This bug was fixed in the package linux - 3.16.0-44.59 --------------- linux (3.16.0-44.59) utopic; urgency=low
[ Brad Figg ] * Release Tracking Bug - LP: #1472030 [ Iyappan Subramanian ] * SAUCE: (no-up) drivers: net: xgene: fix: Out of order descriptor bytes read - LP: #1425576 [ Upstream Kernel Changes ] * Revert "tools/vm: fix page-flags build" - LP: #1471170 * NVMe: Add shutdown timeout as module parameter. - LP: #1465136 * Drivers: hv: vmbus: Add support for VMBus panic notifier handler - LP: #1463584 * Drivers: hv: vmbus: Correcting truncation error for constant HV_CRASH_CTL_CRASH_NOTIFY - LP: #1463584 * KVM: nVMX: fix lifetime issues for vmcs02 - LP: #1448269 * KVM: nVMX: Fix nested vmexit ack intr before load vmcs01 - LP: #1448269 * mm/slab_common: support the slub_debug boot option on specific object size - LP: #1456952 * kvm: x86: fix kvm_apic_has_events to check for NULL pointer * cpuidle: powernv: Populate cpuidle state details by querying the device-tree - LP: #1470404 * cpuidle: powernv: Read target_residency value of idle states from DT if available - LP: #1470404 * cpuidle: powernv: Avoid endianness conversions while parsing DT - LP: #1470404 * cpuidle: powernv/pseries: Auto-promotion of snooze to deeper idle state - LP: #1470404 * iio: adis16400: Report pressure channel scale - LP: #1471170 * iio: adis16400: Use != channel indices for the two voltage channels - LP: #1471170 * iio: adis16400: Compute the scan mask from channel indices - LP: #1471170 * iio: adis16400: Remove unused variable - LP: #1471170 * iio: adis16400: Fix burst mode - LP: #1471170 * iio: adis16400: Fix burst transfer for adis16448 - LP: #1471170 * USB: serial: ftdi_sio: Add support for a Motion Tracker Development Board - LP: #1471170 * iio: adc: twl6030-gpadc: Fix modalias - LP: #1471170 * serial: imx: Fix DMA handling for IDLE condition aborts - LP: #1471170 * usb: dwc3: gadget: Fix incorrect DEPCMD and DGCMD status macros - LP: #1471170 * ALSA: usb-audio: Add mic volume fix quirk for Logitech Quickcam Fusion - LP: #1471170 * n_tty: Fix auditing support for cannonical mode - LP: #1471170 * drm/i915/hsw: Fix workaround for server AUX channel clock divisor - LP: #1471170 * x86/asm/irq: Stop relying on magic JMP behavior for early_idt_handlers - LP: #1471170 * lib: Fix strnlen_user() to not touch memory after specified maximum - LP: #1471170 * Input: elantech - fix detection of touchpads where the revision matches a known rate - LP: #1471170 * ALSA: hda/realtek - Add a fixup for another Acer Aspire 9420 - LP: #1471170 * ALSA: usb-audio: add MAYA44 USB+ mixer control names - LP: #1471170 * ALSA: usb-audio: fix missing input volume controls in MAYA44 USB(+) - LP: #1471170 * USB: cp210x: add ID for HubZ dual ZigBee and Z-Wave dongle - LP: #1471170 * Input: elantech - add new icbody type - LP: #1471170 * MIPS: Fix enabling of DEBUG_STACKOVERFLOW - LP: #1471170 * xfrm: fix a race in xfrm_state_lookup_byspi - LP: #1471170 * kconfig: Fix warning "‘jump’ may be used uninitialized" - LP: #1471170 * scripts/sortextable: suppress warning: `relocs_size' may be used uninitialized - LP: #1471170 * thermal: step_wise: Revert optimization - LP: #1471170 * MIPS: KVM: Do not sign extend on unsigned MMIO load - LP: #1471170 * arch/x86/kvm/mmu.c: work around gcc-4.4.4 bug - LP: #1471170 * net: core: Correct an over-stringent device loop detection. - LP: #1471170 * net: phy: Allow EEE for all RGMII variants - LP: #1471170 * net: dp83640: fix broken calibration routine. - LP: #1471170 * net: dp83640: reinforce locking rules. - LP: #1471170 * unix/caif: sk_socket can disappear when state is unlocked - LP: #1471170 * xen/netback: Properly initialize credit_bytes - LP: #1471170 * udp: fix behavior of wrong checksums - LP: #1471170 * xen: netback: read hotplug script once at start of day. - LP: #1471170 * ipv4/udp: Verify multicast group is ours in upd_v4_early_demux() - LP: #1471170 * bridge: disable softirqs around br_fdb_update to avoid lockup - LP: #1471170 * drm/i915: Assume dual channel LVDS if pixel clock necessitates it - LP: #1471170 * Btrfs: send, add missing check for dead clone root - LP: #1471170 * Btrfs: send, don't leave without decrementing clone root's send_progress - LP: #1471170 * btrfs: incorrect handling for fiemap_fill_next_extent return - LP: #1471170 * btrfs: cleanup orphans while looking up default subvolume - LP: #1471170 * iommu/vt-d: Allow RMRR on graphics devices too - LP: #1471170 * iommu/vt-d: Fix passthrough mode with translation-disabled devices - LP: #1471170 * ata: ahci_mvebu: Fix wrongly set base address for the MBus window setting - LP: #1471170 * virtio_pci: Clear stale cpumask when setting irq affinity - LP: #1471170 * irqchip: sunxi-nmi: Fix off-by-one error in irq iterator - LP: #1471170 * pata_octeon_cf: fix broken build - LP: #1471170 * Input: synaptics - add min/max quirk for Lenovo S540 - LP: #1471170 * drm/i915: Fix DDC probe for passive adapters - LP: #1471170 * cfg80211: wext: clear sinfo struct before calling driver - LP: #1471170 * mm/memory_hotplug.c: set zone->wait_table to null after freeing it - LP: #1471170 * ring-buffer-benchmark: Fix the wrong sched_priority of producer - LP: #1471170 * block: fix ext_dev_lock lockdep report - LP: #1471170 * iser-target: Fix variable-length response error completion - LP: #1471170 * iser-target: release stale iser connections - LP: #1471170 * ALSA: hda - adding a DAC/pin preference map for a HP Envy TS machine - LP: #1471170 * drm/mgag200: Reject non-character-cell-aligned mode widths - LP: #1471170 * crypto: caam - fix uninitialized state->buf_dma field - LP: #1471170 * crypto: caam - improve initalization for context state saves - LP: #1471170 * crypto: caam - fix RNG buffer cache alignment - LP: #1471170 * tracing: Have filter check for balanced ops - LP: #1471170 * drm/radeon: fix freeze for laptop with Turks/Thames GPU. - LP: #1471170 * Linux 3.16.7-ckt14 - LP: #1471170 -- Brad Figg <brad.f...@canonical.com> Mon, 06 Jul 2015 17:48:28 -0700 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-1805 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1456952 Title: support the slub_debug boot option on specific object size Status in linux package in Ubuntu: Incomplete Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Fix Released Status in linux source package in Vivid: Fix Released Bug description: [Impact] slub_debug cannot work for specific kmem_cache size. e. g. slub_debug=PU,kmalloc-1024 The slub_debug is used to enable the debugging of use-after-free, poison overwritten, double free. And it also increases the up time of the server when the above mentioned errors happen instead of crashing immediately. However, currently, there exists bug that the slub_debug cannot be applied for the specific object size. This is not helpful to enable the whole system slub_debug because the performance loss will be up to 20%~30% according to the customer's measurement. The patch here to limit the slub_debug only on the specific object size to alleviate the performance loss. [Fix] The slub_debug=PU,kmalloc-xx cannot work because in the create_kmalloc_caches() the s->name is created after the create_kmalloc_cache() is called. The name is NULL in the create_kmalloc_cache() so the kmem_cache_flags() would not set the slub_debug flags to the s->flags. The fix here set up a kmalloc_names string array for the initialization purpose and delete the dynamic name creation of kmalloc_caches. [Test case] Install the patched kernel. sudo reboot sudo vim /etc/default/grub append "slub_debug=FPZU,kmalloc-1024" to GRUB_CMDLINE_LINUX_DEFAULT sudo update-grub sudo reboot # Check if the kmalloc-1024 debug options are enabled sudo cat /sys/kernel/slab/kmalloc-1024/sanity_checks # shoulb be 1 sudo cat /sys/kernel/slab/kmalloc-1024/red_zone # shoulb be 1 sudo cat /sys/kernel/slab/kmalloc-1024/poison # shoulb be 1 # Check other object size sudo cat /sys/kernel/slab/kmalloc-8/sanity_checks # shoulb be 0 sudo cat /sys/kernel/slab/kmalloc-8/red_zone # shoulb be 0 sudo cat /sys/kernel/slab/kmalloc-8/poison # shoulb be 0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1456952/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp