[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux-lts-utopic - 3.16.0-69.89~14.04.1 --- linux-lts-utopic (3.16.0-69.89~14.04.1) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558760 [ Upstream Kernel Changes ] * Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code"" linux-lts-utopic (3.16.0-68.88~14.04.1) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558092 [ Upstream Kernel Changes ] * Revert "ALSA: hda - Fix noise on Gigabyte Z170X mobo" - LP: #1552180 * Revert "af_unix: Revert 'lock_interruptible' in stream receive code" - LP: #1540731 * [media] usbvision fix overflow of interfaces array - LP: #1552180 * [media] usbvision: fix leak of usb_dev on failure paths in usbvision_probe() - LP: #1552180 * [media] usbvision: fix crash on detecting device with invalid configuration - LP: #1552180 * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) - LP: #1552180 * USB: serial: visor: fix crash on detecting device without write_urbs - LP: #1552180 * ASN.1: Fix non-match detection failure on data overrun - LP: #1552180 * iw_cxgb3: Fix incorrectly returning error on success - LP: #1552180 * EVM: Use crypto_memneq() for digest comparisons - LP: #1552180 * iio: adis_buffer: Fix out-of-bounds memory access - LP: #1552180 * KVM: PPC: Fix emulation of H_SET_DABR/X on POWER8 - LP: #1552180 * x86/irq: Call chip->irq_set_affinity in proper context - LP: #1552180 * ACPI / PCI / hotplug: unlock in error path in acpiphp_enable_slot() - LP: #1552180 * usb: cdc-acm: handle unlinked urb in acm read callback - LP: #1552180 * usb: cdc-acm: send zero packet for intel 7260 modem - LP: #1552180 * cdc-acm:exclude Samsung phone 04e8:685d - LP: #1552180 * usb: hub: do not clear BOS field during reset device - LP: #1552180 * USB: cp210x: add ID for IAI USB to RS485 adaptor - LP: #1552180 * USB: visor: fix null-deref at probe - LP: #1552180 * USB: serial: option: Adding support for Telit LE922 - LP: #1552180 * ALSA: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup() - LP: #1552180 * ALSA: seq: Degrade the error message for too many opens - LP: #1552180 * USB: serial: ftdi_sio: add support for Yaesu SCU-18 cable - LP: #1552180 * USB: option: fix Cinterion AHxx enumeration - LP: #1552180 * ALSA: compress: Disable GET_CODEC_CAPS ioctl for some architectures - LP: #1552180 * ALSA: usb-audio: Fix TEAC UD-501/UD-503/NT-503 usb delay - LP: #1552180 * virtio_pci: fix use after free on release - LP: #1552180 * ALSA: bebob: Use a signed return type for get_formation_index - LP: #1552180 * arm64: errata: Add -mpc-relative-literal-loads to build flags - LP: #1533009, #1552180 * powerpc/eeh: Fix PE location code - LP: #1552180 * SCSI: fix crashes in sd and sr runtime PM - LP: #1552180 * n_tty: Fix unsafe reference to "other" ldisc - LP: #1552180 * staging/speakup: Use tty_ldisc_ref() for paste kworker - LP: #1552180 * ALSA: dummy: Disable switching timer backend via sysfs - LP: #1552180 * drm/vmwgfx: respect 'nomodeset' - LP: #1552180 * x86/mm/pat: Avoid truncation when converting cpa->numpages to address - LP: #1552180 * perf annotate browser: Fix behaviour of Shift-Tab with nothing focussed - LP: #1552180 * perf hists: Fix HISTC_MEM_DCACHELINE width setting - LP: #1552180 * powerpc/perf: Remove PPMU_HAS_SSLOT flag for Power8 - LP: #1552180 * umount: Do not allow unmounting rootfs. - LP: #1552180 * crypto: algif_skcipher - Require setkey before accept(2) - LP: #1552180 * crypto: algif_skcipher - Add nokey compatibility path - LP: #1552180 * crypto: algif_hash - Require setkey before accept(2) - LP: #1552180 * crypto: skcipher - Add crypto_skcipher_has_setkey - LP: #1552180 * crypto: algif_skcipher - Add key check exception for cipher_null - LP: #1552180 * crypto: algif_hash - Remove custom release parent function - LP: #1552180 * crypto: algif_skcipher - Remove custom release parent function - LP: #1552180 * crypto: algif_hash - Fix race condition in hash_check_key - LP: #1552180 * crypto: algif_skcipher - Fix race condition in skcipher_check_key - LP: #1552180 * iio: add HAS_IOMEM dependency to VF610_ADC - LP: #1552180 * iio: dac: mcp4725: set iio name property in sysfs - LP: #1552180 * ASoC: rt5645: fix the shift bit of IN1 boost - LP: #1552180 * cgroup: make sure a parent css isn't offlined before its children - LP: #1552180 * PCI/AER: Flush workqueue on device remove to avoid use-after-free - LP: #1552180 * libata: disable forced PORTS_IMPL for >= AHCI 1.3 - LP: #1552180 * mac80211: Requeue work after scan complete for all VIF types. - LP: #1552180 * rfkill: fix rfkill_fop_read wait_event
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux-lts-utopic - 3.16.0-69.89~14.04.1 --- linux-lts-utopic (3.16.0-69.89~14.04.1) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558760 [ Upstream Kernel Changes ] * Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code"" linux-lts-utopic (3.16.0-68.88~14.04.1) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558092 [ Upstream Kernel Changes ] * Revert "ALSA: hda - Fix noise on Gigabyte Z170X mobo" - LP: #1552180 * Revert "af_unix: Revert 'lock_interruptible' in stream receive code" - LP: #1540731 * [media] usbvision fix overflow of interfaces array - LP: #1552180 * [media] usbvision: fix leak of usb_dev on failure paths in usbvision_probe() - LP: #1552180 * [media] usbvision: fix crash on detecting device with invalid configuration - LP: #1552180 * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) - LP: #1552180 * USB: serial: visor: fix crash on detecting device without write_urbs - LP: #1552180 * ASN.1: Fix non-match detection failure on data overrun - LP: #1552180 * iw_cxgb3: Fix incorrectly returning error on success - LP: #1552180 * EVM: Use crypto_memneq() for digest comparisons - LP: #1552180 * iio: adis_buffer: Fix out-of-bounds memory access - LP: #1552180 * KVM: PPC: Fix emulation of H_SET_DABR/X on POWER8 - LP: #1552180 * x86/irq: Call chip->irq_set_affinity in proper context - LP: #1552180 * ACPI / PCI / hotplug: unlock in error path in acpiphp_enable_slot() - LP: #1552180 * usb: cdc-acm: handle unlinked urb in acm read callback - LP: #1552180 * usb: cdc-acm: send zero packet for intel 7260 modem - LP: #1552180 * cdc-acm:exclude Samsung phone 04e8:685d - LP: #1552180 * usb: hub: do not clear BOS field during reset device - LP: #1552180 * USB: cp210x: add ID for IAI USB to RS485 adaptor - LP: #1552180 * USB: visor: fix null-deref at probe - LP: #1552180 * USB: serial: option: Adding support for Telit LE922 - LP: #1552180 * ALSA: seq: Fix incorrect sanity check at snd_seq_oss_synth_cleanup() - LP: #1552180 * ALSA: seq: Degrade the error message for too many opens - LP: #1552180 * USB: serial: ftdi_sio: add support for Yaesu SCU-18 cable - LP: #1552180 * USB: option: fix Cinterion AHxx enumeration - LP: #1552180 * ALSA: compress: Disable GET_CODEC_CAPS ioctl for some architectures - LP: #1552180 * ALSA: usb-audio: Fix TEAC UD-501/UD-503/NT-503 usb delay - LP: #1552180 * virtio_pci: fix use after free on release - LP: #1552180 * ALSA: bebob: Use a signed return type for get_formation_index - LP: #1552180 * arm64: errata: Add -mpc-relative-literal-loads to build flags - LP: #1533009, #1552180 * powerpc/eeh: Fix PE location code - LP: #1552180 * SCSI: fix crashes in sd and sr runtime PM - LP: #1552180 * n_tty: Fix unsafe reference to "other" ldisc - LP: #1552180 * staging/speakup: Use tty_ldisc_ref() for paste kworker - LP: #1552180 * ALSA: dummy: Disable switching timer backend via sysfs - LP: #1552180 * drm/vmwgfx: respect 'nomodeset' - LP: #1552180 * x86/mm/pat: Avoid truncation when converting cpa->numpages to address - LP: #1552180 * perf annotate browser: Fix behaviour of Shift-Tab with nothing focussed - LP: #1552180 * perf hists: Fix HISTC_MEM_DCACHELINE width setting - LP: #1552180 * powerpc/perf: Remove PPMU_HAS_SSLOT flag for Power8 - LP: #1552180 * umount: Do not allow unmounting rootfs. - LP: #1552180 * crypto: algif_skcipher - Require setkey before accept(2) - LP: #1552180 * crypto: algif_skcipher - Add nokey compatibility path - LP: #1552180 * crypto: algif_hash - Require setkey before accept(2) - LP: #1552180 * crypto: skcipher - Add crypto_skcipher_has_setkey - LP: #1552180 * crypto: algif_skcipher - Add key check exception for cipher_null - LP: #1552180 * crypto: algif_hash - Remove custom release parent function - LP: #1552180 * crypto: algif_skcipher - Remove custom release parent function - LP: #1552180 * crypto: algif_hash - Fix race condition in hash_check_key - LP: #1552180 * crypto: algif_skcipher - Fix race condition in skcipher_check_key - LP: #1552180 * iio: add HAS_IOMEM dependency to VF610_ADC - LP: #1552180 * iio: dac: mcp4725: set iio name property in sysfs - LP: #1552180 * ASoC: rt5645: fix the shift bit of IN1 boost - LP: #1552180 * cgroup: make sure a parent css isn't offlined before its children - LP: #1552180 * PCI/AER: Flush workqueue on device remove to avoid use-after-free - LP: #1552180 * libata: disable forced PORTS_IMPL for >= AHCI 1.3 - LP: #1552180 * mac80211: Requeue work after scan complete for all VIF types. - LP: #1552180 * rfkill: fix rfkill_fop_read wait_event
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux - 3.13.0-85.129 --- linux (3.13.0-85.129) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558727 [ Upstream Kernel Changes ] * Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code"" linux (3.13.0-84.128) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1557596 [ Upstream Kernel Changes ] * Revert "af_unix: Revert 'lock_interruptible' in stream receive code" - LP: #1540731 * seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO - LP: #1496073 * net/mlx4_en: Remove dependency between timestamping capability and service_task - LP: #1537859 * net/mlx4_en: Fix HW timestamp init issue upon system startup - LP: #1537859 * x86/mm: Fix slow_virt_to_phys() for X86_PAE again - LP: #1549601 * iw_cxgb3: Fix incorrectly returning error on success - LP: #1557191 * EVM: Use crypto_memneq() for digest comparisons - LP: #1557191 * x86/entry/compat: Add missing CLAC to entry_INT80_32 - LP: #1557191 * iio: dac: mcp4725: set iio name property in sysfs - LP: #1557191 * iommu/vt-d: Fix 64-bit accesses to 32-bit DMAR_GSTS_REG - LP: #1557191 * PCI/AER: Flush workqueue on device remove to avoid use-after-free - LP: #1557191 * libata: disable forced PORTS_IMPL for >= AHCI 1.3 - LP: #1557191 * mac80211: start_next_roc only if scan was actually running - LP: #1557191 * mac80211: Requeue work after scan complete for all VIF types. - LP: #1557191 * rfkill: fix rfkill_fop_read wait_event usage - LP: #1557191 * crypto: shash - Fix has_key setting - LP: #1557191 * drm/i915/dp: fall back to 18 bpp when sink capability is unknown - LP: #1557191 * target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors - LP: #1557191 * crypto: algif_hash - wait for crypto_ahash_init() to complete - LP: #1557191 * iio: inkern: fix a NULL dereference on error - LP: #1557191 * intel_scu_ipcutil: underflow in scu_reg_access() - LP: #1557191 * ALSA: seq: Fix race at closing in virmidi driver - LP: #1557191 * ALSA: rawmidi: Remove kernel WARNING for NULL user-space buffer check - LP: #1557191 * ALSA: pcm: Fix potential deadlock in OSS emulation - LP: #1557191 * ALSA: seq: Fix yet another races among ALSA timer accesses - LP: #1557191 * ALSA: timer: Fix link corruption due to double start or stop - LP: #1557191 * libata: fix sff host state machine locking while polling - LP: #1557191 * cputime: Prevent 32bit overflow in time[val|spec]_to_cputime() - LP: #1557191 * ASoC: dpcm: fix the BE state on hw_free - LP: #1557191 * module: wrapper for symbol name. - LP: #1557191 * ALSA: hda - Add fixup for Mac Mini 7,1 model - LP: #1557191 * ALSA: Move EXPORT_SYMBOL() in appropriate places - LP: #1557191 * ALSA: rawmidi: Make snd_rawmidi_transmit() race-free - LP: #1557191 * ALSA: rawmidi: Fix race at copying & updating the position - LP: #1557191 * ALSA: seq: Fix lockdep warnings due to double mutex locks - LP: #1557191 * drivers/scsi/sg.c: mark VMA as VM_IO to prevent migration - LP: #1557191 * radix-tree: fix race in gang lookup - LP: #1557191 * usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Broxton-M platforms - LP: #1557191 * xhci: Fix list corruption in urb dequeue at host removal - LP: #1557191 * target: Fix Task Aborted Status (TAS) handling - LP: #1557191 * target: Add TFO->abort_task for aborted task resources release - LP: #1557191 * target: Fix LUN_RESET active TMR descriptor handling - LP: #1557191 * target: Fix LUN_RESET active I/O handling for ACK_KREF - LP: #1557191 * target: Fix TAS handling for multi-session se_node_acls - LP: #1557191 * target: Fix remote-port TMR ABORT + se_cmd fabric stop - LP: #1557191 * target: Fix race with SCF_SEND_DELAYED_TAS handling - LP: #1557191 * [media] tda1004x: only update the frontend properties if locked - LP: #1557191 * ALSA: timer: Fix leftover link at closing - LP: #1557191 * [media] saa7134-alsa: Only frees registered sound cards - LP: #1557191 * Btrfs: fix hang on extent buffer lock caused by the inode_paths ioctl - LP: #1557191 * scsi_dh_rdac: always retry MODE SELECT on command lock violation - LP: #1557191 * SCSI: Add Marvell Console to VPD blacklist - LP: #1557191 * drm: Add drm_fixp_from_fraction and drm_fixp2int_ceil - LP: #1557191 * ALSA: hda - Fix static checker warning in patch_hdmi.c - LP: #1557191 * dump_stack: avoid potential deadlocks - LP: #1557191 * mm, vmstat: fix wrong WQ sleep when memory reclaim doesn't make any progress - LP: #1557191 * ocfs2/dlm: clear refmap bit of recovery lock while doing local recovery cleanup - LP: #1557191 * mm: replace vma_lock_anon_vma with anon_vma_lock_read/write - LP:
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux - 3.13.0-85.129 --- linux (3.13.0-85.129) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1558727 [ Upstream Kernel Changes ] * Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code"" linux (3.13.0-84.128) trusty; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1557596 [ Upstream Kernel Changes ] * Revert "af_unix: Revert 'lock_interruptible' in stream receive code" - LP: #1540731 * seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO - LP: #1496073 * net/mlx4_en: Remove dependency between timestamping capability and service_task - LP: #1537859 * net/mlx4_en: Fix HW timestamp init issue upon system startup - LP: #1537859 * x86/mm: Fix slow_virt_to_phys() for X86_PAE again - LP: #1549601 * iw_cxgb3: Fix incorrectly returning error on success - LP: #1557191 * EVM: Use crypto_memneq() for digest comparisons - LP: #1557191 * x86/entry/compat: Add missing CLAC to entry_INT80_32 - LP: #1557191 * iio: dac: mcp4725: set iio name property in sysfs - LP: #1557191 * iommu/vt-d: Fix 64-bit accesses to 32-bit DMAR_GSTS_REG - LP: #1557191 * PCI/AER: Flush workqueue on device remove to avoid use-after-free - LP: #1557191 * libata: disable forced PORTS_IMPL for >= AHCI 1.3 - LP: #1557191 * mac80211: start_next_roc only if scan was actually running - LP: #1557191 * mac80211: Requeue work after scan complete for all VIF types. - LP: #1557191 * rfkill: fix rfkill_fop_read wait_event usage - LP: #1557191 * crypto: shash - Fix has_key setting - LP: #1557191 * drm/i915/dp: fall back to 18 bpp when sink capability is unknown - LP: #1557191 * target: Fix WRITE_SAME/DISCARD conversion to linux 512b sectors - LP: #1557191 * crypto: algif_hash - wait for crypto_ahash_init() to complete - LP: #1557191 * iio: inkern: fix a NULL dereference on error - LP: #1557191 * intel_scu_ipcutil: underflow in scu_reg_access() - LP: #1557191 * ALSA: seq: Fix race at closing in virmidi driver - LP: #1557191 * ALSA: rawmidi: Remove kernel WARNING for NULL user-space buffer check - LP: #1557191 * ALSA: pcm: Fix potential deadlock in OSS emulation - LP: #1557191 * ALSA: seq: Fix yet another races among ALSA timer accesses - LP: #1557191 * ALSA: timer: Fix link corruption due to double start or stop - LP: #1557191 * libata: fix sff host state machine locking while polling - LP: #1557191 * cputime: Prevent 32bit overflow in time[val|spec]_to_cputime() - LP: #1557191 * ASoC: dpcm: fix the BE state on hw_free - LP: #1557191 * module: wrapper for symbol name. - LP: #1557191 * ALSA: hda - Add fixup for Mac Mini 7,1 model - LP: #1557191 * ALSA: Move EXPORT_SYMBOL() in appropriate places - LP: #1557191 * ALSA: rawmidi: Make snd_rawmidi_transmit() race-free - LP: #1557191 * ALSA: rawmidi: Fix race at copying & updating the position - LP: #1557191 * ALSA: seq: Fix lockdep warnings due to double mutex locks - LP: #1557191 * drivers/scsi/sg.c: mark VMA as VM_IO to prevent migration - LP: #1557191 * radix-tree: fix race in gang lookup - LP: #1557191 * usb: xhci: apply XHCI_PME_STUCK_QUIRK to Intel Broxton-M platforms - LP: #1557191 * xhci: Fix list corruption in urb dequeue at host removal - LP: #1557191 * target: Fix Task Aborted Status (TAS) handling - LP: #1557191 * target: Add TFO->abort_task for aborted task resources release - LP: #1557191 * target: Fix LUN_RESET active TMR descriptor handling - LP: #1557191 * target: Fix LUN_RESET active I/O handling for ACK_KREF - LP: #1557191 * target: Fix TAS handling for multi-session se_node_acls - LP: #1557191 * target: Fix remote-port TMR ABORT + se_cmd fabric stop - LP: #1557191 * target: Fix race with SCF_SEND_DELAYED_TAS handling - LP: #1557191 * [media] tda1004x: only update the frontend properties if locked - LP: #1557191 * ALSA: timer: Fix leftover link at closing - LP: #1557191 * [media] saa7134-alsa: Only frees registered sound cards - LP: #1557191 * Btrfs: fix hang on extent buffer lock caused by the inode_paths ioctl - LP: #1557191 * scsi_dh_rdac: always retry MODE SELECT on command lock violation - LP: #1557191 * SCSI: Add Marvell Console to VPD blacklist - LP: #1557191 * drm: Add drm_fixp_from_fraction and drm_fixp2int_ceil - LP: #1557191 * ALSA: hda - Fix static checker warning in patch_hdmi.c - LP: #1557191 * dump_stack: avoid potential deadlocks - LP: #1557191 * mm, vmstat: fix wrong WQ sleep when memory reclaim doesn't make any progress - LP: #1557191 * ocfs2/dlm: clear refmap bit of recovery lock while doing local recovery cleanup - LP: #1557191 * mm: replace vma_lock_anon_vma with anon_vma_lock_read/write - LP:
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: New Status in linux source package in Trusty: Fix Committed Status in linux-lts-utopic source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Released Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-lts-utopic in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: New Status in linux source package in Trusty: Fix Committed Status in linux-lts-utopic source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Released Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Changed in: linux-lts-utopic (Ubuntu Trusty) Status: New => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-lts-utopic in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: New Status in linux source package in Trusty: Fix Committed Status in linux-lts-utopic source package in Trusty: Fix Committed Status in linux source package in Vivid: Fix Released Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Changed in: linux (Ubuntu Trusty) Status: New => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-lts-utopic in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: New Status in linux source package in Trusty: Fix Committed Status in linux-lts-utopic source package in Trusty: New Status in linux source package in Vivid: Fix Released Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: linux-lts-utopic (Ubuntu) Importance: Undecided Status: New ** No longer affects: linux-lts-utopic (Ubuntu Vivid) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux-lts-utopic package in Ubuntu: New Status in linux source package in Trusty: New Status in linux-lts-utopic source package in Trusty: New Status in linux source package in Vivid: Fix Released Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug was fixed in the package linux - 3.19.0-31.36 --- linux (3.19.0-31.36) vivid; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1503703 [ Andy Whitcroft ] * Revert "SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync()" - LP: #1503655 [ Ben Hutchings ] * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync() - LP: #1503655 - CVE-2015-7312 linux (3.19.0-31.35) vivid; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1503005 [ Ben Hutchings ] * SAUCE: aufs3: mmap: Fix races in madvise_remove() and sys_msync() - CVE-2015-7312 [ Craig Magina ] * [Config] Add XGENE_EDAC, EDAC_SUPPORT and EDAC_ATOMIC_SCRUB - LP: #1494357 [ John Johansen ] * SAUCE: (no-up) apparmor: fix mount not handling disconnected paths - LP: #1496430 [ Laurent Dufour ] * SAUCE: powerpc/hvsi: Fix endianness issues in the HVSI driver - LP: #1499357 [ Tim Gardner ] * [Config] CONFIG_RTC_DRV_XGENE=y for only arm64 - LP: #1499869 [ Upstream Kernel Changes ] * Revert "sit: Add gro callbacks to sit_offload" - LP: #1500493 * ipmi/powernv: Fix minor locking bug - LP: #1493017 * mmc: sdhci-pci: set the clear transfer mode register quirk for O2Micro - LP: #1472843 * perf probe ppc: Fix symbol fixup issues due to ELF type - LP: #1485528 * perf probe ppc: Use the right prefix when ignoring SyS symbols on ppc - LP: #1485528 * perf probe ppc: Enable matching against dot symbols automatically - LP: #1485528 * perf probe ppc64le: Fix ppc64 ABIv2 symbol decoding - LP: #1485528 * perf probe ppc64le: Prefer symbol table lookup over DWARF - LP: #1485528 * perf probe ppc64le: Fixup function entry if using kallsyms lookup - LP: #1485528 * perf probe: Improve detection of file/function name in the probe pattern - LP: #1485528 * perf probe: Ignore tail calls to probed functions - LP: #1485528 * seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO - LP: #1496073 * EDAC: Cleanup atomic_scrub mess - LP: #1494357 * arm64: Enable EDAC on ARM64 - LP: #1494357 * MAINTAINERS: Add entry for APM X-Gene SoC EDAC driver - LP: #1494357 * Documentation: Add documentation for the APM X-Gene SoC EDAC DTS binding - LP: #1494357 * EDAC: Add APM X-Gene SoC EDAC driver - LP: #1494357 * arm64: Add APM X-Gene SoC EDAC DTS entries - LP: #1494357 * EDAC, edac_stub: Drop arch-specific include - LP: #1494357 * NVMe: Fix blk-mq hot cpu notification - LP: #1498778 * blk-mq: Shared tag enhancements - LP: #1498778 * blk-mq: avoid access hctx->tags->cpumask before allocation - LP: #1498778 * x86/ldt: Make modify_ldt synchronous - LP: #1500493 * x86/ldt: Correct LDT access in single stepping logic - LP: #1500493 * x86/ldt: Correct FPU emulation access to LDT - LP: #1500493 * md: flush ->event_work before stopping array. - LP: #1500493 * ipv6: addrconf: validate new MTU before applying it - LP: #1500493 * virtio-net: drop NETIF_F_FRAGLIST - LP: #1500493 * RDS: verify the underlying transport exists before creating a connection - LP: #1500493 * xen/gntdev: convert priv->lock to a mutex - LP: #1500493 * xen/gntdevt: Fix race condition in gntdev_release() - LP: #1500493 * PCI: Restore PCI_MSIX_FLAGS_BIRMASK definition - LP: #1500493 * USB: qcserial/option: make AT URCs work for Sierra Wireless MC7305/MC7355 - LP: #1500493 * USB: qcserial: Add support for Dell Wireless 5809e 4G Modem - LP: #1500493 * nfsd: Drop BUG_ON and ignore SECLABEL on absent filesystem - LP: #1500493 * usb: chipidea: ehci_init_driver is intended to call one time - LP: #1500493 * crypto: qat - Fix invalid synchronization between register/unregister sym algs - LP: #1500493 * crypto: ixp4xx - Remove bogus BUG_ON on scattered dst buffer - LP: #1500493 * mfd: arizona: Fix initialisation of the PM runtime - LP: #1500493 * xen-blkfront: don't add indirect pages to list when !feature_persistent - LP: #1500493 * xen-blkback: replace work_pending with work_busy in purge_persistent_gnt() - LP: #1500493 * usb: gadget: f_uac2: fix calculation of uac2->p_interval - LP: #1500493 * hwrng: core - correct error check of kthread_run call - LP: #1500493 * USB: sierra: add 1199:68AB device ID - LP: #1500493 * regmap: regcache-rbtree: Clean new present bits on present bitmap resize - LP: #1500493 * target/iscsi: Fix double free of a TUR followed by a solicited NOPOUT - LP: #1500493 * rbd: fix copyup completion race - LP: #1500493 * md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies - LP: #1500493 * target: REPORT LUNS should return LUN 0 even for dynamic ACLs - LP: #1500493 * MIPS: Fix sched_getaffinity with MT FPAFF enabled - LP:
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Tags removed: verification-needed-vivid ** Tags added: verification-done-vivid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux source package in Vivid: Fix Committed Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- vivid' to 'verification-done-vivid'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-vivid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux source package in Vivid: Fix Committed Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Branch linked: lp:ubuntu/trusty-proposed/linux-lts-vivid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux source package in Vivid: Fix Committed Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Also affects: linux (Ubuntu Vivid) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Vivid) Status: New => Fix Committed ** Changed in: linux (Ubuntu) Status: Fix Committed => Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Invalid Status in linux source package in Vivid: Fix Committed Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1496073] Re: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO
** Changed in: linux (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1496073 Title: Request cherry-pick of upstream kernel patch which caps SECCOMP_RET_ERRNO to MAX_ERRNO Status in linux package in Ubuntu: Fix Committed Bug description: The seccomp regression tests are failing due to SRU kernels not having the relevant commit: Author: Kees CookDate: Tue Feb 17 13:48:00 2015 -0800 seccomp: cap SECCOMP_RET_ERRNO data to MAX_ERRNO The value resulting from the SECCOMP_RET_DATA mask could exceed MAX_ERRNO when setting errno during a SECCOMP_RET_ERRNO filter action. This makes sure we have a reliable value being set, so that an invalid errno will not be ignored by userspace. Signed-off-by: Kees Cook Reported-by: Dmitry V. Levin Cc: Andy Lutomirski Cc: Will Drewry Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds SRU Justification Impact: Upstream regression tests are reporting errors. Test Case: Run the upstream regression tests and verify they are passing cleanly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1496073/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp