This bug was fixed in the package linux - 5.0.0-40.44
---------------
linux (5.0.0-40.44) disco; urgency=medium
* disco/linux: 5.0.0-40.44 -proposed tracker (LP: #1859724)
* use-after-free in i915_ppgtt_close (LP: #1859522) // CVE-2020-7053
- SAUCE: drm/i915: Fix use-after-free when destroying GEM context
* CVE-2019-14615
- drm/i915/gen9: Clear residual context state on context switch
* System hang with kernel traces while entering reboot process on a Disco
ARM64 moonshot node (LP: #1859582)
- Revert "RDMA/cm: Fix memory leak in cm_add/remove_one"
linux (5.0.0-39.43) disco; urgency=medium
* disco/linux: 5.0.0-39.43 -proposed tracker (LP: #1858547)
* [Regression] usb usb2-port2: Cannot enable. Maybe the USB cable is bad?
(LP: #1856608)
- SAUCE: Revert "usb: handle warm-reset port requests on hub resume"
* PAN is broken for execute-only user mappings on ARMv8 (LP: #1858815)
- arm64: Revert support for execute-only user mappings
* Fix unusable USB hub on Dell TB16 after S3 (LP: #1855312)
- SAUCE: USB: core: Make port power cycle a seperate helper function
- SAUCE: USB: core: Attempt power cycle port when it's in eSS.Disabled state
* [sas-1126]scsi: hisi_sas: Fix out of bound at debug_I_T_nexus_reset()
(LP: #1853992)
- scsi: hisi_sas: Fix out of bound at debug_I_T_nexus_reset()
* [sas-1126]scsi: hisi_sas: Assign NCQ tag for all NCQ commands (LP: #1853995)
- scsi: hisi_sas: Assign NCQ tag for all NCQ commands
* [sas-1126]scsi: hisi_sas: Fix the conflict between device gone and host
reset (LP: #1853997)
- scsi: hisi_sas: Fix the conflict between device gone and host reset
* scsi: hisi_sas: Check sas_port before using it (LP: #1855952)
- scsi: hisi_sas: Check sas_port before using it
* CVE-2019-18885
- btrfs: refactor btrfs_find_device() take fs_devices as argument
- btrfs: merge btrfs_find_device and find_device
* Integrate Intel SGX driver into linux-azure (LP: #1844245)
- [Packaging] Add systemd service to load intel_sgx
* [SRU][B/OEM-B/OEM-OSP1/D/E/F] Add LG I2C touchscreen multitouch support
(LP: #1857541)
- SAUCE: HID: multitouch: Add LG MELF0410 I2C touchscreen support
* cifs: DFS Caching feature causing problems traversing multi-tier DFS setups
(LP: #1854887)
- cifs: Fix retrieval of DFS referrals in cifs_mount()
* qede driver causes 100% CPU load (LP: #1855409)
- qede: Handle infinite driver spinning for Tx timestamp.
* [roce-1126]RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
(LP: #1853989)
- RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
- RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
* [roce-1126]RDMA/hns: Fixs hw access invalid dma memory error (LP: #1853990)
- RDMA/hns: Fixs hw access invalid dma memory error
* [hns-1126]net: hns3: revert to old channel when setting new channel num fail
(LP: #1853983)
- net: hns3: revert to old channel when setting new channel num fail
* [hns-1126]net: hns3: fix port setting handle for fibre port
(LP: #1853984)
- net: hns3: fix port setting handle for fibre port
* [hns-1126] net: hns: add support for vlan TSO (LP: #1853937)
- net: hns: add support for vlan TSO
* [hns-1126]net: hns3: fix flow control configure issue for fibre port
(LP: #1853948)
- net: hns3: fix flow control configure issue for fibre port
* mce: ras: When inject 1bit ecc error, there is no mce log recorded in the
dmesg (LP: #1857413)
- RAS/CEC: Increment cec_entered under the mutex lock
- RAS/CEC: Check count_threshold unconditionally
* efivarfs test in ubuntu_kernel_selftest failed on the second run
(LP: #1809704)
- selftests/efivarfs: clean up test files from test_create*()
* CVE-2019-19082
- drm/amd/display: prevent memory leak
* CVE-2019-19078
- ath10k: fix memory leak
* CVE-2019-19077
- RDMA: Fix goto target to release the allocated memory
* Disco update: upstream stable patchset 2019-12-17 (LP: #1856754)
- rsi: release skb if rsi_prepare_beacon fails
- arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
- sparc64: implement ioremap_uc
- lp: fix sparc64 LPSETTIMEOUT ioctl
- usb: gadget: u_serial: add missing port entry locking
- tty: serial: fsl_lpuart: use the sg count from dma_map_sg
- tty: serial: msm_serial: Fix flow control
- serial: pl011: Fix DMA ->flush_buffer()
- serial: serial_core: Perform NULL checks for break_ctl ops
- serial: ifx6x60: add missed pm_runtime_disable
- autofs: fix a leak in autofs_expire_indirect()
- RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
- iwlwifi: pcie: don't consider IV len in A-MSDU
- exportfs_decode_fh(): negative pinned may become positive without the
parent
locked
- audit_get_nd(): don't unlock parent too early
- NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
- xfrm: release device reference for invalid state
- Input: cyttsp4_core - fix use after free bug
- sched/core: Avoid spurious lock dependencies
- perf/core: Consistently fail fork on allocation failures
- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
- drm/sun4i: tcon: Set min division of TCON0_DCLK to 1.
- selftests: kvm: fix build with glibc >= 2.30
- rsxx: add missed destroy_workqueue calls in remove
- net: ep93xx_eth: fix mismatch of request_mem_region in remove
- i2c: core: fix use after free in of_i2c_notify
- fuse: verify nlink
- fuse: verify attributes
- ALSA: hda/realtek - Enable internal speaker of ASUS UX431FLC
- ALSA: pcm: oss: Avoid potential buffer overflows
- ALSA: hda - Add mute led support for HP ProBook 645 G4
- Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus
- Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash
- Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers
- Input: goodix - add upside-down quirk for Teclast X89 tablet
- coresight: etm4x: Fix input validation for sysfs.
- Input: Fix memory leak in psxpad_spi_probe
- x86/mm/32: Sync only to VMALLOC_END in vmalloc_sync_all()
- CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
- CIFS: Fix SMB2 oplock break processing
- tty: vt: keyboard: reject invalid keycodes
- can: slcan: Fix use-after-free Read in slcan_open
- kernfs: fix ino wrap-around detection
- jbd2: Fix possible overflow in jbd2_log_space_left()
- drm/msm: fix memleak on release
- drm/i810: Prevent underflow in ioctl
- arm64: dts: exynos: Revert "Remove unneeded address space mapping for soc
node"
- KVM: arm/arm64: vgic: Don't rely on the wrong pending table
- KVM: x86: do not modify masked bits of shared MSRs
- KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
- KVM: x86: Grab KVM's srcu lock when setting nested state
- crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
- crypto: atmel-aes - Fix IV handling when req->nbytes < ivsize
- crypto: af_alg - cast ki_complete ternary op to int
- crypto: ccp - fix uninitialized list head
- crypto: ecdh - fix big endian bug in ECC library
- crypto: user - fix memory leak in crypto_report
- spi: atmel: Fix CS high support
- mwifiex: update set_mac_address logic
- can: ucan: fix non-atomic allocation in completion handler
- RDMA/qib: Validate ->show()/store() callbacks before calling them
- iomap: Fix pipe page leakage during splicing
- thermal: Fix deadlock in thermal thermal_zone_device_check
- vcs: prevent write access to vcsu devices
- binder: Fix race between mmap() and binder_alloc_print_pages()
- binder: Handle start==NULL in binder_update_page_range()
- ALSA: hda - Fix pending unsol events at shutdown
- watchdog: aspeed: Fix clock behaviour for ast2600
- perf script: Fix invalid LBR/binary mismatch error
- xfs: add missing error check in xfs_prepare_shift()
- KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
(CVE-2019-19332)
- net: qrtr: fix memort leak in qrtr_tun_write_iter
- appletalk: Fix potential NULL pointer dereference in
unregister_snap_client
- appletalk: Set error code if register_snap_client failed
- time: Zero the upper 32-bits in __kernel_timespec on 32-bit
- RDMA/hns: Correct the value of srq_desc_size
- ecryptfs: fix unlink and rmdir in face of underlying fs modifications
- x86/resctrl: Fix potential lockdep warning
- ravb: implement MTU change while device is up
- net: hns3: reallocate SSU' buffer size when pfc_en changes
- net: hns3: fix ETS bandwidth validation bug
- media: rc: mark input device as pointing stick
- nfsd: Ensure CLONE persists data and metadata changes to the target file
- drm: damage_helper: Fix race checking plane->state->fb
- KVM: nVMX: Always write vmcs02.GUEST_CR3 during nested VM-Enter
- crypto: geode-aes - switch to skcipher for cbc(aes) fallback
- spi: stm32-qspi: Fix kernel oops when unbinding driver
- spi: Fix SPI_CS_HIGH setting when using native and GPIO CS
- spi: Fix NULL pointer when setting SPI_CS_HIGH for GPIO CS
- EDAC/ghes: Fix locking and memory barrier issues
- kselftest: Fix NULL INSTALL_PATH for TARGETS runlist
- ALSA: hda: hdmi - fix pin setup on Tigerlake
* Realtek ALC256M with DTS Audio Processing internal microphone doesn't work
on Redmi Book 14 2019 (LP: #1846148) // Disco update: upstream stable
patchset 2019-12-17 (LP: #1856754)
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
* Disco update: upstream stable patchset 2019-12-12 (LP: #1856213)
- clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate
- clocksource/drivers/mediatek: Fix error handling
- ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX
- ASoC: compress: fix unsigned integer overflow check
- reset: Fix memory leak in reset_control_array_put()
- clk: samsung: exynos5433: Fix error paths
- ASoC: kirkwood: fix external clock probe defer
- ASoC: kirkwood: fix device remove ordering
- clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume
- pinctrl: cherryview: Allocate IRQ chip dynamic
- ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts
- reset: fix reset_control_ops kerneldoc comment
- clk: at91: avoid sleeping early
- clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup
- clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18
- ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend
- samples/bpf: fix build by setting HAVE_ATTR_TEST to zero
- powerpc/bpf: Fix tail call implementation
- idr: Fix integer overflow in idr_for_each_entry
- idr: Fix idr_alloc_u32 on 32-bit systems
- x86/resctrl: Prevent NULL pointer dereference when reading mondata
- clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call
- clk: ti: clkctrl: Fix failed to enable error with double udelay timeout
- net: fec: add missed clk_disable_unprepare in remove
- bridge: ebtables: don't crash when using dnat target in output chains
- can: peak_usb: report bus recovery as well
- can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open
- can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid
skb
mem leak
- can: rx-offload: can_rx_offload_offload_one(): do not increase the
skb_queue
beyond skb_queue_len_max
- can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on
queue overflow or OOM
- can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate
error value in case of errors
- can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error
- can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error
- can: flexcan: increase error counters if skb enqueueing via
can_rx_offload_queue_sorted() fails
- can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit
race
condition
- watchdog: meson: Fix the wrong value of left time
- ASoC: stm32: sai: add restriction on mmap support
- scripts/gdb: fix debugging modules compiled with hot/cold partitioning
- net: bcmgenet: use RGMII loopback for MAC reset
- net: bcmgenet: reapply manual settings to the PHY
- net: mscc: ocelot: fix __ocelot_rmw_ix prototype
- ceph: return -EINVAL if given fsc mount option on kernel w/o support
- net/fq_impl: Switch to kvmalloc() for memory allocation
- mac80211: fix station inactive_time shortly after boot
- block: drbd: remove a stray unlock in __drbd_send_protocol()
- pwm: bcm-iproc: Prevent unloading the driver module while in use
- clk: at91: fix update bit maps on CFG_MOR write
- usb: dwc2: use a longer core rest timeout in dwc2_core_reset()
- staging: rtl8192e: fix potential use after free
- staging: rtl8723bs: Drop ACPI device ids
- staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids
- USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P
- mei: bus: prefix device names on bus with the bus name
- mei: me: add comet point V device id
- thunderbolt: Power cycle the router if NVM authentication fails
- media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE
- pwm: Clear chip_data in pwm_put()
- media: atmel: atmel-isc: fix INIT_WORK misplacement
- macvlan: schedule bc_work even if error
- net: psample: fix skb_over_panic
- openvswitch: fix flow command message size
- sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook
- slip: Fix use-after-free Read in slip_open
- openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()
- openvswitch: remove another BUG_ON()
- selftests: bpf: test_sockmap: handle file creation failures gracefully
- tipc: fix link name length check
- sctp: cache netns in sctp_ep_common
- net: sched: fix `tc -s class show` no bstats on class with nolock
subqueues
- net: macb: add missed tasklet_kill
- ext4: add more paranoia checking in ext4_expand_extra_isize handling
- watchdog: sama5d4: fix WDD value to be always set to max
- net: macb: Fix SUBNS increment and increase resolution
- net: macb driver, check for SKBTX_HW_TSTAMP
- mtd: rawnand: atmel: Fix spelling mistake in error message
- mtd: rawnand: atmel: fix possible object reference leak
- drm/atmel-hlcdc: revert shift by 8
- mailbox: stm32_ipcc: add spinlock to fix channels concurrent access
- tcp: exit if nothing to retransmit on RTO timeout
- HID: core: check whether Usage Page item is after Usage ID items
- crypto: stm32/hash - Fix hmac issue more than 256 bytes
- media: stm32-dcmi: fix DMA corruption when stopping streaming
- media: stm32-dcmi: fix check of pm_runtime_get_sync return value
- hwrng: stm32 - fix unbalanced pm_runtime_enable
- clk: stm32mp1: fix HSI divider flag
- clk: stm32mp1: fix mcu divider table
- clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks
- clk: stm32mp1: parent clocks update
- mailbox: mailbox-test: fix null pointer if no mmio
- pinctrl: stm32: fix memory leak issue
- ASoC: stm32: i2s: fix dma configuration
- ASoC: stm32: i2s: fix 16 bit format support
- ASoC: stm32: i2s: fix IRQ clearing
- ASoC: stm32: sai: add missing put_device()
- platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer
- platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size
- net: fec: fix clock count mis-match
- net: separate out the msghdr copy from ___sys_{send,recv}msg()
- XArray: Fix xas_next() with a single entry at 0
- thunderbolt: Fix lockdep circular locking depedency warning
- soundwire: intel: fix intel_register_dai PDI offsets and numbers
- clk: samsung: exynos542x: Move G3D subsystem clocks to its sub-CMU
- arm64: dts: ls1028a: fix a compatible issue
- soc: imx: gpc: fix initialiser format
- bpf: Change size to u64 for bpf_map_{area_alloc, charge_init}()
- idr: Fix idr_get_next_ul race with idr_remove
- fbdev: c2p: Fix link failure on non-inlining
- ASoC: hdac_hda: fix race in device removal
- x86/tsc: Respect tsc command line paraemeter for clocksource_tsc_early
- perf scripting engines: Iterate on tep event arrays directly
- nvme-rdma: fix a segmentation fault during module unload
- nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths
- watchdog: pm8916_wdt: fix pretimeout registration flow
- ALSA: hda: hdmi - add Tigerlake support
- mm/gup_benchmark: fix MAP_HUGETLB case
- drm/amdgpu: dont schedule jobs while in reset
- net/mlx5e: Fix eswitch debug print of max fdb flow
- drm/amdgpu: add warning for GRBM 1-cycle delay issue in gfx9
- net: stmmac: gmac4: bitrev32 returns u32
- net: stmmac: xgmac: Fix TSA selection
- net: stmmac: xgmac: Disable Flow Control when 1 or more queues are in AV
- mac80211: fix ieee80211_txq_setup_flows() failure path
- ice: fix potential infinite loop because loop counter being too small
- iavf: initialize ITRN registers with correct values
- x86/fpu: Don't cache access to fpu_fpregs_owner_ctx
- net/tls: take into account that bpf_exec_tx_verdict() may free the record
- net/tls: free the record on encryption error
- net: skmsg: fix TLS 1.3 crash with full sk_msg
- selftests/tls: add a test for fragmented messages
- net/tls: remove the dead inplace_crypto code
- net/tls: use sg_next() to walk sg entries
- selftests: bpf: correct perror strings
* CVE-2019-19050
- crypto: user - fix memory leak in crypto_reportstat
* headphone has noise as not mute on dell machines with alc236/256
(LP: #1854401)
- SAUCE: ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
* Disco update: upstream stable patchset 2019-12-03 (LP: #1855011)
- mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel
- net/mlx4_en: fix mlx4 ethtool -N insertion
- net/mlx4_en: Fix wrong limitation for number of TX rings
- net: rtnetlink: prevent underflows in do_setvfinfo()
- net/sched: act_pedit: fix WARN() in the traffic path
- net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key
- sfc: Only cancel the PPS workqueue if it exists
- net/mlx5e: Fix set vf link state error flow
- net/mlxfw: Verify FSM error code translation doesn't exceed array size
- net/mlx5: Fix auto group size calculation
- vhost/vsock: split packets to send using multiple buffers
- gpio: max77620: Fixup debounce delays
- tools: gpio: Correctly add make dependencies for gpio_utils
- nbd:fix memory leak in nbd_get_socket()
- virtio_console: allocate inbufs in add_port() only if it is needed
- Revert "fs: ocfs2: fix possible null-pointer dereferences in
ocfs2_xa_prepare_entry()"
- mm/ksm.c: don't WARN if page is still mapped in remove_stable_node()
- drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs
- drm/i915/pmu: "Frequency" is reported as accumulated cycles
- drm/i915/userptr: Try to acquire the page lock around set_page_dirty()
- mwifiex: Fix NL80211_TX_POWER_LIMITED
- Bluetooth: Fix invalid-free in bcsp_close()
- ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe
- ath9k_hw: fix uninitialized variable data
- md/raid10: prevent access of uninitialized resync_pages offset
- mm/memory_hotplug: don't access uninitialized memmaps in
shrink_zone_span()
- net: phy: dp83867: fix speed 10 in sgmii mode
- net: phy: dp83867: increase SGMII autoneg timer duration
- ARM: 8904/1: skip nomap memblocks while finding the lowmem/highmem
boundary
- x86/insn: Fix awk regexp warnings
- x86/speculation: Fix incorrect MDS/TAA mitigation status
- x86/speculation: Fix redundant MDS mitigation message
- nbd: prevent memory leak
- futex: Prevent robust futex exit race
- ALSA: usb-audio: Fix NULL dereference at parsing BADD
- nfc: port100: handle command failure cleanly
- media: vivid: Set vid_cap_streaming and vid_out_streaming to true
- media: vivid: Fix wrong locking that causes race conditions on streaming
stop
- media: usbvision: Fix races among open, close, and disconnect
- cpufreq: Add NULL checks to show() and store() methods of cpufreq
- media: uvcvideo: Fix error path in control parsing failure
- media: b2c2-flexcop-usb: add sanity checking
- media: cxusb: detect cxusb_ctrl_msg error in query
- media: imon: invalid dereference in imon_touch_event
- virtio_ring: fix return code on DMA mapping fails
- USBIP: add config dependency for SGL_ALLOC
- usbip: tools: fix fd leakage in the function of read_attr_usbip_status
- usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit()
- usb-serial: cp201x: support Mark-10 digital force gauge
- USB: chaoskey: fix error case of a timeout
- appledisplay: fix error handling in the scheduled work
- USB: serial: mos7840: add USB ID to support Moxa UPort 2210
- USB: serial: mos7720: fix remote wakeup
- USB: serial: mos7840: fix remote wakeup
- USB: serial: option: add support for DW5821e with eSIM support
- USB: serial: option: add support for Foxconn T77W968 LTE modules
- staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error
- net/tls: remove unused function tls_sw_sendpage_locked
- net/tls: enable sk_msg redirect to tls socket egress
- net/mlx5e: Fix error flow cleanup in mlx5e_tc_tun_create_header_ipv4/6
- net/mlx5: Update the list of the PCI supported devices
- net/mlx5: Update the list of the PCI supported devices
- virtio_balloon: fix shrinker count
- drm/amdgpu: disable gfxoff when using register read interface
- Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues"
- x86/xen/32: Make xen_iret_crit_fixup() independent of frame layout
- x86/xen/32: Simplify ring check in xen_iret_crit_fixup()
- x86/doublefault/32: Fix stack canaries in the double fault handler
- x86/pti/32: Size initial_page_table correctly
- x86/cpu_entry_area: Add guard page for entry stack on 32bit
- selftests/x86/mov_ss_trap: Fix the SYSENTER test
- selftests/x86/sigreturn/32: Invalidate DS and ES when abusing the kernel
- x86/pti/32: Calculate the various PTI cpu_entry_area sizes correctly, make
the CPU_ENTRY_AREA_PAGES assert precise
- x86/entry/32: Fix FIXUP_ESPFIX_STACK with user CR3
- media: usbvision: Fix invalid accesses after device disconnect
- media: mceusb: fix out of bounds read in MCE receiver buffer
* Miscellaneous Ubuntu changes
- update dkms package versions
-- Marcelo Henrique Cerri <marcelo.ce...@canonical.com> Tue, 14 Jan
2020 21:14:53 -0300
** Changed in: linux (Ubuntu Disco)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19050
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19077
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19078
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-19082
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-7053
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1809704
Title:
efivarfs test in ubuntu_kernel_selftest failed on the second run
Status in ubuntu-kernel-tests:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Committed
Status in linux source package in Cosmic:
Won't Fix
Status in linux source package in Disco:
Fix Released
Bug description:
== SRU Justification ==
If you run the test selftest/efivarfs test suite twice, it will fail on
the second run.
This is because the test file created in the first run will obtain the
immutable property, and it will make the second attempt failed with
premission denied error.
== Fix ==
* 1f0ea958 (selftests: efivarfs: return Kselftest Skip code for skipped tests)
* dff6d2ae (selftests/efivarfs: clean up test files from test_create*())
This issue exists in X/B/D, fixed in newer releases.
For Xenial it lacks the crucial commit which allows the selftest
framework to handle KSFT_SKIP return code (3f4435b5), so the first
commit has to be backported to keep using 0 as its return value. The
second commit is a backport with fuzzy adjustments.
For Bionic, the first commit is a clean cherry-pick, the second is a
backport with fuzzy adjustments.
For Disco, it just needs the second commit, which is also a backport
with fuzzy adjustments as well.
== Test ==
Patch tested against the affected kernels, and it works as expected.
== Regression Potential ==
Low, changes limited to testing tools.
== Original Bug Report ==
This seems to be an issue to the test case, if you run the test suite twice,
it will fail on the second run.
The first run will create the test file:
$ ll
/sys/firmware/efi/efivars/test_create_read-210be57c-9849-4fc7-a635-e6382d1aec27
-rw------- 1 root root 0 Dec 24 07:16
/sys/firmware/efi/efivars/test_create_read-210be57c-9849-4fc7-a635-e6382d1aec27
This is cause the open(O_WRONLY) test in test_create_read failed with
premission denied on the second run.
This issue can be reproduced with upstream kernel tree on Xenial as well.
$ sudo make -C linux/tools/testing/selftests TARGETS=efivarfs run_tests
make: Entering directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests'
for TARGET in efivarfs; do \
make -C $TARGET; \
done;
make[1]: Entering directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests/efivarfs'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests/efivarfs'
for TARGET in efivarfs; do \
make -C $TARGET run_tests; \
done;
make[1]: Entering directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests/efivarfs'
--------------------
running test_create
--------------------
./efivarfs.sh: line 48:
/sys/firmware/efi/efivars/test_create-210be57c-9849-4fc7-a635-e6382d1aec27:
Permission denied
[PASS]
--------------------
running test_create_empty
--------------------
./efivarfs.sh: line 65:
/sys/firmware/efi/efivars/test_create_empty-210be57c-9849-4fc7-a635-e6382d1aec27:
Permission denied
[PASS]
--------------------
running test_create_read
--------------------
open(O_WRONLY): Permission denied
[FAIL]
--------------------
running test_delete
--------------------
[PASS]
--------------------
running test_zero_size_delete
--------------------
[PASS]
--------------------
running test_open_unlink
--------------------
[PASS]
--------------------
running test_valid_filenames
--------------------
[PASS]
--------------------
running test_invalid_filenames
--------------------
[PASS]
selftests: efivarfs.sh [FAIL]
make[1]: Leaving directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests/efivarfs'
make: Leaving directory
'/home/ubuntu/autotest/client/tmp/ubuntu_kernel_selftests/src/linux/tools/testing/selftests'
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-141-generic 4.4.0-141.167
ProcVersionSignature: User Name 4.4.0-141.167-generic 4.4.162
Uname: Linux 4.4.0-141-generic x86_64
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Dec 24 05:10 seq
crw-rw---- 1 root audio 116, 33 Dec 24 05:10 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
CurrentDmesg:
[92859.670497] smpboot: CPU 111 is now offline
[92859.723040] kvm: disabled by bios
[92859.750562] smpboot: Booting Node 1 Processor 111 APIC 0x7d
[92859.821706] kvm: disabled by bios
Date: Tue Dec 25 06:30:01 2018
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig'
Lsusb:
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 003: ID 0b1f:03e9 Insyde Software Corp.
Bus 001 Device 002: ID 0000:0001
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: Intel Corporation S2600WFT
PciMultimedia:
ProcFB: 0 astdrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-141-generic.efi.signed
root=UUID=e93f24ed-4e90-4ccb-ba6d-f3b97fe0436f ro console=ttyS0,115200n8
RelatedPackageVersions:
linux-restricted-modules-4.4.0-141-generic N/A
linux-backports-modules-4.4.0-141-generic N/A
linux-firmware 1.157.21
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 11/29/2016
dmi.bios.vendor: Intel Corporation
dmi.bios.version: SE5C620.86B.01.00.0336.112920161700
dmi.board.asset.tag: Base Board Asset Tag
dmi.board.name: S2600WFT
dmi.board.vendor: Intel Corporation
dmi.board.version: H48104-410
dmi.chassis.asset.tag: ....................
dmi.chassis.type: 23
dmi.chassis.vendor: ...............................
dmi.chassis.version: ..................
dmi.modalias:
dmi:bvnIntelCorporation:bvrSE5C620.86B.01.00.0336.112920161700:bd11/29/2016:svnIntelCorporation:pnS2600WFT:pvr....................:rvnIntelCorporation:rnS2600WFT:rvrH48104-410:cvn...............................:ct23:cvr..................:
dmi.product.name: S2600WFT
dmi.product.version: ....................
dmi.sys.vendor: Intel Corporation
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1809704/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
