMMU pageshift rather than pagesize
    - KVM: PPC: Check if IOMMU page is contained in the pinned physical page

* Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/kbl: Add KBL GT2 sku
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

* CVE-2018-15572
    - x86/speculation: Protect against userspace-userspace spectreRSB

* Support Power Management for Thunderbolt Controller  (LP: #1789358)
    - thunderbolt: Handle NULL boot ACL entries properly
    - thunderbolt: Notify userspace when boot_acl is changed
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

* random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

* [Bionic] Spectre v4 mitigation (Speculative Store Bypass Disable) support
    for arm64 using SMC firmware call to set a hardware chicken bit
    (LP: #1787993) // CVE-2018-3639 (arm64)
    - arm64: alternatives: Add dynamic patching feature
    - KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
    - KVM: arm64: Avoid storing the vcpu pointer on the stack
    - arm/arm64: smccc: Add SMCCC-specific return codes
    - arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
    - arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
    - arm64: Add ARCH_WORKAROUND_2 probing
    - arm64: Add 'ssbd' command-line option
    - arm64: ssbd: Add global mitigation state accessor
    - arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
    - arm64: ssbd: Restore mitigation status on CPU resume
    - arm64: ssbd: Introduce thread flag to control userspace mitigation
    - arm64: ssbd: Add prctl interface for per-thread mitigation
    - arm64: KVM: Add HYP per-cpu accessors
    - arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
    - arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
    - arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
    - [Config] ARM64_SSBD=y

* Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
    - Revert "UBUNTU: SAUCE: net: hns3: Optimize PF CMDQ interrupt switching
      process"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox receiving unknown
      message"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for VF mailbox cannot receiving PF
      response"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
      hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
      shift in hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
      assignment probelm"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
      configuration operation while resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
      phy driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
      resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
      register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
      frequently"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
      command queue register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
      global or core reset"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
      reset cause"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
      hclgevf_main module"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
      selftest"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add configure for mac minimal
      frame size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mailbox message truncated
      problem"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for l4 checksum offload bug"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for waterline not setting
      correctly"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mac pause not disable in
      pfc mode"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix tc setup when netdev is first
      up"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused struct member and
      definition"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix mislead parameter name"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify inconsistent bit mask
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use decimal for bit offset
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unreasonable code comments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove extra space and brackets"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: standardize the handle of return
      value"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unused function warning in VF
      driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify hnae_ to hnae3_"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead
      of kzalloc/dma_map_single"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: give default option while
      dependency HNS3 set"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some unused members of
      some structures"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove a redundant
      hclge_cmd_csq_done"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: using modulo for cyclic counters
      in hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove useless code in
      hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused
      hclge_ring_to_dma_dir"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use lower_32_bits and
      upper_32_bits"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove back in struct hclge_hw"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add unlikely for error check"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the Redundant put_vector
      in hns3_client_uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: print the ret value in error
      information"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: extraction an interface for state
      state init|uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused head file in
      hnae3.c"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add l4_type check for both ipv4
      and ipv6"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add vector status check before
      free vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: rename the interface for
      init_client_instance and uninit_client_instance"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove hclge_get_vector_index
      from hclge_bind_ring_with_vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: RX BD information valid only in
      last BD except VLD bit and buffer size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add support for serdes loopback
      selftest"
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: remove unused hclgevf_cfg_func_mta_filter
    - net: hns3: Fix for VF mailbox cannot receiving PF response
    - net: hns3: Fix for VF mailbox receiving unknown message
    - net: hns3: Optimize PF CMDQ interrupt switching process
    - net: hns3: remove hclge_get_vector_index from hclge_bind_ring_with_vector
    - net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - net: hns3: add vector status check before free vector
    - net: hns3: add l4_type check for both ipv4 and ipv6
    - net: hns3: add unlikely for error check
    - net: hns3: remove unused head file in hnae3.c
    - net: hns3: extraction an interface for state init|uninit
    - net: hns3: print the ret value in error information
    - net: hns3: remove the Redundant put_vector in hns3_client_uninit
    - net: hns3: remove back in struct hclge_hw
    - net: hns3: use lower_32_bits and upper_32_bits
    - net: hns3: remove unused hclge_ring_to_dma_dir
    - net: hns3: remove useless code in hclge_cmd_send
    - net: hns3: remove some redundant assignments
    - net: hns3: simplify hclge_cmd_csq_clean
    - net: hns3: remove a redundant hclge_cmd_csq_done
    - net: hns3: remove some unused members of some structures
    - net: hns3: give default option while dependency HNS3 set
    - net: hns3: use dma_zalloc_coherent instead of kzalloc/dma_map_single
    - net: hns3: modify hnae_ to hnae3_
    - net: hns3: Fix tc setup when netdev is first up
    - net: hns3: Fix for mac pause not disable in pfc mode
    - net: hns3: Fix for waterline not setting correctly
    - net: hns3: Fix for l4 checksum offload bug
    - net: hns3: Fix for mailbox message truncated problem
    - net: hns3: Add configure for mac minimal frame size
    - net: hns3: Fix warning bug when doing lp selftest
    - net: hns3: Fix get_vector ops in hclgevf_main module
    - net: hns3: Remove the warning when clear reset cause
    - net: hns3: Prevent sending command during global or core reset
    - net: hns3: Modify the order of initializing command queue register
    - net: hns3: Reset net device with rtnl_lock
    - net: hns3: Prevent to request reset frequently
    - net: hns3: Correct reset event status register
    - net: hns3: Fix return value error in hns3_reset_notify_down_enet
    - net: hns3: remove unnecessary ring configuration operation while resetting
    - net: hns3: Fix for reset_level default assignment probelm
    - net: hns3: Fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - net: hns3: Fix comments for hclge_get_ring_chain_from_mbx
    - net: hns3: Remove some redundant assignments
    - net: hns3: Standardize the handle of return value
    - net: hns3: Remove extra space and brackets
    - net: hns3: Correct unreasonable code comments
    - net: hns3: Use decimal for bit offset macros
    - net: hns3: Modify inconsistent bit mask macros
    - net: hns3: Fix misleading parameter name
    - net: hns3: Remove unused struct member and definition
    - net: hns3: Add SPDX tags to HNS3 PF driver
    - net: hns3: Add support for serdes loopback selftest
    - net: hns3: Fix for phy link issue when using marvell phy driver
    - SAUCE: {topost} net: hns3: separate roce from nic when resetting

* CVE-2018-6555
    - SAUCE: irda: Only insert new objects into the global database via setsockopt

* CVE-2018-6554
    - SAUCE: irda: Fix memory leak caused by repeated binds of irda socket

* Bionic update: upstream stable patchset 2018-08-31 (LP: #1790188)
    - netfilter: nf_tables: fix NULL pointer dereference on
      nft_ct_helper_obj_dump()
    - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
    - af_key: Always verify length of provided sadb_key
    - gpio: No NULL owner
    - KVM: X86: Fix reserved bits check for MOV to CR3
    - KVM: x86: introduce linear_{read,write}_system
    - KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and
      kvm_write_guest_virt_system
    - staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
    - NFC: pn533: don't send USB data off of the stack
    - usbip: vhci_sysfs: fix potential Spectre v1
    - usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
    - usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
    - Input: xpad - add GPD Win 2 Controller USB IDs
    - phy: qcom-qusb2: Fix crash if nvmem cell not specified
    - usb: gadget: function: printer: avoid wrong list handling in printer_write()
    - usb: gadget: udc: renesas_usb3: disable the controller's irqs for
      reconnecting
    - serial: sh-sci: Stop using printk format %pCr
    - tty/serial: atmel: use port->name as name in request_irq()
    - serial: samsung: fix maxburst parameter for DMA transactions
    - serial: 8250: omap: Fix idling of clocks for unused uarts
    - vmw_balloon: fixing double free when batching mode is off
    - tty: pl011: Avoid spuriously stuck-off interrupts
    - kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
    - Input: goodix - add new ACPI id for GPD Win 2 touch screen
    - crypto: caam - strip input zeros from RSA input buffer
    - crypto: caam - fix DMA mapping dir for generated IV
    - crypto: caam - fix IV DMA mapping and updating
    - crypto: caam/qi - fix IV DMA mapping and updating
    - crypto: caam - fix size of RSA prime factor q
    - crypto: vmx - Remove overly verbose printk from AES init routines
    - crypto: vmx - Remove overly verbose printk from AES XTS init
    - crypto: omap-sham - fix memleak
    - usb: typec: wcove: Remove dependency on HW FSM
    - usb: gadget: udc: renesas_usb3: fix double phy_put()
    - usb: gadget: udc: renesas_usb3: should remove debugfs
    - usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add
      udc
    - usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
    - usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error

* Bionic update: upstream stable patchset 2018-08-29 (LP: #1789666)
    - scsi: sd_zbc: Avoid that resetting a zone fails sporadically
    - mmap: introduce sane default mmap limits
    - mmap: relax file size limit for regular files
    - btrfs: define SUPER_FLAG_METADUMP_V2
    - kconfig: Avoid format overflow warning from GCC 8.1
    - be2net: Fix error detection logic for BE3
    - bnx2x: use the right constant
    - dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
    - enic: set DMA mask to 47 bit
    - ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
    - ip6_tunnel: remove magic mtu value 0xFFF8
    - ipmr: properly check rhltable_init() return value
    - ipv4: remove warning in ip_recv_error
    - ipv6: omit traffic class when calculating flow hash
    - isdn: eicon: fix a missing-check bug
    - kcm: Fix use-after-free caused by clonned sockets
    - netdev-FAQ: clarify DaveM's position for stable backports
    - net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
    - net: metrics: add proper netlink validation
    - net/packet: refine check for priv area size
    - net: phy: broadcom: Fix bcm_write_exp()
    - net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
    - packet: fix reserve calculation
    - qed: Fix mask for physical address in ILT entry
    - sctp: not allow transport timeout value less than HZ/5 for hb_timer
    - team: use netdev_features_t instead of u32
    - vhost: synchronize IOTLB message with dev cleanup
    - vrf: check the original netdevice for generating redirect
    - ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
    - net: phy: broadcom: Fix auxiliary control register reads
    - net-sysfs: Fix memory leak in XPS configuration
    - virtio-net: correctly transmit XDP buff after linearizing
    - net/mlx4: Fix irq-unsafe spinlock usage
    - tun: Fix NULL pointer dereference in XDP redirect
    - virtio-net: correctly check num_buf during err path
    - net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
    - virtio-net: fix leaking page for gso packet during mergeable XDP
    - rtnetlink: validate attributes in do_setlink()
    - cls_flower: Fix incorrect idr release when failing to modify rule
    - PCI: hv: Do not wait forever on a device that has disappeared
    - drm: set FMODE_UNSIGNED_OFFSET for drm files
    - l2tp: fix refcount leakage on PPPoL2TP sockets
    - mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
    - net: ethernet: ti: cpdma: correct error handling for chan create
    - net: ethernet: davinci_emac: fix error handling in probe()
    - net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
    - net : sched: cls_api: deal with egdev path only if needed

* Bionic update: upstream stable patchset 2018-08-24 (LP: #1788897)
    - fix io_destroy()/aio_complete() race
    - mm: fix the NULL mapping case in __isolate_lru_page()
    - objtool: Support GCC 8's cold subfunctions
    - objtool: Support GCC 8 switch tables
    - objtool: Detect RIP-relative switch table references
    - objtool: Detect RIP-relative switch table references, part 2
    - objtool: Fix "noreturn" detection for recursive sibling calls
    - xfs: convert XFS_AGFL_SIZE to a helper function
    - xfs: detect agfl count corruption and reset agfl
    - Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI
    - Input: synaptics - add Lenovo 80 series ids to SMBus
    - Input: elan_i2c_smbus - fix corrupted stack
    - tracing: Fix crash when freeing instances with event triggers
    - tracing: Make the snapshot trigger work with instances
    - selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
    - cfg80211: further limit wiphy names to 64 bytes
    - drm/amd/powerplay: Fix enum mismatch
    - rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
    - platform/chrome: cros_ec_lpc: remove redundant pointer request
    - kbuild: clang: disable unused variable warnings only when constant
    - tcp: avoid integer overflows in tcp_rcv_space_adjust()
    - iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ
    - iio:buffer: make length types match kfifo types
    - iio:kfifo_buf: check for uint overflow
    - iio: adc: select buffer for at91-sama5d2_adc
    - MIPS: lantiq: gphy: Drop reboot/remove reset asserts
    - MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
    - MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
    - scsi: scsi_transport_srp: Fix shost to rport translation
    - stm class: Use vmalloc for the master map
    - hwtracing: stm: fix build error on some arches
    - IB/core: Fix error code for invalid GID entry
    - mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty()
    - Revert "rt2800: use TXOP_BACKOFF for probe frames"
    - intel_th: Use correct device when freeing buffers
    - drm/psr: Fix missed entry in PSR setup time table.
    - drm/i915/lvds: Move acpi lid notification registration to registration phase
    - drm/i915: Disable LVDS on Radiant P845
    - drm/vmwgfx: Use kasprintf
    - drm/vmwgfx: Fix host logging / guestinfo reading error paths
    - nvme: fix extended data LBA supported setting
    - iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after
      resume
    - x86/MCE/AMD: Define a function to get SMCA bank type
    - x86/mce/AMD: Pass the bank number to smca_get_bank_type()
    - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
    - x86/mce/AMD: Carve out SMCA get_block_address() code
    - x86/MCE/AMD: Cache SMCA MISC block addresses

* errors when scanning partition table of corrupted AIX disk (LP: #1787281)
    - partitions/aix: fix usage of uninitialized lv_info and lvname structures
    - partitions/aix: append null character to print data from disk

* tlbie master timeout checkstop (using NVidia/GPU) (LP: #1789772)
    - powerpc/mm/hugetlb: Update huge_ptep_set_access_flags to call
      __ptep_set_access_flags directly
    - powerpc/mm/radix: Move function from radix.h to pgtable-radix.c
    - powerpc/mm: Change function prototype
    - powerpc/mm/radix: Change pte relax sequence to handle nest MMU hang

* performance drop with ATS enabled (LP: #1788097)
    - powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage

* [Regression] kernel crashdump fails on arm64 (LP: #1786878)
    - arm64: export memblock_reserve()d regions via /proc/iomem
    - drivers: acpi: add dependency of EFI for arm64
    - efi/arm: preserve early mapping of UEFI memory map longer for BGRT
    - efi/arm: map UEFI memory map even w/o runtime services enabled
    - arm64: acpi: fix alignment fault in accessing ACPI
    - [Config] CONFIG_ARCH_SUPPORTS_ACPI=y
    - arm64: fix ACPI dependencies
    - ACPI: fix menuconfig presentation of ACPI submenu

* TB 16 issue on Dell Lattitude 7490 with large amount of data (LP: #1785780)
    - r8152: disable RX aggregation on new Dell TB16 dock

* dell_wmi: Unknown key codes (LP: #1762385)
    - platform/x86: dell-wmi: Ignore new rfkill and fn-lock events

* Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform
    - SAUCE: i2c:amd move out pointer in union i2c_event_base
    - SAUCE: i2c:amd Depends on ACPI
    - [Config] i2c: CONFIG_I2C_AMD_MP2=y on x86

* r8169 no internet after suspending (LP: #1779817)
    - r8169: restore previous behavior to accept BIOS WoL settings
    - r8169: don't use MSI-X on RTL8168g
    - r8169: don't use MSI-X on RTL8106e

* Fix Intel Cannon Lake LPSS I2C input clock (LP: #1789790)
    - mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock

* Microphone cannot be detected with front panel audio combo jack on HP Z8-G4
    machine (LP: #1789145)
    - ALSA: hda/realtek - Fix HP Headset Mic can't record

* Tango platform uses __initcall without further checks (LP: #1787945)
    - [Config] disable ARCH_TANGO

* [18.10 FEAT] Add kernel config option "CONFIG_SCLP_OFB" (LP: #1787898)
    - [Config] CONFIG_SCLP_OFB=y for s390x

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Mon, 24 Sep 2018 16:08:41 +0200

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-01:

#26

Download full text (29.0 KiB)

This bug was fixed in the package linux - 4.18.0-8.9

---------------
linux (4.18.0-8.9) cosmic; urgency=medium

* linux: 4.18.0-8.9 -proposed tracker (LP: #1791663)

  * Cosmic update to v4.18.7 stable release (LP: #1791660)
    - rcu: Make expedited GPs handle CPU 0 being offline
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - spi: davinci: fix a NULL pointer dereference
    - spi: pxa2xx: Add support for Intel Ice Lake
    - spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe
    - spi: cadence: Change usleep_range() to udelay(), for atomic context
    - mmc: block: Fix unsupported parallel dispatch of requests
    - mmc: renesas_sdhi_internal_dmac: mask DMAC interrupts
    - mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS
    - readahead: stricter check for bdi io_pages
    - block: fix infinite loop if the device loses discard capability
    - block: blk_init_allocated_queue() set q->fq as NULL in the fail case
    - block: really disable runtime-pm for blk-mq
    - blkcg: Introduce blkg_root_lookup()
    - block: Introduce blk_exit_queue()
    - block: Ensure that a request queue is dissociated from the cgroup controller
    - apparmor: fix bad debug check in apparmor_secid_to_secctx()
    - dma-buf: Move BUG_ON from _add_shared_fence to _add_shared_inplace
    - libertas: fix suspend and resume for SDIO connected cards
    - media: Revert "[media] tvp5150: fix pad format frame height"
    - mailbox: xgene-slimpro: Fix potential NULL pointer dereference
    - Replace magic for trusting the secondary keyring with #define
    - Fix kexec forbidding kernels signed with keys in the secondary keyring to
      boot
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/64s: Fix page table fragment refcount race vs speculative references
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - powerpc/pkeys: Give all threads control of their key permissions
    - powerpc/pkeys: Deny read/write/execute by default
    - powerpc/pkeys: key allocation/deallocation must not change pkey registers
    - powerpc/pkeys: Save the pkey registers before fork
    - powerpc/pkeys: Fix calculation of total pkeys.
    - powerpc/pkeys: Preallocate execute-only key
    - powerpc/nohash: fix pte_access_permitted()
    - powerpc64/ftrace: Include ftrace.h needed for enable/disable calls
    - powerpc/powernv/pci: Work around races in PCI bridge enabling
    - cxl: Fix wrong comparison in cxl_adapter_context_get()
    - IB/mlx5: Honor cnt_set_id_valid flag instead of set_id
    - IB/mlx5: Fix leaking stack memory to userspace
    - IB/srpt: Fix srpt_cm_req_recv() error path (1/2)
    - IB/srpt: Fix srpt_cm_req_recv() error path (2/2)
    - IB/srpt: Support HCAs with more than two ports
    - overflow.h: Add arithmetic shift helper
    - RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq
    - ib_srpt: Fix a use-after-free in srpt_close_ch()
    - ib_srpt: Fix a use-after-free in __srpt_close_all_ch()
    - RDMA/rxe: Set wqe->status correctly if an unexpected...

This bug was fixed in the package linux - 4.18.0-8.9

---------------
linux (4.18.0-8.9) cosmic; urgency=medium

* linux: 4.18.0-8.9 -proposed tracker (LP: #1791663)

* Cosmic update to v4.18.7 stable release (LP: #1791660)
    - rcu: Make expedited GPs handle CPU 0 being offline
    - net: 6lowpan: fix reserved space for single frames
    - net: mac802154: tx: expand tailroom if necessary
    - 9p/net: Fix zero-copy path in the 9p virtio transport
    - spi: davinci: fix a NULL pointer dereference
    - spi: pxa2xx: Add support for Intel Ice Lake
    - spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe
    - spi: cadence: Change usleep_range() to udelay(), for atomic context
    - mmc: block: Fix unsupported parallel dispatch of requests
    - mmc: renesas_sdhi_internal_dmac: mask DMAC interrupts
    - mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS
    - readahead: stricter check for bdi io_pages
    - block: fix infinite loop if the device loses discard capability
    - block: blk_init_allocated_queue() set q->fq as NULL in the fail case
    - block: really disable runtime-pm for blk-mq
    - blkcg: Introduce blkg_root_lookup()
    - block: Introduce blk_exit_queue()
    - block: Ensure that a request queue is dissociated from the cgroup controller
    - apparmor: fix bad debug check in apparmor_secid_to_secctx()
    - dma-buf: Move BUG_ON from _add_shared_fence to _add_shared_inplace
    - libertas: fix suspend and resume for SDIO connected cards
    - media: Revert "[media] tvp5150: fix pad format frame height"
    - mailbox: xgene-slimpro: Fix potential NULL pointer dereference
    - Replace magic for trusting the secondary keyring with #define
    - Fix kexec forbidding kernels signed with keys in the secondary keyring to
      boot
    - powerpc/fadump: handle crash memory ranges array index overflow
    - powerpc/64s: Fix page table fragment refcount race vs speculative references
    - powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
    - powerpc/pkeys: Give all threads control of their key permissions
    - powerpc/pkeys: Deny read/write/execute by default
    - powerpc/pkeys: key allocation/deallocation must not change pkey registers
    - powerpc/pkeys: Save the pkey registers before fork
    - powerpc/pkeys: Fix calculation of total pkeys.
    - powerpc/pkeys: Preallocate execute-only key
    - powerpc/nohash: fix pte_access_permitted()
    - powerpc64/ftrace: Include ftrace.h needed for enable/disable calls
    - powerpc/powernv/pci: Work around races in PCI bridge enabling
    - cxl: Fix wrong comparison in cxl_adapter_context_get()
    - IB/mlx5: Honor cnt_set_id_valid flag instead of set_id
    - IB/mlx5: Fix leaking stack memory to userspace
    - IB/srpt: Fix srpt_cm_req_recv() error path (1/2)
    - IB/srpt: Fix srpt_cm_req_recv() error path (2/2)
    - IB/srpt: Support HCAs with more than two ports
    - overflow.h: Add arithmetic shift helper
    - RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq
    - ib_srpt: Fix a use-after-free in srpt_close_ch()
    - ib_srpt: Fix a use-after-free in __srpt_close_all_ch()
    - RDMA/rxe: Set wqe->status correctly if an unexpected response is received
    - 9p: fix multiple NULL-pointer-dereferences
    - fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
    - 9p/virtio: fix off-by-one error in sg list bounds check
    - net/9p/client.c: version pointer uninitialized
    - net/9p/trans_fd.c: fix race-condition by flushing workqueue before the
      kfree()
    - dm integrity: change 'suspending' variable from bool to int
    - dm thin: stop no_space_timeout worker when switching to write-mode
    - dm cache metadata: save in-core policy_hint_size to on-disk superblock
    - dm cache metadata: set dirty on all cache blocks after a crash
    - dm crypt: don't decrease device limits
    - dm writecache: fix a crash due to reading past end of dirty_bitmap
    - uart: fix race between uart_put_char() and uart_shutdown()
    - Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer()
    - Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind()
    - iio: sca3000: Fix missing return in switch
    - iio: ad9523: Fix displayed phase
    - iio: ad9523: Fix return value for ad952x_store()
    - extcon: Release locking when sending the notification of connector state
    - eventpoll.h: wrap casts in () properly
    - vmw_balloon: fix inflation of 64-bit GFNs
    - vmw_balloon: do not use 2MB without batching
    - vmw_balloon: VMCI_DOORBELL_SET does not check status
    - vmw_balloon: fix VMCI use when balloon built into kernel
    - rtc: omap: fix resource leak in registration error path
    - rtc: omap: fix potential crash on power off
    - tracing: Do not call start/stop() functions when tracing_on does not change
    - tracing/blktrace: Fix to allow setting same value
    - printk/tracing: Do not trace printk_nmi_enter()
    - livepatch: Validate module/old func name length
    - uprobes: Use synchronize_rcu() not synchronize_sched()
    - mfd: hi655x: Fix regmap area declared size for hi655x
    - ovl: fix wrong use of impure dir cache in ovl_iterate()
    - ACPICA: AML Parser: skip opcodes that open a scope upon parse failure
    - ACPICA: Clear status of all events when entering sleep states
    - drivers/block/zram/zram_drv.c: fix bug storing backing_dev
    - sched: idle: Avoid retaining the tick when it has been stopped
    - cpuidle: menu: Handle stopped tick more aggressively
    - cpufreq: governor: Avoid accessing invalid governor_data
    - PM / sleep: wakeup: Fix build error caused by missing SRCU support
    - ALSA: ac97: fix device initialization in the compat layer
    - ALSA: ac97: fix check of pm_runtime_get_sync failure
    - ALSA: ac97: fix unbalanced pm_runtime_enable
    - i2c: designware: Re-init controllers with pm_disabled set on resume
    - KVM: VMX: fixes for vmentry_l1d_flush module parameter
    - KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages
    - xtensa: limit offsets in __loop_cache_{all,page}
    - xtensa: increase ranges in ___invalidate_{i,d}cache_all
    - block, bfq: return nbytes and not zero from struct cftype .write() method
    - pnfs/blocklayout: off by one in bl_map_stripe()
    - nfsd: fix leaked file lock with nfs exported overlayfs
    - NFSv4 client live hangs after live data migration recovery
    - NFSv4: Fix locking in pnfs_generic_recover_commit_reqs
    - NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence()
    - ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
    - ARM: dts: am57xx-idk: Enable dual role for USB2 port
    - pwm: omap-dmtimer: Return -EPROBE_DEFER if no dmtimer platform data
    - mm/tlb: Remove tlb_remove_table() non-concurrent condition
    - iommu/ipmmu-vmsa: Don't register as BUS IOMMU if machine doesn't have IPMMU-
      VMSA
    - iommu/vt-d: Add definitions for PFSID
    - iommu/vt-d: Fix dev iotlb pfsid use
    - sys: don't hold uts_sem while accessing userspace memory
    - userns: move user access out of the mutex
    - ubifs: Fix memory leak in lprobs self-check
    - Revert "UBIFS: Fix potential integer overflow in allocation"
    - ubifs: Check data node size before truncate
    - ubifs: xattr: Don't operate on deleted inodes
    - ubifs: Fix directory size calculation for symlinks
    - ubifs: Fix synced_i_size calculation for xattr inodes
    - pwm: tiehrpwm: Don't use emulation mode bits to control PWM output
    - pwm: tiehrpwm: Fix disabling of output of PWMs
    - fb: fix lost console when the user unplugs a USB adapter
    - udlfb: fix semaphore value leak
    - udlfb: fix display corruption of the last line
    - udlfb: don't switch if we are switching to the same videomode
    - udlfb: set optimal write delay
    - udlfb: make a local copy of fb_ops
    - udlfb: handle allocation failure
    - udlfb: set line_length in dlfb_ops_set_par
    - getxattr: use correct xattr length
    - libnvdimm: Use max contiguous area for namespace size
    - libnvdimm: fix ars_status output length calculation
    - bcache: release dc->writeback_lock properly in bch_writeback_thread()
    - kconfig: fix "Can't open ..." in parallel build
    - perf auxtrace: Fix queue resize
    - crypto: vmx - Fix sleep-in-atomic bugs
    - crypto: aesni - Use unaligned loads from gcm_context_data
    - crypto: arm64/sm4-ce - check for the right CPU feature bit
    - crypto: caam - fix DMA mapping direction for RSA forms 2 & 3
    - crypto: caam/jr - fix descriptor DMA unmapping
    - crypto: caam/qi - fix error path in xts setkey
    - fs/quota: Fix spectre gadget in do_quotactl
    - udf: Fix mounting of Win7 created UDF filesystems
    - cpuidle: menu: Retain tick when shallow state is selected
    - arm64: mm: always enable CONFIG_HOLES_IN_ZONE
    - Linux 4.18.7

* CVE-2017-5715
    - s390: detect etoken facility
    - KVM: s390: add etoken support for guests

* Missing Intel GPU pci-id's (LP: #1789924)
    - drm/i915/whl: Introducing Whiskey Lake platform
    - drm/i915/aml: Introducing Amber Lake platform
    - drm/i915/cfl: Add a new CFL PCI ID.

* [18.10 FEAT] Add kernel config options for SMC-R/D (LP: #1789934)
    - s390/ism: add device driver for internal shared memory
    - CONFIG_ISM=y for s390

* Cosmic update to v4.18.6 stable release (LP: #1791105)
    - PATCH scripts/kernel-doc
    - scripts/kernel-doc: Escape all literal braces in regexes
    - scsi: libsas: dynamically allocate and free ata host
    - xprtrdma: Fix disconnect regression
    - mei: don't update offset in write
    - cifs: add missing support for ACLs in SMB 3.11
    - CIFS: fix uninitialized ptr deref in smb2 signing
    - cifs: add missing debug entries for kconfig options
    - cifs: use a refcount to protect open/closing the cached file handle
    - cifs: check kmalloc before use
    - smb3: enumerating snapshots was leaving part of the data off end
    - smb3: Do not send SMB3 SET_INFO if nothing changed
    - smb3: don't request leases in symlink creation and query
    - smb3: fill in statfs fsid and correct namelen
    - btrfs: use correct compare function of dirty_metadata_bytes
    - btrfs: don't leak ret from do_chunk_alloc
    - Btrfs: fix mount failure after fsync due to hard link recreation
    - Btrfs: fix btrfs_write_inode vs delayed iput deadlock
    - Btrfs: fix send failure when root has deleted files still open
    - Btrfs: send, fix incorrect file layout after hole punching beyond eof
    - hwmon: (k10temp) 27C Offset needed for Threadripper2
    - bpf, arm32: fix stack var offset in jit
    - regulator: arizona-ldo1: Use correct device to get enable GPIO
    - iommu/arm-smmu: Error out only if not enough context interrupts
    - printk: Split the code for storing a message into the log buffer
    - printk: Create helper function to queue deferred console handling
    - printk/nmi: Prevent deadlock when accessing the main log buffer in NMI
    - kprobes/arm64: Fix %p uses in error messages
    - arm64: Fix mismatched cache line size detection
    - arm64: Handle mismatched cache type
    - arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
    - arm64: dts: rockchip: corrected uart1 clock-names for rk3328
    - KVM: arm/arm64: Fix potential loss of ptimer interrupts
    - KVM: arm/arm64: Fix lost IRQs from emulated physcial timer when blocked
    - KVM: arm/arm64: Skip updating PMD entry if no change
    - KVM: arm/arm64: Skip updating PTE entry if no change
    - s390/kvm: fix deadlock when killed by oom
    - perf kvm: Fix subcommands on s390
    - stop_machine: Reflow cpu_stop_queue_two_works()
    - stop_machine: Atomically queue and wake stopper threads
    - ext4: check for NUL characters in extended attribute's name
    - ext4: use ext4_warning() for sb_getblk failure
    - ext4: sysfs: print ext4_super_block fields as little-endian
    - ext4: reset error code in ext4_find_entry in fallback
    - ext4: fix race when setting the bitmap corrupted flag
    - x86/gpu: reserve ICL's graphics stolen memory
    - platform/x86: wmi: Do not mix pages and kmalloc
    - platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too
    - mm: move tlb_table_flush to tlb_flush_mmu_free
    - mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE
    - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
    - x86/speculation/l1tf: Fix off-by-one error when warning that system has too
      much RAM
    - x86/speculation/l1tf: Suggest what to do on systems with too much RAM
    - x86/vdso: Fix vDSO build if a retpoline is emitted
    - x86/process: Re-export start_thread()
    - KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd
    - KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
    - fuse: Don't access pipe->buffers without pipe_lock()
    - fuse: fix initial parallel dirops
    - fuse: fix double request_end()
    - fuse: fix unlocked access to processing queue
    - fuse: umount should wait for all requests
    - fuse: Fix oops at process_init_reply()
    - fuse: Add missed unlock_page() to fuse_readpages_fill()
    - lib/vsprintf: Do not handle %pO[^F] as %px
    - udl-kms: change down_interruptible to down
    - udl-kms: handle allocation failure
    - udl-kms: fix crash due to uninitialized memory
    - udl-kms: avoid division
    - b43legacy/leds: Ensure NUL-termination of LED name string
    - b43/leds: Ensure NUL-termination of LED name string
    - ASoC: dpcm: don't merge format from invalid codec dai
    - ASoC: zte: Fix incorrect PCM format bit usages
    - ASoC: sirf: Fix potential NULL pointer dereference
    - ASoC: wm_adsp: Correct DSP pointer for preloader control
    - soc: qcom: rmtfs-mem: fix memleak in probe error paths
    - pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
    - scsi: qla2xxx: Fix stalled relogin
    - x86/vdso: Fix lsl operand order
    - x86/nmi: Fix NMI uaccess race against CR3 switching
    - x86/irqflags: Mark native_restore_fl extern inline
    - x86/spectre: Add missing family 6 check to microcode check
    - x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
    - hwmon: (nct6775) Fix potential Spectre v1
    - x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit()
    - x86: Allow generating user-space headers without a compiler
    - s390/mm: fix addressing exception after suspend/resume
    - s390/lib: use expoline for all bcr instructions
    - s390: fix br_r1_trampoline for machines without exrl
    - s390/qdio: reset old sbal_state flags
    - s390/numa: move initial setup of node_to_cpumask_map
    - s390/purgatory: Fix crash with expoline enabled
    - s390/purgatory: Add missing FORCE to Makefile targets
    - kprobes: Show blacklist addresses as same as kallsyms does
    - kprobes: Replace %p with other pointer types
    - kprobes/arm: Fix %p uses in error messages
    - kprobes: Make list and blacklist root user read only
    - MIPS: Correct the 64-bit DSP accumulator register size
    - MIPS: memset.S: Fix byte_fixup for MIPSr6
    - MIPS: Always use -march=<arch>, not -<arch> shortcuts
    - MIPS: Change definition of cpu_relax() for Loongson-3
    - MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
    - tpm: Return the actual size when receiving an unsupported command
    - tpm: separate cmd_ready/go_idle from runtime_pm
    - scsi: mpt3sas: Fix calltrace observed while running IO & reset
    - scsi: mpt3sas: Fix _transport_smp_handler() error path
    - scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
    - scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
    - iscsi target: fix session creation failure handling
    - mtd: rawnand: hynix: Use ->exec_op() in hynix_nand_reg_write_op()
    - mtd: rawnand: fsmc: Stop using chip->read_buf()
    - mtd: rawnand: marvell: add suspend and resume hooks
    - mtd: rawnand: qcom: wait for desc completion in all BAM channels
    - clk: rockchip: fix clk_i2sout parent selection bits on rk3399
    - clk: npcm7xx: fix memory allocation
    - PM / clk: signedness bug in of_pm_clk_add_clks()
    - power: generic-adc-battery: fix out-of-bounds write when copying channel
      properties
    - power: generic-adc-battery: check for duplicate properties copied from iio
      channels
    - watchdog: Mark watchdog touch functions as notrace
    - cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
    - x86/dumpstack: Don't dump kernel memory based on usermode RIP
    - Linux 4.18.6
    - updateconfigs after v4.18.6 stable update

* random oopses on s390 systems using NVMe devices (LP: #1790480)
    - s390/pci: fix out of bounds access during irq setup

* [18.10 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver
    binding (LP: #1784331)
    - s390/zcrypt: code beautify
    - s390/zcrypt: AP bus support for alternate driver(s)
    - s390/zcrypt: hex string mask improvements for apmask and aqmask.

* performance drop with ATS enabled (LP: #1788097)
    - powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage

* Fix MCE handling for user access of poisoned device-dax mapping
    (LP: #1774366)
    - device-dax: Convert to vmf_insert_mixed and vm_fault_t
    - device-dax: Enable page_mapping()
    - device-dax: Set page->index
    - filesystem-dax: Set page->index
    - mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages
    - mm, dev_pagemap: Do not clear ->mapping on final put
    - mm, madvise_inject_error: Let memory_failure() optionally take a page
      reference
    - mm, memory_failure: Collect mapping size in collect_procs()
    - filesystem-dax: Introduce dax_lock_mapping_entry()
    - mm, memory_failure: Teach memory_failure() about dev_pagemap pages
    - x86/mm/pat: Prepare {reserve, free}_memtype() for "decoy" addresses
    - x86/memory_failure: Introduce {set, clear}_mce_nospec()
    - libnvdimm, pmem: Restore page attributes when clearing errors

* Reconcile hns3 SAUCE patches with upstream (LP: #1787477)
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix comments for
      hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for using wrong mask and
      shift in hclge_get_ring_chain_from_mbx"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for reset_level default
      assignment probelm"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unnecessary ring
      configuration operation while resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix return value error in
      hns3_reset_notify_down_enet"
    - Revert "UBUNTU: SAUCE: net: hns3: Fix for phy link issue when using marvell
      phy driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: separate roce from nic when
      resetting"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: correct reset event status
      register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent to request reset
      frequently"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: reset net device with rtnl_lock"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify the order of initializeing
      command queue register"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: prevent sending command during
      global or core reset"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Use roce handle when calling roce
      callback function"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the warning when clear
      reset cause"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix get_vector ops in
      hclgevf_main module"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix warning bug when doing lp
      selftest"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add configure for mac minimal
      frame size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mailbox message truncated
      problem"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for l4 checksum offload bug"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for waterline not setting
      correctly"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix for mac pause not disable in
      pfc mode"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix tc setup when netdev is first
      up"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add calling roce callback
      function when link status change"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: optimize the process of notifying
      roce client"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add pf reset for hip08 RoCE"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: Add SPDX tags to hns3 driver"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused struct member and
      definition"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix mislead parameter name"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify inconsistent bit mask
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use decimal for bit offset
      macros"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: fix unreasonable code comments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove extra space and brackets"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: standardize the handle of return
      value"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: modify hnae_ to hnae3_"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use dma_zalloc_coherent instead
      of kzalloc/dma_map_single"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: give default option while
      dependency HNS3 set"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some unused members of
      some structures"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove a redundant
      hclge_cmd_csq_done"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: using modulo for cyclic counters
      in hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: simplify hclge_cmd_csq_clean"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove some redundant
      assignments"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove useless code in
      hclge_cmd_send"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused
      hclge_ring_to_dma_dir"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: use lower_32_bits and
      upper_32_bits"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove back in struct hclge_hw"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add unlikely for error check"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove the Redundant put_vector
      in hns3_client_uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: print the ret value in error
      information"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: extraction an interface for state
      state init|uninit"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove unused head file in
      hnae3.c"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add l4_type check for both ipv4
      and ipv6"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add vector status check before
      free vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: rename the interface for
      init_client_instance and uninit_client_instance"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: remove hclge_get_vector_index
      from hclge_bind_ring_with_vector"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: RX BD information valid only in
      last BD except VLD bit and buffer size"
    - Revert "UBUNTU: SAUCE: {topost} net: hns3: add support for serdes loopback
      selftest"
    - net: hns3: Updates RX packet info fetch in case of multi BD
    - net: hns3: remove hclge_get_vector_index from hclge_bind_ring_with_vector
    - net: hns3: rename the interface for init_client_instance and
      uninit_client_instance
    - net: hns3: add vector status check before free vector
    - net: hns3: add l4_type check for both ipv4 and ipv6
    - net: hns3: add unlikely for error check
    - net: hns3: remove unused head file in hnae3.c
    - net: hns3: extraction an interface for state init|uninit
    - net: hns3: print the ret value in error information
    - net: hns3: remove the Redundant put_vector in hns3_client_uninit
    - net: hns3: remove back in struct hclge_hw
    - net: hns3: use lower_32_bits and upper_32_bits
    - net: hns3: remove unused hclge_ring_to_dma_dir
    - net: hns3: remove useless code in hclge_cmd_send
    - net: hns3: remove some redundant assignments
    - net: hns3: simplify hclge_cmd_csq_clean
    - net: hns3: remove a redundant hclge_cmd_csq_done
    - net: hns3: remove some unused members of some structures
    - net: hns3: give default option while dependency HNS3 set
    - net: hns3: use dma_zalloc_coherent instead of kzalloc/dma_map_single
    - net: hns3: modify hnae_ to hnae3_
    - net: hns3: Fix tc setup when netdev is first up
    - net: hns3: Fix for mac pause not disable in pfc mode
    - net: hns3: Fix for waterline not setting correctly
    - net: hns3: Fix for l4 checksum offload bug
    - net: hns3: Fix for mailbox message truncated problem
    - net: hns3: Add configure for mac minimal frame size
    - net: hns3: Fix warning bug when doing lp selftest
    - net: hns3: Fix get_vector ops in hclgevf_main module
    - net: hns3: Remove the warning when clear reset cause
    - net: hns3: Prevent sending command during global or core reset
    - net: hns3: Modify the order of initializing command queue register
    - net: hns3: Reset net device with rtnl_lock
    - net: hns3: Prevent to request reset frequently
    - net: hns3: Correct reset event status register
    - net: hns3: Fix return value error in hns3_reset_notify_down_enet
    - net: hns3: remove unnecessary ring configuration operation while resetting
    - net: hns3: Fix for reset_level default assignment probelm
    - net: hns3: Fix for using wrong mask and shift in
      hclge_get_ring_chain_from_mbx
    - net: hns3: Fix comments for hclge_get_ring_chain_from_mbx
    - net: hns3: Remove some redundant assignments
    - net: hns3: Standardize the handle of return value
    - net: hns3: Remove extra space and brackets
    - net: hns3: Correct unreasonable code comments
    - net: hns3: Use decimal for bit offset macros
    - net: hns3: Modify inconsistent bit mask macros
    - net: hns3: Fix misleading parameter name
    - net: hns3: Remove unused struct member and definition
    - net: hns3: Add SPDX tags to HNS3 PF driver
    - net: hns3: Add support for serdes loopback selftest
    - net: hns3: Fix for phy link issue when using marvell phy driver

* [Regression] kernel crashdump fails on arm64 (LP: #1786878)
    - arm64: export memblock_reserve()d regions via /proc/iomem
    - drivers: acpi: add dependency of EFI for arm64
    - efi/arm: preserve early mapping of UEFI memory map longer for BGRT
    - efi/arm: map UEFI memory map even w/o runtime services enabled
    - arm64: acpi: fix alignment fault in accessing ACPI
    - [Config] CONFIG_ARCH_SUPPORTS_ACPI=y
    - arm64: fix ACPI dependencies
    - ACPI: fix menuconfig presentation of ACPI submenu

* TB 16 issue on Dell Lattitude 7490 with large amount of data (LP: #1785780)
    - r8152: disable RX aggregation on new Dell TB16 dock

* Support Power Management for Thunderbolt Controller  (LP: #1789358)
    - thunderbolt: Use 64-bit DMA mask if supported by the platform
    - thunderbolt: Do not unnecessarily call ICM get route
    - thunderbolt: No need to take tb->lock in domain suspend/complete
    - thunderbolt: Use correct ICM commands in system suspend
    - thunderbolt: Add support for runtime PM

* Enable AMD PCIe MP2 for AMDI0011 (LP: #1773940)
    - SAUCE: i2c:amd I2C Driver based on PCI Interface for upcoming platform
    - SAUCE: i2c:amd move out pointer in union i2c_event_base
    - SAUCE: i2c:amd Depends on ACPI
    - [Config] i2c: CONFIG_I2C_AMD_MP2=y on x86

* Microphone cannot be detected with front panel audio combo jack on HP Z8-G4
    machine (LP: #1789145)
    - ALSA: hda/realtek - Fix HP Headset Mic can't record

* Please enable CONFIG_PAGE_POISONING (LP: #1783651)
    - [Config] Enable CONFIG_PAGE_POISONING configs

* Tango platform uses __initcall without further checks (LP: #1787945)
    - [Config] disable ARCH_TANGO

* [18.10 FEAT] SMC-Direct (LP: #1786902)
    - net/smc: determine port attributes independent from pnet table
    - net/smc: add pnetid support
    - net/smc: add base infrastructure for SMC-D and ISM
    - net/smc: add pnetid support for SMC-D and ISM
    - net/smc: add SMC-D support in CLC messages
    - net/smc: add SMC-D support in data transfer
    - net/smc: add SMC-D support in af_smc
    - net/smc: add SMC-D diag support
    - net/smc: provide smc mode in smc_diag.c
    - net/smc: eliminate cursor read and write calls
    - net/smc: add function to get link group from link
    - net/smc: use DECLARE_BITMAP for rtokens_used_mask
    - net/smc: remove local variable page in smc_rx_splice()
    - net/smc: Remove a WARN_ON() statement
    - net/smc: Simplify ib_post_(send|recv|srq_recv)() calls
    - net/smc: fewer parameters for smc_llc_send_confirm_link()
    - net/smc: use correct vlan gid of RoCE device
    - net/smc: provide fallback reason code
    - net/smc: improve delete link processing
    - net: simplify sock_poll_wait
    - net/smc: send response to test link signal

* Miscellaneous Ubuntu changes
    - [Config] update annotations for CONFIG_CRYPTO_SPECK_NEON
    - [Config] fix up annotatios for CONFIG_CRYPTO_SPECK

-- Seth Forshee <seth.forshee@canonical.com>  Mon, 10 Sep 2018 07:08:38 -0500

Changed in linux (Ubuntu Cosmic):
status:	Fix Committed → Fix Released

Revision history for this message

Andy Whitcroft (apw) wrote on 2019-02-14:

#27

This bug was erroneously marked for verification in bionic; verification is not required and verification-needed-bionic is being removed.

tags:

added: kernel-fixup-verification-needed-bionic verification-done-bionic
removed: verification-needed-bionic

Brad Figg (brad-figg) on 2019-07-24

tags:	added: ubuntu-certified
tags:	added: cscc

	Status	Importance	Assigned to
Dell Sputnik	New	Undecided	Unassigned
linux (Ubuntu)	Fix Released	Undecided	Kai-Heng Feng
Bionic	Fix Released	Undecided	Unassigned
Cosmic	Fix Released	Undecided	Kai-Heng Feng

Ubuntu
linux package

TB 16 issue on Dell Lattitude 7490 with large amount of data

Bug Description

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntulinux package

TB 16 issue on Dell Lattitude 7490 with large amount of data

Bug Description

CVE References

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
linux package