This bug was fixed in the package linux - 5.0.0-27.28
---------------
linux (5.0.0-27.28) disco; urgency=medium
* disco/linux: 5.0.0-27.28 -proposed tracker (LP: #1840816)
* [Potential Regression] System crashes when running ftrace test in
ubuntu_kernel_selftests (LP: #1840750)
- x86/kprobes: Set instruction page as executable
linux (5.0.0-26.27) disco; urgency=medium
* disco/linux: 5.0.0-26.27 -proposed tracker (LP: #1839972)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* alsa/hdmi: add icelake hdmi audio support for a Dell machine (LP: #1836916)
- ALSA: hda: hdmi - add Icelake support
- ALSA: hda/hdmi - Remove duplicated define
- ALSA: hda/hdmi - Fix i915 reverse port/pin mapping
* input/mouse: alps trackpoint-only device doesn't work (LP: #1836752)
- Input: alps - don't handle ALPS cs19 trackpoint-only device
- Input: alps - fix a mismatch between a condition check and its comment
* [18.04 FEAT] Enhanced hardware support (LP: #1836857)
- s390: report new CPU capabilities
- s390: add alignment hints to vector load and store
* System does not auto detect disconnection of external monitor (LP: #1835001)
- drm/i915: Add support for retrying hotplug
- drm/i915: Enable hotplug retry
* [18.04 FEAT] Enhanced CPU-MF hardware counters - kernel part (LP: #1836860)
- s390/cpum_cf: Add support for CPU-MF SVN 6
- s390/cpumf: Add extended counter set definitions for model 8561 and 8562
* EeePC 1005px laptop backlight is off after system boot up (LP: #1837117)
- platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys
from
asus_nb_wmi
* br_netfilter: namespace sysctl operations (LP: #1836910)
- netfilter: bridge: port sysctls to use brnf_net
- netfilter: bridge: namespace bridge netfilter sysctls
- netfilter: bridge: prevent UAF in brnf_exit_net()
* ideapad_laptop disables WiFi/BT radios on Lenovo Y540 (LP: #1837136)
- platform/x86: ideapad-laptop: Remove no_hw_rfkill_list
* shiftfs: allow overlayfs (LP: #1838677)
- SAUCE: shiftfs: enable overlayfs on shiftfs
* bcache: bch_allocator_thread(): hung task timeout (LP: #1784665)
- bcache: never writeback a discard operation
- bcache: improve bcache_reboot()
- SAUCE: bcache: fix deadlock in bcache_allocator
* Regressions in CMA allocation rework (LP: #1839395)
- dma-contiguous: do not overwrite align in dma_alloc_contiguous()
- dma-contiguous: page-align the size in dma_free_contiguous()
* CVE-2019-3900
- vhost: introduce vhost_exceeds_weight()
- vhost_net: fix possible infinite loop
- vhost: vsock: add weight support
- vhost: scsi: add weight support
* Disco update: 5.0.21 upstream stable release (LP: #1837518)
- bonding/802.3ad: fix slave link initialization transition states
- cxgb4: offload VLAN flows regardless of VLAN ethtype
- inet: switch IP ID generator to siphash
- ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
- ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
- ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
- ipv6: Fix redirect with VRF
- llc: fix skb leak in llc_build_and_send_ui_pkt()
- mlxsw: spectrum_acl: Avoid warning after identical rules insertion
- net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
- net: fec: fix the clk mismatch in failed_reset path
- net-gro: fix use-after-free read in napi_gro_frags()
- net: mvneta: Fix err code path of probe
- net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
- net: phy: marvell10g: report if the PHY fails to boot firmware
- net: sched: don't use tc_action->order during action dump
- net: stmmac: fix reset gpio free missing
- r8169: fix MAC address being lost in PCI D3
- usbnet: fix kernel crash after disconnect
- net/mlx5: Avoid double free in fs init error unwinding path
- tipc: Avoid copying bytes beyond the supplied data
- net/mlx5: Allocate root ns memory using kzalloc to match kfree
- net/mlx5e: Disable rxhash when CQE compress is enabled
- net: stmmac: fix ethtool flow control not able to get/set
- net: stmmac: dma channel control register need to be init first
- bnxt_en: Fix aggregation buffer leak under OOM condition.
- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix().
- bnxt_en: Reduce memory usage when running in kdump kernel.
- net/tls: fix state removal with feature flags off
- net/tls: don't ignore netdev notifications if no TLS features
- cxgb4: Revert "cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size"
- net: correct zerocopy refcnt with udp MSG_MORE
- crypto: vmx - ghash: do nosimd fallback manually
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
- Revert "tipc: fix modprobe tipc failed after switch order of device
registration"
- tipc: fix modprobe tipc failed after switch order of device registration
- Linux 5.0.21
* Disco update: 5.0.20 upstream stable release (LP: #1837517)
- x86: Hide the int3_emulate_call/jmp functions from UML
- ext4: do not delete unlinked inode from orphan list on failed truncate
- ext4: wait for outstanding dio during truncate in nojournal mode
- KVM: x86: fix return value for reserved EFER
- bio: fix improper use of smp_mb__before_atomic()
- sbitmap: fix improper use of smp_mb__before_atomic()
- Revert "scsi: sd: Keep disk read-only when re-reading partition"
- crypto: hash - fix incorrect HASH_MAX_DESCSIZE
- crypto: vmx - CTR: always increment IV as quadword
- mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time
problem
- mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem
- kvm: svm/avic: fix off-by-one in checking host APIC ID
- libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead
- arm64/kernel: kaslr: reduce module randomization range to 2 GB
- arm64/iommu: handle non-remapped addresses in ->mmap and ->get_sgtable
- gfs2: Fix sign extension bug in gfs2_update_stats
- btrfs: don't double unlock on error in btrfs_punch_hole
- Btrfs: do not abort transaction at btrfs_update_root() after failure to
COW
path
- Btrfs: avoid fallback to transaction commit during fsync of files with
holes
- Btrfs: fix race between ranged fsync and writeback of adjacent ranges
- btrfs: sysfs: Fix error path kobject memory leak
- btrfs: sysfs: don't leak memory when failing add fsid
- fbdev: fix divide error in fb_var_to_videomode
- cifs: fix credits leak for SMB1 oplock breaks
- arm64: errata: Add workaround for Cortex-A76 erratum #1463225
- [Config] Add CONFIG_ARM64_ERRATUM_1463225
- btrfs: honor path->skip_locking in backref code
- ovl: relax WARN_ON() for overlapping layers use case
- fbdev: fix WARNING in __alloc_pages_nodemask bug
- media: cpia2: Fix use-after-free in cpia2_exit
- media: serial_ir: Fix use-after-free in serial_ir_init_module
- media: vb2: add waiting_in_dqbuf flag
- media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
- ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit
- bpf: devmap: fix use-after-free Read in __dev_map_entry_free
- batman-adv: mcast: fix multicast tt/tvlv worker locking
- at76c50x-usb: Don't register led_trigger if usb_register_driver failed
- acct_on(): don't mess with freeze protection
- netfilter: ctnetlink: Resolve conntrack L3-protocol flush regression
- Revert "btrfs: Honour FITRIM range constraints during free space trim"
- gfs2: Fix lru_count going negative
- cxgb4: Fix error path in cxgb4_init_module
- afs: Fix getting the afs.fid xattr
- NFS: make nfs_match_client killable
- gfs2: fix race between gfs2_freeze_func and unmount
- IB/hfi1: Fix WQ_MEM_RECLAIM warning
- gfs2: Fix occasional glock use-after-free
- mmc: core: Verify SD bus width
- tools/bpf: fix perf build error with uClibc (seen on ARC)
- selftests/bpf: set RLIMIT_MEMLOCK properly for test_libbpf_open.c
- bpftool: exclude bash-completion/bpftool from .gitignore pattern
- ice: Separate if conditions for ice_set_features()
- blk-mq: split blk_mq_alloc_and_init_hctx into two parts
- blk-mq: grab .q_usage_counter when queuing request from plug code path
- dmaengine: tegra210-dma: free dma controller in remove()
- net: ena: gcc 8: fix compilation warning
- net: ena: fix: set freed objects to NULL to avoid failing future
allocations
- hv_netvsc: fix race that may miss tx queue wakeup
- Bluetooth: Ignore CC events not matching the last HCI command
- pinctrl: zte: fix leaked of_node references
- ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE
- usb: dwc2: gadget: Increase descriptors count for ISOC's
- usb: dwc3: move synchronize_irq() out of the spinlock protected block
- usb: gadget: f_fs: don't free buffer prematurely
- ASoC: hdmi-codec: unlock the device on startup errors
- powerpc/perf: Return accordingly on invalid chip-id in
- powerpc/boot: Fix missing check of lseek() return value
- powerpc/perf: Fix loop exit condition in nest_imc_event_init
- spi: atmel-quadspi: fix crash while suspending
- ASoC: imx: fix fiq dependencies
- spi: pxa2xx: fix SCR (divisor) calculation
- brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler()
- ACPI / property: fix handling of data_nodes in acpi_get_next_subnode()
- drm/nouveau/bar/nv50: ensure BAR is mapped
- media: stm32-dcmi: return appropriate error codes during probe
- ARM: vdso: Remove dependency with the arch_timer driver internals
- arm64: Fix compiler warning from pte_unmap() with
-Wunused-but-set-variable
- x86/ftrace: Set trampoline pages as executable
- powerpc/watchdog: Use hrtimers for per-CPU heartbeat
- sched/cpufreq: Fix kobject memleak
- scsi: qla2xxx: Fix a qla24xx_enable_msix() error path
- scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending()
- scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in
tcm_qla2xxx_close_session()
- scsi: qla2xxx: Fix hardirq-unsafe locking
- x86/modules: Avoid breaking W^X while loading modules
- Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota
reserve
- btrfs: fix panic during relocation after ENOSPC before writeback happens
- btrfs: Don't panic when we can't find a root key
- iwlwifi: pcie: don't crash on invalid RX interrupt
- rtc: 88pm860x: prevent use-after-free on device remove
- rtc: stm32: manage the get_irq probe defer case
- scsi: qedi: Abort ep termination if offload not scheduled
- s390/kexec_file: Fix detection of text segment in ELF loader
- ALSA: hda: fix unregister device twice on ASoC driver
- sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs
- net: ethernet: ti: cpsw: fix allmulti cfg in dual_mac mode
- w1: fix the resume command API
- net: phy: improve genphy_soft_reset
- s390: qeth: address type mismatch warning
- dmaengine: pl330: _stop: clear interrupt status
- mac80211/cfg80211: update bss channel on channel switch
- libbpf: fix samples/bpf build failure due to undefined UINT32_MAX
- slimbus: fix a potential NULL pointer dereference in
of_qcom_slim_ngd_register
- ASoC: fsl_sai: Update is_slave_mode with correct value
- Fix nfs4.2 return -EINVAL when do dedupe operation
- mwifiex: prevent an array overflow
- rsi: Fix NULL pointer dereference in kmalloc
- net: cw1200: fix a NULL pointer dereference
- nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE
- nvme-rdma: fix a NULL deref when an admin connect times out
- nvme-tcp: fix a NULL deref when an admin connect times out
- crypto: sun4i-ss - Fix invalid calculation of hash end
- bcache: avoid potential memleak of list of journal_replay(s) in the
CACHE_SYNC branch of run_cache_set
- bcache: return error immediately in bch_journal_replay()
- bcache: fix failure in journal relplay
- bcache: add failure check to run_cache_set() for journal replay
- bcache: avoid clang -Wunintialized warning
- RDMA/cma: Consider scope_id while binding to ipv6 ll address
- vfio-ccw: Do not call flush_workqueue while holding the spinlock
- vfio-ccw: Release any channel program when releasing/removing vfio-ccw
mdev
- x86/build: Move _etext to actual end of .text
- smpboot: Place the __percpu annotation correctly
- x86/uaccess: Dont leak the AC flag into __put_user() argument evaluation
- x86/mm: Remove in_nmi() warning from 64-bit implementation of
vmalloc_fault()
- mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC
versions
- Bluetooth: hci_qca: Give enough time to ROME controller to bootup.
- Bluetooth: btbcm: Add default address for BCM43341B
- HID: logitech-hidpp: use RAP instead of FAP to get the protocol version
- pinctrl: pistachio: fix leaked of_node references
- pinctrl: st: fix leaked of_node references
- pinctrl: samsung: fix leaked of_node references
- clk: rockchip: undo several noc and special clocks as critical on rk3288
- perf/arm-cci: Remove broken race mitigation
- dmaengine: at_xdmac: remove BUG_ON macro in tasklet
- media: coda: clear error return value before picture run
- media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper
- media: au0828: stop video streaming only when last user stops
- media: ov2659: make S_FMT succeed even if requested format doesn't match
- audit: fix a memory leak bug
- media: stm32-dcmi: fix crash when subdev do not expose any formats
- media: au0828: Fix NULL pointer dereference in
au0828_analog_stream_enable()
- media: pvrusb2: Prevent a buffer overflow
- iio: adc: stm32-dfsdm: fix unmet direct dependencies detected
- block: fix use-after-free on gendisk
- powerpc/numa: improve control of topology updates
- powerpc/64: Fix booting large kernels with STRICT_KERNEL_RWX
- random: fix CRNG initialization when random.trust_cpu=1
- random: add a spinlock_t to struct batched_entropy
- cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock
- sched/core: Check quota and period overflow at usec to nsec conversion
- sched/rt: Check integer overflow at usec to nsec conversion
- sched/core: Handle overflow in cpu_shares_write_u64
- staging: vc04_services: handle kzalloc failure
- drm/msm/dpu: release resources on modeset failure
- drm/msm: a5xx: fix possible object reference leak
- drm/msm: dpu: Don't set frame_busy_mask for async updates
- drm/msm: Fix NULL pointer dereference
- irq_work: Do not raise an IPI when queueing work on the local CPU
- thunderbolt: Take domain lock in switch sysfs attribute callbacks
- s390/qeth: handle error from qeth_update_from_chp_desc()
- USB: core: Don't unbind interfaces following device reset failure
- x86/irq/64: Limit IST stack overflow check to #DB stack
- drm: etnaviv: avoid DMA API warning when importing buffers
- dt-bindings: phy-qcom-qmp: Add UFS PHY reset
- phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode
- phy: mapphone-mdm6600: add gpiolib dependency
- dpaa2-eth: Fix Rx classification status
- i40e: Able to add up to 16 MAC filters on an untrusted VF
- i40e: don't allow changes to HW VLAN stripping on active port VLANs
- ACPI/IORT: Reject platform device creation on NUMA node mapping failure
- arm64: vdso: Fix clock_getres() for CLOCK_REALTIME
- RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure
- perf/x86/msr: Add Icelake support
- perf/x86/intel/rapl: Add Icelake support
- perf/x86/intel/cstate: Add Icelake support
- PM / devfreq: Fix static checker warning in try_then_request_governor
- hwmon: (vt1211) Use request_muxed_region for Super-IO accesses
- hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses
- hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses
- hwmon: (pc87427) Use request_muxed_region for Super-IO accesses
- hwmon: (f71805f) Use request_muxed_region for Super-IO accesses
- mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
- mmc_spi: add a status check for spi_sync_locked
- mmc: sdhci-of-esdhc: add erratum eSDHC5 support
- mmc: sdhci-of-esdhc: add erratum A-009204 support
- mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support
- drm/amdgpu: fix old fence check in amdgpu_fence_emit
- PM / core: Propagate dev->power.wakeup_path when no callbacks
- clk: rockchip: Fix video codec clocks on rk3288
- extcon: arizona: Disable mic detect if running when driver is removed
- clk: rockchip: Make rkpwm a critical clock on rk3288
- clk: zynqmp: fix check for fractional clock
- s390: zcrypt: initialize variables before_use
- x86/microcode: Fix the ancient deprecated microcode loading method
- s390/mm: silence compiler warning when compiling without CONFIG_PGSTE
- s390: cio: fix cio_irb declaration
- selftests: cgroup: fix cleanup path in test_memcg_subtree_control()
- qmi_wwan: Add quirk for Quectel dynamic config
- cpufreq: ppc_cbe: fix possible object reference leak
- cpufreq/pasemi: fix possible object reference leak
- cpufreq: pmac32: fix possible object reference leak
- cpufreq: kirkwood: fix possible object reference leak
- cpufreq: imx6q: fix possible object reference leak
- block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR
- samples/bpf: fix build with new clang
- x86/build: Keep local relocations with ld.lld
- regulator: core: Avoid potential deadlock on regulator_unregister
- drm/pl111: fix possible object reference leak
- iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion
- iio: hmc5843: fix potential NULL pointer dereferences
- iio: common: ssp_sensors: Initialize calculated_time in
ssp_common_process_data
- iio: adc: ti-ads7950: Fix improper use of mlock
- selftests/bpf: ksym_search won't check symbols exists
- rtlwifi: fix a potential NULL pointer dereference
- mwifiex: Fix mem leak in mwifiex_tm_cmd
- brcmfmac: fix missing checks for kmemdup
- b43: shut up clang -Wuninitialized variable warning
- brcmfmac: convert dev_init_lock mutex to completion
- brcmfmac: fix WARNING during USB disconnect in case of unempty psq
- brcmfmac: fix race during disconnect when USB completion is in progress
- brcmfmac: fix Oops when bringing up interface during USB disconnect
- rtc: xgene: fix possible race condition
- rtlwifi: fix potential NULL pointer dereference
- scsi: ufs: Fix regulator load and icc-level configuration
- scsi: ufs: Avoid configuring regulator with undefined voltage range
- drm/panel: otm8009a: Add delay at the end of initialization
- drm/amd/display: Prevent cursor hotspot overflow for RV overlay planes
- arm64: cpu_ops: fix a leaked reference by adding missing of_node_put
- locking/static_key: Fix false positive warnings on concurrent dec/inc
- wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext
- x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP
- x86/uaccess, signal: Fix AC=1 bloat
- x86/ia32: Fix ia32_restore_sigcontext() AC leak
- x86/uaccess: Fix up the fixup
- chardev: add additional check for minor range overlap
- sh: sh7786: Add explicit I/O cast to sh7786_mm_sel()
- HID: core: move Usage Page concatenation to Main item
- ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put
- ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put
- cxgb3/l2t: Fix undefined behaviour
- clk: renesas: rcar-gen3: Correct parent clock of SYS-DMAC
- block: pass page to xen_biovec_phys_mergeable
- clk: renesas: rcar-gen3: Correct parent clock of Audio-DMAC
- HID: logitech-hidpp: change low battery level threshold from 31 to 30
percent
- spi: tegra114: reset controller on probe
- kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice.
- media: video-mux: fix null pointer dereferences
- media: wl128x: prevent two potential buffer overflows
- media: gspca: Kill URBs on USB device disconnect
- efifb: Omit memory map check on legacy boot
- thunderbolt: property: Fix a missing check of kzalloc
- thunderbolt: Fix to check the return value of kmemdup
- drm: rcar-du: lvds: Set LVEN and LVRES bits together on D3
- timekeeping: Force upper bound for setting CLOCK_REALTIME
- scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload
check
- virtio_console: initialize vtermno value for ports
- tty: ipwireless: fix missing checks for ioremap
- staging: mt7621-mmc: Initialize completions a single time during probe
- overflow: Fix -Wtype-limits compilation warnings
- x86/mce: Fix machine_check_poll() tests for error types
- rcutorture: Fix cleanup path for invalid torture_type strings
- x86/mce: Handle varying MCA bank counts
- rcuperf: Fix cleanup path for invalid perf_type strings
- rcu: Do a single rhp->func read in rcu_head_after_call_rcu()
- spi: stm32-qspi: add spi_master_put in release function
- usb: core: Add PM runtime calls to usb_hcd_platform_shutdown
- scsi: qla4xxx: avoid freeing unallocated dma memory
- scsi: lpfc: avoid uninitialized variable warning
- ice: Prevent unintended multiple chain resets
- selinux: avoid uninitialized variable warning
- batman-adv: allow updating DAT entry timeouts on incoming ARP Replies
- dmaengine: tegra210-adma: use devm_clk_*() helpers
- x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors
- staging: mt7621-mmc: Check for nonzero number of scatterlist entries
- hwrng: omap - Set default quality
- thunderbolt: Fix to check return value of ida_simple_get
- thunderbolt: Fix to check for kmemdup failure
- drm/amd/display: fix releasing planes when exiting odm
- drm/amd/display: Link train only when link is DP and backend is enabled
- drm/amd/display: Reset alpha state for planes to the correct values
- thunderbolt: property: Fix a NULL pointer dereference
- media: v4l2-fwnode: The first default data lane is 0 on C-PHY
- media: staging/intel-ipu3: mark PM function as __maybe_unused
- tinydrm/mipi-dbi: Use dma-safe buffers for all SPI transfers
- igb: Exclude device from suspend direct complete optimization
- media: si2165: fix a missing check of return value
- media: dvbsky: Avoid leaking dvb frontend
- media: m88ds3103: serialize reset messages in m88ds3103_set_frontend
- drm/amd/display: add pipe lock during stream update
- media: staging: davinci_vpfe: disallow building with COMPILE_TEST
- drm/amd/display: Fix Divide by 0 in memory calculations
- drm/amd/display: Set stream->mode_changed when connectors change
- scsi: ufs: fix a missing check of devm_reset_control_get
- media: vimc: stream: fix thread state before sleep
- media: gspca: do not resubmit URBs when streaming has stopped
- media: go7007: avoid clang frame overflow warning with KASAN
- media: vimc: zero the media_device on probe
- media: vim2m: replace devm_kzalloc by kzalloc
- media: cedrus: Add a quirk for not setting DMA offset
- scsi: lpfc: Fix FDMI manufacturer attribute value
- scsi: lpfc: Fix fc4type information for FDMI
- media: saa7146: avoid high stack usage with clang
- scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices
- scsi: lpfc: Fix use-after-free mailbox cmd completion
- audit: fix a memleak caused by auditing load module
- spi : spi-topcliff-pch: Fix to handle empty DMA buffers
- drm: writeback: Fix leak of writeback job
- drm/omap: dsi: Fix PM for display blank with paired dss_pll calls
- drm/omap: Notify all devices in the pipeline of output disconnection
- spi: rspi: Fix sequencer reset during initialization
- regulator: wm831x ldo: Fix notifier mutex lock warning
- regulator: wm831x isink: Fix notifier mutex lock warning
- regulator: ltc3676: Fix notifier mutex lock warning
- regulator: ltc3589: Fix notifier mutex lock warning
- regulator: pv88060: Fix notifier mutex lock warning
- spi: imx: stop buffer overflow in RX FIFO flush
- regulator: lp8755: Fix notifier mutex lock warning
- regulator: da9211: Fix notifier mutex lock warning
- regulator: da9063: Fix notifier mutex lock warning
- regulator: pv88080: Fix notifier mutex lock warning
- regulator: wm831x: Fix notifier mutex lock warning
- regulator: pv88090: Fix notifier mutex lock warning
- regulator: da9062: Fix notifier mutex lock warning
- regulator: da9055: Fix notifier mutex lock warning
- spi: Fix zero length xfer bug
- ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM
- ASoC: ti: fix davinci_mcasp_probe dependencies
- drm/v3d: Handle errors from IRQ setup.
- drm/drv: Hold ref on parent device during drm_device lifetime
- drm: Wake up next in drm_read() chain if we are forced to putback the
event
- drm/sun4i: dsi: Change the start delay calculation
- vfio-ccw: Prevent quiesce function going into an infinite loop
- ice: Put __ICE_PREPARED_FOR_RESET check in ice_prepare_for_reset
- drm/sun4i: dsi: Enforce boundaries on the start delay
- NFS: Fix a double unlock from nfs_match,get_client
- Linux 5.0.20
* Disco update: 5.0.19 upstream stable release (LP: #1837516)
- ipv6: fix src addr routing with the exception table
- ipv6: prevent possible fib6 leaks
- net: Always descend into dsa/
- net: avoid weird emergency message
- net/mlx4_core: Change the error print to info print
- net: test nouarg before dereferencing zerocopy pointers
- net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions
- nfp: flower: add rcu locks when accessing netdev for tunnels
- ppp: deflate: Fix possible crash in deflate_init
- rtnetlink: always put IFLA_LINK for links with a link-netnsid
- tipc: switch order of device registration to fix a crash
- vsock/virtio: free packets during the socket release
- tipc: fix modprobe tipc failed after switch order of device registration
- vsock/virtio: Initialize core virtio vsock before registering the driver
- net/mlx5e: Add missing ethtool driver info for representors
- net/mlx5e: Additional check for flow destination comparison
- net/mlx5: Imply MLXFW in mlx5_core
- net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled
- blk-mq: free hw queue's resource in hctx's release handler
- regulator: core: fix error path for regulator_set_voltage_unlocked
- parisc: Export running_on_qemu symbol for modules
- parisc: Add memory clobber to TLB purges
- parisc: Skip registering LED when running in QEMU
- parisc: Add memory barrier to asm pdc and sync instructions
- parisc: Allow live-patching of __meminit functions
- parisc: Use PA_ASM_LEVEL in boot code
- parisc: Rename LEVEL to PA_ASM_LEVEL to avoid name clash with DRBD code
- stm class: Fix channel free in stm output free path
- stm class: Fix channel bitmap on 32-bit systems
- brd: re-enable __GFP_HIGHMEM in brd_insert_page()
- proc: prevent changes to overridden credentials
- Revert "MD: fix lock contention for flush bios"
- md: batch flush requests.
- md: add mddev->pers to avoid potential NULL pointer dereference
- md: add a missing endianness conversion in check_sb_changes
- dcache: sort the freeing-without-RCU-delay mess for good.
- intel_th: msu: Fix single mode with IOMMU
- p54: drop device reference count if fails to enable device
- of: fix clang -Wunsequenced for be32_to_cpu()
- brcmfmac: Add DMI nvram filename quirk for ACEPC T8 and T11 mini PCs
- phy: ti-pipe3: fix missing bit-wise or operator when assigning val
- media: ov6650: Fix sensor possibly not detected on probe
- media: imx: csi: Allow unknown nearest upstream entities
- media: imx: Clear fwnode link struct for each endpoint iteration
- RDMA/mlx5: Use get_zeroed_page() for clock_info
- RDMA/ipoib: Allow user space differentiate between valid dev_port
- NFS4: Fix v4.0 client state corruption when mount
- PNFS fallback to MDS if no deviceid found
- clk: hi3660: Mark clk_gate_ufs_subsys as critical
- clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider
- clk: mediatek: Disable tuner_en before change PLL rate
- clk: rockchip: fix wrong clock definitions for rk3328
- udlfb: delete the unused parameter for dlfb_handle_damage
- udlfb: fix sleeping inside spinlock
- udlfb: introduce a rendering mutex
- fuse: fix writepages on 32bit
- fuse: honor RLIMIT_FSIZE in fuse_file_fallocate
- ovl: fix missing upper fs freeze protection on copy up for ioctl
- gcc-plugins: arm_ssp_per_task_plugin: Fix for older GCC < 6
- iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114
- ceph: flush dirty inodes before proceeding with remount
- x86_64: Add gap to int3 to allow for call emulation
- x86_64: Allow breakpoints to emulate call instructions
- ftrace/x86_64: Emulate call function while updating in breakpoint handler
- tracing: Fix partial reading of trace event's id file
- tracing: probeevent: Fix to make the type of $comm string
- memory: tegra: Fix integer overflow on tick value calculation
- perf intel-pt: Fix instructions sampling rate
- perf intel-pt: Fix improved sample timestamp
- perf intel-pt: Fix sample timestamp wrt non-taken branches
- MIPS: perf: Fix build with CONFIG_CPU_BMIPS5000 enabled
- objtool: Allow AR to be overridden with HOSTAR
- x86/mpx, mm/core: Fix recursive munmap() corruption
- fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types
- fbdev: sm712fb: fix brightness control on reboot, don't set SR30
- fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75
- fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F
- fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA
- fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping
VRAM
- fbdev: sm712fb: fix support for 1024x768-16 mode
- fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display
- fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting
- PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken
- PCI: Mark Atheros AR9462 to avoid bus reset
- PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary
- PCI: Init PCIe feature bits for managed host bridge alloc
- PCI/AER: Change pci_aer_init() stub to return void
- PCI: rcar: Add the initialization of PCIe link in resume_noirq()
- PCI: Factor out pcie_retrain_link() function
- PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
- dm cache metadata: Fix loading discard bitset
- dm zoned: Fix zone report handling
- dm delay: fix a crash when invalid device is specified
- dm crypt: move detailed message into debug level
- dm integrity: correctly calculate the size of metadata area
- dm mpath: always free attached_handler_name in parse_path()
- fuse: Add FOPEN_STREAM to use stream_open()
- xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
- xfrm: Reset secpath in xfrm failure
- xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module
- vti4: ipip tunnel deregistration fixes.
- xfrm: clean up xfrm protocol checks
- esp4: add length check for UDP encapsulation
- xfrm: Honor original L3 slave device in xfrmi policy lookup
- xfrm4: Fix uninitialized memory read in _decode_session4
- ARC: PAE40: don't panic and instead turn off hw ioc
- clk: sunxi-ng: nkmp: Avoid GENMASK(-1, 0)
- KVM: PPC: Book3S HV: Perserve PSSCR FAKE_SUSPEND bit on guest exit
- KVM: PPC: Book3S: Protect memslots while validating user address
- power: supply: cpcap-battery: Fix division by zero
- securityfs: fix use-after-free on symlink traversal
- apparmorfs: fix use-after-free on symlink traversal
- PCI: Fix issue with "pci=disable_acs_redir" parameter being ignored
- x86: kvm: hyper-v: deal with buggy TLB flush requests from WS2012
- mac80211: Fix kernel panic due to use of txq after free
- net: ieee802154: fix missing checks for regmap_update_bits
- KVM: arm/arm64: Ensure vcpu target is unset on reset failure
- power: supply: sysfs: prevent endless uevent loop with
CONFIG_POWER_SUPPLY_DEBUG
- tools: bpftool: fix infinite loop in map create
- bpf: Fix preempt_enable_no_resched() abuse
- qmi_wwan: new Wistron, ZTE and D-Link devices
- iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb()
- sched/cpufreq: Fix kobject memleak
- x86/mm/mem_encrypt: Disable all instrumentation for early SME setup
- KVM: fix KVM_CLEAR_DIRTY_LOG for memory slots of unaligned size
- KVM: selftests: make hyperv_cpuid test pass on AMD
- ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
- i2c: designware: ratelimit 'transfer when suspended' errors
- perf bench numa: Add define for RUSAGE_THREAD if not present
- perf cs-etm: Always allocate memory for cs_etm_queue::prev_packet
- perf/x86/intel: Fix race in intel_pmu_disable_event()
- Revert "Don't jump to compute_result state from check_result state"
- md/raid: raid5 preserve the writeback action after the parity check
- driver core: Postpone DMA tear-down until after devres release for probe
failure
- bpf: relax inode permission check for retrieving bpf program
- bpf: add map_lookup_elem_sys_only for lookups from syscall side
- bpf, lru: avoid messing with eviction heuristics upon syscall lookup
- fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough
- Linux 5.0.19
* CVE-2019-13648
- powerpc/tm: Fix oops on sigreturn on systems without TM
* bcache kernel warning when attaching device (LP: #1837788)
- bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached
* CVE-2019-14283
- floppy: fix out-of-bounds read in copy_buffer
* CVE-2019-14284
- floppy: fix div-by-zero in setup_format_params
* alsa/hda: neither mute led nor mic-mute led work on several Lenovo laptops
(LP: #1837963)
- SAUCE: ALSA: hda - Add a conexant codec entry to let mute led work
-- Khalid Elmously <khalid.elmou...@canonical.com> Tue, 20 Aug 2019
15:25:30 -0400
** Changed in: linux (Ubuntu Disco)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-13648
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14283
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14284
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3900
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1838677
Title:
shiftfs: allow overlayfs
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Disco:
Fix Released
Bug description:
SRU Justification
Impact: Currently it is not possible to use overlayfs on top of
shiftfs. This means Docker inside of LXD cannot make user of the
overlay2 graph driver which is blocking users such as Travis from
making use of it efficiently.
Regression Potential: Limited to shiftfs and overlayfs on top of
shiftfs. Overlayfs does prevent "remote" filesystems such as ceph,
nfs, etc. from being used as the underlay. With this patch shiftfs
however can be used as an underlay and we special case it as a
suitable filesystem to be used under overlayfs. I verified that the
patch does not lead to regression on overlayfs workloads that do not
make use of shiftfs as underlay. Additionally, I tested Docker with
the overlay2 graphdriver on top of shiftfs. This also has not lead to
any regressions.
Test case: Building a kernel with the patch:
sudo snap install lxd
sudo lxd init
sudo lxc launch images:ubuntu/bionic b1
sudo lxc config set b1 security.nesting true
sudo lxc restart --force b1
sudo lxc shell b1
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
curl -fsSL get.docker.com | CHANNEL=test sh
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo systemctl stop docker
cat <<EOF /etc/docker/daemon.json
{
"storage-driver": "overlay2"
}
EOF
sudo systemctl start docker
docker run -it ubuntu bash
and observe that it works.
Target kernels: All LTS kernels that do support shiftfs, if possible.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1838677/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
