Package "linux"

  linux (4.15.0-160.168) bionic; urgency=medium

  * bionic/linux: 4.15.0-160.168 -proposed tracker (LP: #1944933)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.27)

  * ext4 journal recovery fails w/ data=journal + mmap (LP: #1847340)
    - jbd2: introduce/export functions
      jbd2_journal_submit|finish_inode_data_buffers()
    - jbd2, ext4, ocfs2: introduce/use journal callbacks
      j_submit|finish_inode_data_buffers()
    - ext4: data=journal: fixes for ext4_page_mkwrite()
    - ext4: data=journal: write-protect pages on j_submit_inode_data_buffers()
    - ext4: fix mmap write protection for data=journal mode

  * CVE-2021-40490
    - ext4: fix race writing to an inline_data file while its xattrs are changing

  * Bionic update: upstream stable patchset 2021-09-22 (LP: #1944600)
    - iio: humidity: hdc100x: Add margin to the conversion time
    - iio: adc: Fix incorrect exit of for-loop
    - ASoC: intel: atom: Fix reference to PCM buffer address
    - i2c: dev: zero out array used for i2c reads from userspace
    - ACPI: NFIT: Fix support for virtual SPA ranges
    - ASoC: cs42l42: Correct definition of ADC Volume control
    - ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
    - ASoC: cs42l42: Fix inversion of ADC Notch Switch control
    - ASoC: cs42l42: Remove duplicate control for WNF filter frequency
    - net: dsa: mt7530: add the missing RxUnicast MIB counter
    - ppp: Fix generating ifname when empty IFLA_IFNAME is specified
    - psample: Add a fwd declaration for skbuff
    - net: Fix memory leak in ieee802154_raw_deliver
    - net: bridge: fix memleak in br_add_if()
    - tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B
      packets
    - xen/events: Fix race in set_evtchn_to_irq
    - vsock/virtio: avoid potential deadlock when vsock device remove
    - powerpc/kprobes: Fix kprobe Oops happens in booke
    - x86/tools: Fix objdump version check again
    - x86/resctrl: Fix default monitoring groups reporting
    - PCI/MSI: Enable and mask MSI-X early
    - PCI/MSI: Do not set invalid bits in MSI mask
    - PCI/MSI: Correct misleading comments
    - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
    - PCI/MSI: Protect msi_desc::masked for multi-MSI
    - PCI/MSI: Mask all unused MSI-X entries
    - PCI/MSI: Enforce that MSI-X table entry is masked for update
    - PCI/MSI: Enforce MSI[X] entry updates to be visible
    - vmlinux.lds.h: Handle clang's module.{c,d}tor sections
    - mac80211: drop data frames without key on encrypted links
    - x86/fpu: Make init_fpstate correct with optimized XSAVE
    - ath: Use safer key clearing with key cache entries
    - ath9k: Clear key cache explicitly on disabling hardware
    - ath: Export ath_hw_keysetmac()
    - ath: Modify ath_key_delete() to not need full key entry
    - ath9k: Postpone key cache entry deletion for TXQ frames reference it
    - dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe()
    - ARM: dts: am43x-epos-evm: Reduce i2c0 bus speed for tps65218
    - dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not
      yet available
    - scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
    - scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach()
    - scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
    - ARM: dts: nomadik: Fix up interrupt controller node names
    - net: usb: lan78xx: don't modify phy_device state concurrently
    - Bluetooth: hidp: use correct wait queue when removing ctrl_wait
    - dccp: add do-while-0 stubs for dccp_pr_debug macros
    - vhost: Fix the calculation in vhost_overflow()
    - bnxt: don't lock the tx queue from napi poll
    - net: 6pack: fix slab-out-of-bounds in decode_data
    - ptp_pch: Restore dependency on PCI
    - net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32
    - net: mdio-mux: Don't ignore memory allocation errors
    - net: mdio-mux: Handle -EPROBE_DEFER correctly
    - mmc: dw_mmc: Fix hang on data CRC error
    - ALSA: hda - fix the 'Capture Switch' value change notifications
    - ipack: tpci200: fix many double free issues in tpci200_pci_probe
    - btrfs: prevent rename2 from exchanging a subvol with a directory from
      different parents
    - ASoC: intel: atom: Fix breakage for PCM buffer address setup
    - locks: print a warning when mount fails due to lack of "mand" support
    - fs: warn about impending deprecation of mandatory locks
    - netfilter: nft_exthdr: fix endianness of tcp option cast
    - KVM: X86: MMU: Use the correct inherited permissions to get shadow page
    - ASoC: cs42l42: Fix LRCLK frame start edge
    - net: igmp: fix data-race in igmp_ifc_timer_expire()
    - net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
    - genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
    - x86/msi: Force affinity setup before startup
    - x86/ioapic: Force affinity setup before startup
    - genirq/msi: Ensure deactivation on teardown

 -- Stefan Bader <email address hidden> Fri, 24 Sep 2021 14:37:18 +0200

  linux (4.15.0-159.167) bionic; urgency=medium

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)

  * dell300x: rsi wifi and bluetooth crash after suspend and resume
    (LP: #1940488)
    - Revert "rsi: Use resume_noirq for SDIO"

  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Packaging] switch to kernel-versions

  * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
    (LP: #1932966)
    - kvm: Add emulation for movups/movupd

  * memory leaking when removing a profile (LP: #1939915)
    - security/apparmor/label.c: Clean code by removing redundant instructions
    - apparmor: Fix memory leak of profile proxy

  * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
    dump_page() (LP: #1941829)
    - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
      hot-remove error test

  * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
    - btrfs: mark compressed range uptodate only if all bio succeed
    - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
    - r8152: Fix potential PM refcount imbalance
    - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
    - net: Fix zero-copy head len calculation.
    - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
      cancelled"
    - KVM: do not allow mapping valid but non-reference-counted pages
    - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
    - spi: mediatek: Fix fifo transfer
    - padata: validate cpumask without removed CPU during offline
    - Revert "ACPICA: Fix memory leak caused by _CID repair function"
    - ALSA: seq: Fix racy deletion of subscriber
    - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
    - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
      regulator
    - scsi: sr: Return correct event when media event code is 3
    - media: videobuf2-core: dequeue if start_streaming fails
    - net: natsemi: Fix missing pci_disable_device() in probe and remove
    - nfp: update ethtool reporting of pauseframe control
    - mips: Fix non-POSIX regexp
    - bnx2x: fix an error code in bnx2x_nic_load()
    - net: pegasus: fix uninit-value in get_interrupt_interval
    - net: fec: fix use-after-free in fec_drv_remove
    - net: vxge: fix use-after-free in vxge_device_unregister
    - Bluetooth: defer cleanup of resources in hci_unregister_dev()
    - USB: usbtmc: Fix RCU stall warning
    - USB: serial: option: add Telit FD980 composition 0x1056
    - USB: serial: ch341: fix character loss at high transfer rates
    - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
    - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
    - usb: gadget: f_hid: fixed NULL pointer dereference
    - usb: gadget: f_hid: idle uses the highest byte for duration
    - usb: otg-fsm: Fix hrtimer list corruption
    - scripts/tracing: fix the bug that can't parse raw_trace_func
    - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
    - media: rtl28xxu: fix zero-length control request
    - pipe: increase minimum default pipe size to 2 pages
    - ext4: fix potential htree corruption when growing large_dir directories
    - serial: 8250: Mask out floating 16/32-bit bus bits
    - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
    - pcmcia: i82092: fix a null pointer dereference bug
    - spi: meson-spicc: fix memory leak in meson_spicc_remove
    - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
    - qmi_wwan: add network device usage statistics for qmimux devices
    - libata: fix ata_pio_sector for CONFIG_HIGHMEM
    - reiserfs: add check for root_inode in reiserfs_fill_super
    - reiserfs: check directory items on read from disk
    - alpha: Send stop IPI to send to online CPUs
    - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
      ql_adapter_reset
    - USB:ehci:fix Kunpeng920 ehci hardware problem
    - ppp: Fix generating ppp unit id when ifname is not specified
    - ovl: prevent private clone if bind mount is not allowed
    - net: xilinx_emaclite: Do not print real IOMEM pointer
    - KVM: x86: accept userspace interrupt only if no event is injected
    - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds

  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
    - KVM: x86: determine if an exception has an error code only when injecting
      it.
    - net: split out functions related to registering inflight socket files
    - [Config] updateconfigs for UNIX_SCM
    - af_unix: fix garbage collect vs MSG_PEEK
    - net/802/mrp: fix memleak in mrp_request_join()
    - net/802/garp: fix memleak in garp_request_join()
    - net: annotate data race around sk_ll_usec
    - sctp: move 198 addresses from unusable to private scope
    - hfs: add missing clean-up in hfs_fill_super
    - hfs: fix high memory mapping in hfs_bnode_read
    - hfs: add lock nesting notation to hfs_find_init
    - ARM: dts: versatile: Fix up interrupt controller node names
    - virtio_net: Do not pull payload in skb->head
    - gro: ensure frag0 meets IP header alignment
    - x86/kvm: fix vcpu-id indexed array sizes
    - ocfs2: fix zero out valid data
    - ocfs2: issue zeroout to EOF blocks
    - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
    - can: mcba_usb_start(): add missing urb->transfer_dma initialization
    - can: usb_8dev: fix memory leak
    - can: ems_usb: fix memory leak
    - can: esd_usb2: fix memory leak
    - NIU: fix incorrect error return, missed in previous revert
    - nfc: nfcsim: fix use after free during module unload
    - x86/asm: Ensure asm/proto.h can be included stand-alone
    - cfg80211: Fix possible memory leak in function cfg80211_bss

  linux (4.15.0-157.164) bionic; urgency=medium

  * bionic/linux: 4.15.0-157.164 -proposed tracker (LP: #1942588)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.06)

  * dell300x: rsi wifi and bluetooth crash after suspend and resume
    (LP: #1940488)
    - Revert "rsi: Use resume_noirq for SDIO"

  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Packaging] switch to kernel-versions

  * kvm_unit_tests: emulator test fails on 4.4 / 4.15 kernel, timeout
    (LP: #1932966)
    - kvm: Add emulation for movups/movupd

  * memory leaking when removing a profile (LP: #1939915)
    - security/apparmor/label.c: Clean code by removing redundant instructions
    - apparmor: Fix memory leak of profile proxy

  * ubunut_kernel_selftests: memory-hotplug: avoid spamming logs with
    dump_page() (LP: #1941829)
    - selftests: memory-hotplug: avoid spamming logs with dump_page(), ratio limit
      hot-remove error test

  * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916)
    - btrfs: mark compressed range uptodate only if all bio succeed
    - regulator: rt5033: Fix n_voltages settings for BUCK and LDO
    - r8152: Fix potential PM refcount imbalance
    - qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union()
    - net: Fix zero-copy head len calculation.
    - Revert "Bluetooth: Shutdown controller after workqueues are flushed or
      cancelled"
    - KVM: do not allow mapping valid but non-reference-counted pages
    - Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout"
    - spi: mediatek: Fix fifo transfer
    - padata: validate cpumask without removed CPU during offline
    - Revert "ACPICA: Fix memory leak caused by _CID repair function"
    - ALSA: seq: Fix racy deletion of subscriber
    - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs
    - omap5-board-common: remove not physically existing vdds_1v8_main fixed-
      regulator
    - scsi: sr: Return correct event when media event code is 3
    - media: videobuf2-core: dequeue if start_streaming fails
    - net: natsemi: Fix missing pci_disable_device() in probe and remove
    - nfp: update ethtool reporting of pauseframe control
    - mips: Fix non-POSIX regexp
    - bnx2x: fix an error code in bnx2x_nic_load()
    - net: pegasus: fix uninit-value in get_interrupt_interval
    - net: fec: fix use-after-free in fec_drv_remove
    - net: vxge: fix use-after-free in vxge_device_unregister
    - Bluetooth: defer cleanup of resources in hci_unregister_dev()
    - USB: usbtmc: Fix RCU stall warning
    - USB: serial: option: add Telit FD980 composition 0x1056
    - USB: serial: ch341: fix character loss at high transfer rates
    - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2
    - usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers
    - usb: gadget: f_hid: fixed NULL pointer dereference
    - usb: gadget: f_hid: idle uses the highest byte for duration
    - usb: otg-fsm: Fix hrtimer list corruption
    - scripts/tracing: fix the bug that can't parse raw_trace_func
    - staging: rtl8723bs: Fix a resource leak in sd_int_dpc
    - media: rtl28xxu: fix zero-length control request
    - pipe: increase minimum default pipe size to 2 pages
    - ext4: fix potential htree corruption when growing large_dir directories
    - serial: 8250: Mask out floating 16/32-bit bus bits
    - MIPS: Malta: Do not byte-swap accesses to the CBUS UART
    - pcmcia: i82092: fix a null pointer dereference bug
    - spi: meson-spicc: fix memory leak in meson_spicc_remove
    - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest
    - qmi_wwan: add network device usage statistics for qmimux devices
    - libata: fix ata_pio_sector for CONFIG_HIGHMEM
    - reiserfs: add check for root_inode in reiserfs_fill_super
    - reiserfs: check directory items on read from disk
    - alpha: Send stop IPI to send to online CPUs
    - net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and
      ql_adapter_reset
    - USB:ehci:fix Kunpeng920 ehci hardware problem
    - ppp: Fix generating ppp unit id when ifname is not specified
    - ovl: prevent private clone if bind mount is not allowed
    - net: xilinx_emaclite: Do not print real IOMEM pointer
    - KVM: x86: accept userspace interrupt only if no event is injected
    - KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds

  * Bionic update: upstream stable patchset 2021-08-17 (LP: #1940315)
    - selftest: fix build error in tools/testing/selftests/vm/userfaultfd.c
    - KVM: x86: determine if an exception has an error code only when injecting
      it.
    - net: split out functions related to registering inflight socket files
    - [Config] updateconfigs for UNIX_SCM
    - af_unix: fix garbage collect vs MSG_PEEK
    - net/802/mrp: fix memleak in mrp_request_join()
    - net/802/garp: fix memleak in garp_request_join()
    - net: annotate data race around sk_ll_usec
    - sctp: move 198 addresses from unusable to private scope
    - hfs: add missing clean-up in hfs_fill_super
    - hfs: fix high memory mapping in hfs_bnode_read
    - hfs: add lock nesting notation to hfs_find_init
    - ARM: dts: versatile: Fix up interrupt controller node names
    - virtio_net: Do not pull payload in skb->head
    - gro: ensure frag0 meets IP header alignment
    - x86/kvm: fix vcpu-id indexed array sizes
    - ocfs2: fix zero out valid data
    - ocfs2: issue zeroout to EOF blocks
    - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF
    - can: mcba_usb_start(): add missing urb->transfer_dma initialization
    - can: usb_8dev: fix memory leak
    - can: ems_usb: fix memory leak
    - can: esd_usb2: fix memory leak
    - NIU: fix incorrect error return, missed in previous revert
    - nfc: nfcsim: fix use after free during module unload
    - x86/asm: Ensure asm/proto.h can be included stand-alon

  linux (4.15.0-156.163) bionic; urgency=medium

  * bionic/linux: 4.15.0-156.163 -proposed tracker (LP: #1940162)

  * linux (LP: #1940564)
    - SAUCE: Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue"

  * fails to launch linux L2 guests on AMD (LP: #1940134) // CVE-2021-3653
    - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
      (CVE-2021-3653)

  * fails to launch linux L2 guests on AMD (LP: #1940134)
    - SAUCE: Revert "UBUNTU: SAUCE: KVM: nSVM: avoid picking up unsupported bits
      from L2 in int_ctl"