This bug was fixed in the package linux-azure - 4.15.0-1040.44
---------------
linux-azure (4.15.0-1040.44) xenial; urgency=medium
* linux-azure: 4.15.0-1040.44 -proposed tracker (LP: #1817038)
* Packaging resync (LP: #1786013)
- [Packaging] resync retpoline extraction
* CONFIG_SECURITY_SELINUX_DISABLE should be disabled on 4.15/4.18 Azure
(LP: #1813866)
- [Config]: disable CONFIG_SECURITY_SELINUX_DISABLE
- [Config] Update configs
* Allow I/O schedulers to be loaded with modprobe in linux-azure
(LP: #1813211)
- [Config] linux-azure: Enable all IO schedulers as modules
* [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start() (LP: #1802021)
- srcu: Prohibit call_srcu() use under raw spinlocks
- srcu: Lock srcu_data structure in srcu_gp_start()
[ Ubuntu: 4.15.0-46.49 ]
* linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)
* mprotect fails on ext4 with dax (LP: #1799237)
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion
* kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296! (LP: #1812086)
- iscsi target: fix session creation failure handling
- scsi: iscsi: target: Set conn->sess to NULL when
iscsi_login_set_conn_values
fails
- scsi: iscsi: target: Fix conn_ops double free
* user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
(LP: #1812198)
- selftests: user: return Kselftest Skip code for skipped tests
- selftests: kselftest: change KSFT_SKIP=4 instead of KSFT_PASS
- selftests: kselftest: Remove outdated comment
* RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
- SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
- [Config] CONFIG_RTLWIFI_DEBUG_ST=n
- SAUCE: Add r8822be to signature inclusion list
* kernel oops in bcache module (LP: #1793901)
- SAUCE: bcache: never writeback a discard operation
* CVE-2018-18397
- userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
- userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
- userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
- userfaultfd: shmem: add i_size checks
- userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set
* Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
- HID: i2c-hid: Ignore input report if there's no data present on Elan
touchpanels
* Vsock connect fails with ENODEV for large CID (LP: #1813934)
- vhost/vsock: fix vhost vsock cid hashing inconsistent
* SRU: Fix thinkpad 11e 3rd boot hang (LP: #1804604)
- ACPI / LPSS: Force LPSS quirks on boot
* Bionic update: upstream stable patchset 2019-01-17 (LP: #1812229)
- scsi: sd_zbc: Fix variable type and bogus comment
- KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
parallel.
- x86/apm: Don't access __preempt_count with zeroed fs
- x86/events/intel/ds: Fix bts_interrupt_threshold alignment
- x86/MCE: Remove min interval polling limitation
- fat: fix memory allocation failure handling of match_strdup()
- ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
- ARCv2: [plat-hsdk]: Save accl reg pair by default
- ARC: Fix CONFIG_SWAP
- ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
- ARC: mm: allow mprotect to make stack mappings executable
- mm: memcg: fix use after free in mem_cgroup_iter()
- mm/huge_memory.c: fix data loss when splitting a file pmd
- cpufreq: intel_pstate: Register when ACPI PCCH is present
- vfio/pci: Fix potential Spectre v1
- stop_machine: Disable preemption when waking two stopper threads
- drm/i915: Fix hotplug irq ack on i965/g4x
- drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
- drm/nouveau: Avoid looping through fake MST connectors
- gen_stats: Fix netlink stats dumping in the presence of padding
- ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
- ipv6: fix useless rol32 call on hash
- ipv6: ila: select CONFIG_DST_CACHE
- lib/rhashtable: consider param->min_size when setting initial table size
- net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort
- net: Don't copy pfmemalloc flag in __copy_skb_header()
- skbuff: Unconditionally copy pfmemalloc in __skb_clone()
- net/ipv4: Set oif in fib_compute_spec_dst
- net: phy: fix flag masking in __set_phy_supported
- ptp: fix missing break in switch
- qmi_wwan: add support for Quectel EG91
- tg3: Add higher cpu clock for 5762.
- hv_netvsc: Fix napi reschedule while receive completion is busy
- net/mlx4_en: Don't reuse RX page when XDP is set
- net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite
- ipv6: make DAD fail with enhanced DAD when nonce length differs
- net: usb: asix: replace mii_nway_restart in resume path
- alpha: fix osf_wait4() breakage
- cxl_getfile(): fix double-iput() on alloc_file() failures
- powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle)
- xhci: Fix perceived dead host due to runtime suspend race with event
handler
- KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
- x86/kvmclock: set pvti_cpu0_va after enabling kvmclock
- ALSA: hda/realtek - Yet another Clevo P950 quirk entry
- drm/amdgpu: Reserve VM root shared fence slot for command submission (v3)
- rhashtable: add restart routine in rhashtable_free_and_destroy()
- sch_fq_codel: zero q->flows_cnt when fq_codel_init fails
- sctp: introduce sctp_dst_mtu
- sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
- net: aquantia: vlan unicast address list correct handling
- drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()
* Bionic update: upstream stable patchset 2019-01-15 (LP: #1811877)
- compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
- x86/paravirt: Make native_save_fl() extern inline
- Btrfs: fix duplicate extents after fsync of file with prealloc extents
- cpufreq / CPPC: Set platform specific transition_delay_us
- PCI: exynos: Fix a potential init_clk_resources NULL pointer dereference
- alx: take rtnl before calling __alx_open from resume
- atm: Preserve value of skb->truesize when accounting to vcc
- atm: zatm: Fix potential Spectre v1
- ipv6: sr: fix passing wrong flags to crypto_alloc_shash()
- ipvlan: fix IFLA_MTU ignored on NEWLINK
- ixgbe: split XDP_TX tail and XDP_REDIRECT map flushing
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock
- net: fix use-after-free in GRO with ESP
- net: macb: Fix ptp time adjustment for large negative delta
- net/mlx5e: Avoid dealing with vport representors if not being e-switch
manager
- net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager
- net/mlx5: Fix command interface race in polling mode
- net/mlx5: Fix incorrect raw command length parsing
- net/mlx5: Fix required capability for manipulating MPFS
- net/mlx5: Fix wrong size allocation for QoS ETC TC regitster
- net: mvneta: fix the Rx desc DMA address in the Rx path
- net/packet: fix use-after-free
- net_sched: blackhole: tell upper qdisc about dropped packets
- net: sungem: fix rx checksum support
- net/tcp: Fix socket lookups with SO_BINDTODEVICE
- qede: Adverstise software timestamp caps when PHC is not available.
- qed: Fix setting of incorrect eswitch mode.
- qed: Fix use of incorrect size in memcpy call.
- qed: Limit msix vectors in kdump kernel to the minimum required count.
- r8152: napi hangup fix after disconnect
- stmmac: fix DMA channel hang in half-duplex mode
- strparser: Remove early eaten to fix full tcp receive buffer stall
- tcp: fix Fast Open key endianness
- tcp: prevent bogus FRTO undos with non-SACK flows
- vhost_net: validate sock before trying to put its fd
- VSOCK: fix loopback on big-endian systems
- net: cxgb3_main: fix potential Spectre v1
- rtlwifi: Fix kernel Oops "Fw download fail!!"
- rtlwifi: rtl8821ae: fix firmware is not ready to run
- net: lan78xx: Fix race in tx pending skb size calculation
- crypto: af_alg - Initialize sg_num_bytes in error code path
- mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally
- PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg()
- netfilter: ebtables: reject non-bridge targets
- reiserfs: fix buffer overflow with long warning messages
- KEYS: DNS: fix parsing multiple options
- tls: Stricter error checking in zerocopy sendmsg path
- autofs: fix slab out of bounds read in getname_kernel()
- nsh: set mac len based on inner packet
- bdi: Fix another oops in wb_workfn()
- rds: avoid unenecessary cong_update in loop transport
- net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
- string: drop __must_check from strscpy() and restore strscpy() usages in
cgroup
- nfsd: COPY and CLONE operations require the saved filehandle to be set
- net/sched: act_ife: fix recursive lock and idr leak
- net/sched: act_ife: preserve the action control in case of error
- hinic: reset irq affinity before freeing irq
- nfp: flower: fix mpls ether type detection
- net: macb: initialize bp->queues[0].bp for at91rm9200
- enic: do not overwrite error code
- virtio_net: fix memory leak in XDP_REDIRECT
- netfilter: ipv6: nf_defrag: drop skb dst before queueing
- ipvs: initialize tbl->entries after allocation
- ipvs: initialize tbl->entries in ip_vs_lblc_init_svc()
- bpf: enforce correct alignment for instructions
- bpf, arm32: fix to use bpf_jit_binary_lock_ro api
* Fix non-working pinctrl-intel (LP: #1811777)
- pinctrl: intel: Implement intel_gpio_get_direction callback
- pinctrl: intel: Do pin translation in other GPIO operations as well
* ip6_gre: fix tunnel list corruption for x-netns (LP: #1812875)
- ip6_gre: fix tunnel list corruption for x-netns
* Userspace break as a result of missing patch backport (LP: #1813873)
- tty: Don't hold ldisc lock in tty_reopen() if ldisc present
* kvm_stat : missing python dependency (LP: #1798776)
- tools/kvm_stat: fix python3 issues
- tools/kvm_stat: switch to python3
* [SRU] Fix Xorg crash with nomodeset when BIOS enable 64-bit fb addr
(LP: #1812797)
- vgaarb: Add support for 64-bit frame buffer address
- vgaarb: Keep adding VGA device in queue
* Fix non-working QCA Rome Bluetooth after S3 (LP: #1812812)
- USB: Add new USB LPM helpers
- USB: Consolidate LPM checks to avoid enabling LPM twice
* ptrace-tm-spd-gpr in powerpc/ptrace from ubuntu_kerenl_selftests failed on
Bionic P8 (LP: #1813127)
- selftests/powerpc: Fix ptrace tm failure
* [SRU] IO's are issued with incorrect Scatter Gather Buffer (LP: #1795453)
- scsi: megaraid_sas: Use 63-bit DMA addressing
* Consider enabling CONFIG_NETWORK_PHY_TIMESTAMPING (LP: #1785816)
- [Config] Enable timestamping in network PHY devices
* CVE-2018-19854
- crypto: user - fix leaking uninitialized memory to userspace
* x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000
(LP: #1813532)
- x86/mm: Do not warn about PCI BIOS W+X mappings
* CVE-2019-6133
- fork: record start_time late
* Fix not working Goodix touchpad (LP: #1811929)
- HID: i2c-hid: Disable runtime PM on Goodix touchpad
* bluetooth controller not detected with 4.15 kernel (LP: #1810797)
- SAUCE: btqcomsmd: introduce BT_QCOMSMD_HACK
- [Config] arm64: snapdragon: BT_QCOMSMD_HACK=y
* X1 Extreme: only one of the two SSDs is loaded (LP: #1811755)
- nvme-core: rework a NQN copying operation
- nvme: pad fake subsys NQN vid and ssvid with zeros
- nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN
* Crash on "ip link add foo type ipip" (LP: #1811803)
- SAUCE: fan: Fix NULL pointer dereference
[ Ubuntu: 4.15.0-45.48 ]
* linux: 4.15.0-45.48 -proposed tracker (LP: #1813779)
* External monitors does not work anymore 4.15.0-44 (LP: #1813663)
- SAUCE: Revert "drm/i915/dp: Send DPCD ON for MST before phy_up"
* kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled (LP: #1813727)
- ext4: fix false negatives *and* false positives in
ext4_check_descriptors()
-- Kleber Sacilotto de Souza <kleber.so...@canonical.com> Thu, 21 Feb
2019 14:38:11 +0100
** Changed in: linux-azure (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18397
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19854
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6133
** Changed in: linux-azure (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1802021
Title:
[Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start()
Status in linux package in Ubuntu:
Confirmed
Status in linux-azure package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
New
Status in linux-azure source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Committed
Status in linux-azure source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Committed
Status in linux-azure source package in Cosmic:
Fix Released
Bug description:
We had a customer seeing traces like the following:
tack trace from kern.log:
2018-10-10T04:43:08.542464+00:00 hbp2ann-2 kernel: INFO: task
kworker/u16:0:16678 blocked for more than 120 seconds.
2018-10-10T04:43:08.542503+00:00 hbp2ann-2 kernel: Not tainted
4.15.0-1023-azure #24~16.04.1-Ubuntu
2018-10-10T04:43:08.542513+00:00 hbp2ann-2 kernel: "echo 0 >
/proc/sys/kernel/hung_task_timeout_secs" disables this message.
2018-10-10T04:43:08.547366+00:00 hbp2ann-2 kernel: kworker/u16:0 D 0 16678 2
0x80000000
2018-10-10T04:43:08.547386+00:00 hbp2ann-2 kernel: Workqueue: events_unbound
fsnotify_mark_destroy_workfn
2018-10-10T04:43:08.547395+00:00 hbp2ann-2 kernel: Call Trace:
2018-10-10T04:43:08.547413+00:00 hbp2ann-2 kernel: __schedule+0x3d6/0x8b0
2018-10-10T04:43:08.547422+00:00 hbp2ann-2 kernel: ?
check_preempt_wakeup+0xfb/0x240
2018-10-10T04:43:08.547431+00:00 hbp2ann-2 kernel: ?
sched_clock_local+0x17/0x90
2018-10-10T04:43:08.547440+00:00 hbp2ann-2 kernel: schedule+0x36/0x80
2018-10-10T04:43:08.547448+00:00 hbp2ann-2 kernel:
schedule_timeout+0x1db/0x370
2018-10-10T04:43:08.547458+00:00 hbp2ann-2 kernel: ?
__enqueue_entity+0x5c/0x60
2018-10-10T04:43:08.547467+00:00 hbp2ann-2 kernel: ?
enqueue_entity+0x112/0x670
2018-10-10T04:43:08.547477+00:00 hbp2ann-2 kernel:
wait_for_completion+0xb4/0x140
2018-10-10T04:43:08.547486+00:00 hbp2ann-2 kernel: ? wake_up_q+0x70/0x70
2018-10-10T04:43:08.547510+00:00 hbp2ann-2 kernel:
__synchronize_srcu.part.13+0x85/0xb0
2018-10-10T04:43:08.547535+00:00 hbp2ann-2 kernel: ?
trace_raw_output_rcu_utilization+0x50/0x50
2018-10-10T04:43:08.547560+00:00 hbp2ann-2 kernel: synchronize_srcu+0xd3/0xe0
2018-10-10T04:43:08.547594+00:00 hbp2ann-2 kernel: ?
synchronize_srcu+0xd3/0xe0
2018-10-10T04:43:08.547604+00:00 hbp2ann-2 kernel:
fsnotify_mark_destroy_workfn+0x7c/0xe0
2018-10-10T04:43:08.547612+00:00 hbp2ann-2 kernel:
process_one_work+0x14d/0x410
2018-10-10T04:43:08.547620+00:00 hbp2ann-2 kernel: worker_thread+0x4b/0x460
2018-10-10T04:43:08.547628+00:00 hbp2ann-2 kernel: kthread+0x105/0x140
2018-10-10T04:43:08.547637+00:00 hbp2ann-2 kernel: ?
process_one_work+0x410/0x410
2018-10-10T04:43:08.547645+00:00 hbp2ann-2 kernel: ?
kthread_destroy_worker+0x50/0x50
2018-10-10T04:43:08.547654+00:00 hbp2ann-2 kernel: ? do_syscall_64+0x73/0x130
2018-10-10T04:43:08.547677+00:00 hbp2ann-2 kernel: ? SyS_exit_group+0x14/0x20
2018-10-10T04:43:08.547685+00:00 hbp2ann-2 kernel: ret_from_fork+0x35/0x40
Error Code: INFO: task kworker/u16:0:16678 blocked for more than 120
seconds.
We are seeing more issue with fsnotify related callbacks. These are
not a soft/hard lockup but seem to significantly degrade the
responsiveness of systemd (and from there everything else).
The following upstream commit may fix this issue, but it is in Paul's
RCU tree and not in linux-next or upstream yet:
https://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-
rcu.git/commit/?h=dev&id=1a05c0cd2fee234a10362cc8f66057557cbb291f
srcu: Lock srcu_data structure in srcu_gp_start()
The srcu_gp_start() function is called with the srcu_struct structure's
->lock held, but not with the srcu_data structure's ->lock. This is
problematic because this function accesses and updates the srcu_data
structure's ->srcu_cblist, which is protected by that lock. Failing to
hold this lock can result in corruption of the SRCU callback lists,
which in turn can result in arbitrarily bad results.
This commit therefore makes srcu_gp_start() acquire the srcu_data
structure's ->lock across the calls to rcu_segcblist_advance() and
rcu_segcblist_accelerate(), thus preventing this corruption.
Please investigate this issue and evaluate the proposed fix.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1802021/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
