Bug #1852637 “backport DIMLIB (lib/dim/) to pre-5.2 kernels” : Bugs : linux package : Ubuntu

Kamal Mostafa (kamalmostafa) on 2019-11-14

Changed in linux (Ubuntu Xenial):
assignee:	nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu Disco):
assignee:	nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu Bionic):
assignee:	nobody → Kamal Mostafa (kamalmostafa)
Changed in linux (Ubuntu Xenial):
status:	New → In Progress
Changed in linux (Ubuntu Disco):
status:	New → In Progress
Changed in linux (Ubuntu Bionic):
status:	New → In Progress

Revision history for this message

Kamal Mostafa (kamalmostafa) wrote on 2019-11-15:

#1

https://lists.ubuntu.com/archives/kernel-team/2019-November/105521.html

Kamal Mostafa (kamalmostafa) on 2019-11-19

description:

updated

Stefan Bader (smb) on 2019-11-28

Changed in linux (Ubuntu Disco):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed
Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-12-03:

#2

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-disco' to 'verification-done-disco'. If the problem still exists, change the tag 'verification-needed-disco' to 'verification-failed-disco'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:	added: verification-needed-disco
tags:	added: verification-needed-bionic

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-12-03:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Kamal Mostafa (kamalmostafa) on 2019-12-03

tags:

added: verification-done-bionic verification-done-disco
removed: verification-needed-bionic verification-needed-disco

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2019-12-04:

#4

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-xenial

Kamal Mostafa (kamalmostafa) on 2019-12-04

tags:

added: verification-done-xenial
removed: verification-needed-xenial

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-01-06:

#5

Download full text (42.3 KiB)

This bug was fixed in the package linux - 5.0.0-38.41

---------------
linux (5.0.0-38.41) disco; urgency=medium

* disco/linux: 5.0.0-38.41 -proposed tracker (LP: #1854788)

  * [Regression] Failed to boot disco kernel built from master-next (kernel
    kernel NULL pointer dereference) (LP: #1853981)
    - SAUCE: blk-mq: Fix blk_mq_make_request for mq devices

* CVE-2019-14901
- SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
- SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
- SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

  * [CML] New device id's for CMP-H (LP: #1846335)
    - mmc: sdhci-pci: Add another Id for Intel CML
    - i2c: i801: Add support for Intel Comet Lake PCH-H
    - mtd: spi-nor: intel-spi: Add support for Intel Comet Lake-H SPI serial flash
    - mfd: intel-lpss: Add Intel Comet Lake PCH-H PCI IDs

* Please add patch fixing RK818 ID detection (LP: #1853192)
- SAUCE: mfd: rk808: Fix RK818 ID template

  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

* Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
- r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

  * [CML-S62] Need enable turbostat patch support for Comet lake- S 6+2
    (LP: #1847451)
    - SAUCE: tools/power turbostat: Add Cometlake support

  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

* Raydium Touchscreen on ThinkPad L390 does not work (LP: #1849721)
- HID: i2c-hid: fix no irq after reset on raydium 3118

  * Make Goodix I2C touchpads work (LP: #1853842)
    - HID: i2c-hid: Remove runtime power management
    - HID: i2c-hid: Send power-on command after reset

  * Touchpad doesn't work on Dell Inspiron 7000 2-in-1 (LP: #1851901)
    - Revert "UBUNTU: SAUCE: mfd: intel-lpss: add quirk for Dell XPS 13 7390
      2-in-1"
    - lib: devres: add a helper function for ioremap_uc
    - mfd: intel-lpss: Use devm_ioremap_uc for MMIO

* CVE-2019-19055
- nl80211: fix memory leak in nl80211_get_ftm_responder_stats

  * [CML-S62] Need enable intel_rapl patch support for Comet lake- S 6+2
    (LP: #1847454)
    - powercap/intel_rapl: add support for CometLake Mobile
    - powercap/intel_rapl: add support for Cometlake desktop

* [CML-S62] Need enable intel_pmc_core driver patch for Comet l...

This bug was fixed in the package linux - 5.0.0-38.41

---------------
linux (5.0.0-38.41) disco; urgency=medium

* disco/linux: 5.0.0-38.41 -proposed tracker (LP: #1854788)

* [Regression] Failed to boot disco kernel built from master-next (kernel
    kernel NULL pointer dereference) (LP: #1853981)
    - SAUCE: blk-mq: Fix blk_mq_make_request for mq devices

* CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

* [CML] New device id's for CMP-H (LP: #1846335)
    - mmc: sdhci-pci: Add another Id for Intel CML
    - i2c: i801: Add support for Intel Comet Lake PCH-H
    - mtd: spi-nor: intel-spi: Add support for Intel Comet Lake-H SPI serial flash
    - mfd: intel-lpss: Add Intel Comet Lake PCH-H PCI IDs

* Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template

* [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

* Lenovo dock MAC Address pass through doesn't work in Ubuntu  (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

* [CML-S62] Need enable turbostat patch support for Comet lake- S 6+2
    (LP: #1847451)
    - SAUCE: tools/power turbostat: Add Cometlake support

* External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

* Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

* CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

* Raydium Touchscreen on ThinkPad L390 does not work (LP: #1849721)
    - HID: i2c-hid: fix no irq after reset on raydium 3118

* Make Goodix I2C touchpads work (LP: #1853842)
    - HID: i2c-hid: Remove runtime power management
    - HID: i2c-hid: Send power-on command after reset

* Touchpad doesn't work on Dell Inspiron 7000 2-in-1 (LP: #1851901)
    - Revert "UBUNTU: SAUCE: mfd: intel-lpss: add quirk for Dell XPS 13 7390
      2-in-1"
    - lib: devres: add a helper function for ioremap_uc
    - mfd: intel-lpss: Use devm_ioremap_uc for MMIO

* CVE-2019-19055
    - nl80211: fix memory leak in nl80211_get_ftm_responder_stats

* [CML-S62] Need enable intel_rapl patch support for Comet lake- S 6+2
    (LP: #1847454)
    - powercap/intel_rapl: add support for CometLake Mobile
    - powercap/intel_rapl: add support for Cometlake desktop

* [CML-S62] Need enable intel_pmc_core driver patch for Comet lake- S 6+2
    (LP: #1847450)
    - SAUCE: platform/x86: intel_pmc_core: Add Comet Lake (CML) platform support
      to intel_pmc_core driver

* update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval

* CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64 (LP: #1825222)
    - [Config] Enable ROCKCHIP support for arm64

* remount of multilower moved pivoted-root overlayfs root, results in I/O
    errors on some modified files (LP: #1824407)
    - SAUCE: ovl: fix lookup failure on multi lower squashfs

* backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - linux/dim: Move logic to dim.h
    - linux/dim: Remove "net" prefix from internal DIM members
    - linux/dim: Rename externally exposed macros
    - linux/dim: Rename net_dim_sample() to net_dim_update_sample()
    - linux/dim: Rename externally used net_dim members
    - [Config] updateconfigs for DIMLIB
    - linux/dim: Move implementation to .c files
    - linux/dim: Add completions count to dim_sample
    - linux/dim: Implement RDMA adaptive moderation (DIM)
    - linux/dim: Fix overflow in dim calculation
    - lib/dim: Fix -Wunused-const-variable warnings

* The alsa hda driver is not loaded due to the missing of PCIID for Comet
    Lake-S [8086:a3f0] (LP: #1852070)
    - SAUCE: ALSA: hda: Add Cometlake-S PCI ID

* Can't adjust brightness on DELL UHD dGPU AIO (LP: #1813877)
    - SAUCE: platform/x86: dell-uart-backlight: add missing status command
    - SAUCE: platform/x86: dell-uart-backlight: load driver by scalar status
    - SAUCE: platform/x86: dell-uart-backlight: add force parameter
    - SAUCE: platform/x86: dell-uart-backlight: add quirk for old platforms

* Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens

* Disable unreliable HPET on CFL-H system (LP: #1852216)
    - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake H platforms

* i40e: Setting VF MAC address causes General Protection Fault (LP: #1852432)
    - i40e: Fix crash caused by stress setting of VF MAC addresses

* CVE-2019-19072
    - tracing: Have error path in predicate_parse() free its allocated memory

* CVE-2019-2214
    - binder: Set end of SG buffer area properly.

* Disco update: upstream stable patchset 2019-11-27 (LP: #1854229)
    - i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf()
    - Revert "OPP: Protect dev_list with opp_table lock"
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
    - mm/memory_hotplug: fix updating the node span
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - fbdev: Ditch fb_edid_add_monspecs
    - bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG
    - bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0
    - bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0
    - bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE}
    - bpf: btf: Fix a missing check bug

* Disco update: upstream stable patchset 2019-11-26 (LP: #1854094)
    - KVM: x86: introduce is_pae_paging
    - scsi: core: Handle drivers which set sg_tablesize to zero
    - ax88172a: fix information leak on short answers
    - ipmr: Fix skb headroom in ipmr_get_route().
    - net: gemini: add missed free_netdev
    - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
    - slip: Fix memory leak in slip_open error path
    - ALSA: usb-audio: Fix missing error check at mixer resolution test
    - ALSA: usb-audio: not submit urb for stopped endpoint
    - ALSA: usb-audio: Fix incorrect NULL check in create_yamaha_midi_quirk()
    - ALSA: usb-audio: Fix incorrect size check for processing/extension units
    - Btrfs: fix log context list corruption after rename exchange operation
    - Input: ff-memless - kill timer in destroy()
    - Input: synaptics-rmi4 - fix video buffer size
    - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
    - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
    - Input: synaptics-rmi4 - clear IRQ enables for F54
    - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
    - IB/hfi1: Ensure full Gen3 speed in a Gen4 system
    - IB/hfi1: Use a common pad buffer for 9B and 16B packets
    - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
    - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
    - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
    - net: ethernet: dwmac-sun8i: Use the correct function in exit path
    - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
    - mm: mempolicy: fix the wrong return value and potential pages leak of mbind
    - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
    - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
    - mmc: sdhci-of-at91: fix quirk2 overwrite
    - dmaengine: at_xdmac: remove a stray bottom half unlock
    - slcan: Fix memory leak in error path
    - tcp: remove redundant new line from tcp_event_sk_skb
    - dpaa2-eth: free already allocated channels on probe defer
    - KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved
    - drm/i915: update rawclk also on resume
    - ntp/y2038: Remove incorrect time_t truncation
    - mm/page_io.c: do not free shared swap slots

* Disco update: upstream stable patchset 2019-11-22 (LP: #1853659)
    - bonding: fix state transition issue in link monitoring
    - CDC-NCM: handle incomplete transfer of MTU
    - ipv4: Fix table id reference in fib_sync_down_addr
    - net: ethernet: octeon_mgmt: Account for second possible VLAN header
    - net: fix data-race in neigh_event_send()
    - net: qualcomm: rmnet: Fix potential UAF when unregistering
    - net: usb: qmi_wwan: add support for DW5821e with eSIM support
    - NFC: fdp: fix incorrect free object
    - nfc: netlink: fix double device reference drop
    - NFC: st21nfca: fix double free
    - qede: fix NULL pointer deref in __qede_remove()
    - net: mscc: ocelot: don't handle netdev events for other netdevs
    - net: mscc: ocelot: fix NULL pointer on LAG slave removal
    - ipv6: fixes rt6_probe() and fib6_nh->last_probe init
    - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path
    - ALSA: timer: Fix incorrectly assigned timer instance
    - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite
      Saffire Pro i/o series
    - ALSA: hda/ca0132 - Fix possible workqueue stall
    - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges
    - mm, meminit: recalculate pcpu batch and high limits after init completes
    - mm: thp: handle page cache THP correctly in PageTransCompoundMap
    - mm, vmstat: hide /proc/pagetypeinfo from normal users
    - dump_stack: avoid the livelock of the dump_lock
    - tools: gpio: Use !building_out_of_srctree to determine srctree
    - perf tools: Fix time sorting
    - drm/radeon: fix si_enable_smc_cac() failed issue
    - HID: wacom: generic: Treat serial number and related fields as unsigned
    - soundwire: depend on ACPI
    - soundwire: bus: set initial value to port_status
    - arm64: Do not mask out PTE_RDONLY in pte_same()
    - ceph: fix use-after-free in __ceph_remove_cap()
    - ceph: add missing check in d_revalidate snapdir handling
    - iio: adc: stm32-adc: fix stopping dma
    - iio: imu: adis16480: make sure provided frequency is positive
    - iio: srf04: fix wrong limitation in distance measuring
    - ARM: sunxi: Fix CPU powerdown on A83T
    - netfilter: nf_tables: Align nft_expr private data to 64-bit
    - netfilter: ipset: Fix an error code in ip_set_sockfn_get()
    - intel_th: pci: Add Comet Lake PCH support
    - intel_th: pci: Add Jasper Lake PCH support
    - x86/apic/32: Avoid bogus LDR warnings
    - SMB3: Fix persistent handles reconnect
    - can: usb_8dev: fix use-after-free on disconnect
    - can: flexcan: disable completely the ECC mechanism
    - can: c_can: c_can_poll(): only read status register after status IRQ
    - can: peak_usb: fix a potential out-of-sync while decoding packets
    - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid
      skb mem leak
    - can: gs_usb: gs_can_open(): prevent memory leak
    - can: dev: add missing of_node_put() after calling of_get_child_by_name()
    - can: mcba_usb: fix use-after-free on disconnect
    - can: peak_usb: fix slab info leak
    - configfs: stash the data we need into configfs_buffer at open time
    - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts
    - configfs: new object reprsenting tree fragments
    - configfs: provide exclusion between IO and removals
    - configfs: fix a deadlock in configfs_symlink()
    - ALSA: usb-audio: More validations of descriptor units
    - ALSA: usb-audio: Simplify parse_audio_unit()
    - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects
    - ALSA: usb-audio: Remove superfluous bLength checks
    - ALSA: usb-audio: Clean up check_input_term()
    - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk()
    - ALSA: usb-audio: remove some dead code
    - ALSA: usb-audio: Fix copy&paste error in the validator
    - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path
    - usbip: Implement SG support to vhci-hcd and stub driver
    - PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
    - HID: google: add magnemite/masterball USB ids
    - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config
    - dmaengine: sprd: Fix the possible memory leak issue
    - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring()
    - RDMA/mlx5: Clear old rate limit when closing QP
    - iw_cxgb4: fix ECN check on the passive accept
    - RDMA/qedr: Fix reported firmware version
    - net/mlx5e: TX, Fix consumer index of error cqe dump
    - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq
    - scsi: qla2xxx: fixup incorrect usage of host_byte
    - RDMA/uverbs: Prevent potential underflow
    - net: openvswitch: free vport unless register_netdevice() succeeds
    - scsi: lpfc: Honor module parameter lpfc_use_adisc
    - scsi: qla2xxx: Initialized mailbox to prevent driver load failure
    - netfilter: nf_flow_table: set timeout before insertion into hashes
    - ipvs: don't ignore errors in case refcounting ip_vs module fails
    - ipvs: move old_secure_tcp into struct netns_ipvs
    - bonding: fix unexpected IFF_BONDING bit unset
    - macsec: fix refcnt leak in module exit routine
    - usb: fsl: Check memory resource before releasing it
    - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode.
    - usb: gadget: composite: Fix possible double free memory bug
    - usb: dwc3: pci: prevent memory leak in dwc3_pci_probe
    - usb: gadget: configfs: fix concurrent issue between composite APIs
    - usb: dwc3: remove the call trace of USBx_GFLADJ
    - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise
      RIP validity
    - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h)
    - perf/x86/uncore: Fix event group support
    - USB: Skip endpoints with 0 maxpacket length
    - USB: ldusb: use unsigned size format specifiers
    - usbip: tools: Fix read_usb_vudc_device() error path handling
    - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case
    - RDMA/hns: Prevent memory leaks of eq->buf_list
    - scsi: qla2xxx: stop timer in shutdown path
    - nvme-multipath: fix possible io hang after ctrl reconnect
    - fjes: Handle workqueue allocation failure
    - net: hisilicon: Fix "Trying to free already-free IRQ"
    - net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link
      is up
    - net: mscc: ocelot: refuse to overwrite the port's native vlan
    - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41
    - drm/amdgpu: If amdgpu_ib_schedule fails return back the error.
    - drm/amd/display: Passive DP->HDMI dongle detection fix
    - hv_netvsc: Fix error handling in netvsc_attach()
    - usb: dwc3: gadget: fix race when disabling ep with cancelled xfers
    - NFSv4: Don't allow a cached open with a revoked delegation
    - net: ethernet: arc: add the missed clk_disable_unprepare
    - igb: Fix constant media auto sense switching when no cable is connected
    - e1000: fix memory leaks
    - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode
    - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write()
    - pinctrl: cherryview: Fix irq_valid_mask calculation
    - blkcg: make blkcg_print_stat() print stats only for online blkgs
    - iio: imu: mpu6050: Add support for the ICM 20602 IMU
    - iio: imu: inv_mpu6050: fix no data on MPU6050
    - mm/filemap.c: don't initiate writeback if mapping has no dirty pages
    - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is
      dead
    - usbip: Fix free of unallocated memory in vhci tx
    - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
    - net: prevent load/store tearing on sk->sk_stamp
    - iio: imu: mpu6050: Fix FIFO layout for ICM20602
    - vsock/virtio: fix sock refcnt holding during the shutdown
    - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
    - x86/cpu: Add Tremont to the cpu vulnerability whitelist
    - Documentation: Add ITLB_MULTIHIT documentation
    - net/tls: fix sk_msg trim on fallback to copy mode
    - net/tls: add a TX lock
    - selftests/tls: add test for concurrent recv and send
    - net/smc: fix ethernet interface refcounting
    - perf map: Use zalloc for map_groups
    - soundwire: depend on ACPI || OF
    - ASoC: rsnd: dma: fix SSI9 4/5/6/7 busif dma address
    - ceph: fix RCU case handling in ceph_d_revalidate()
    - ceph: don't try to handle hashed dentries in non-O_CREAT atomic_open
    - ceph: don't allow copy_file_range when stripe_count != 1
    - cpufreq: intel_pstate: Fix invalid EPB setting
    - dmaengine: sprd: Fix the link-list pointer register configuration issue
    - dmaengine: xilinx_dma: Fix 64-bit simple AXIDMA transfer
    - net/mlx5e: Tx, Fix assumption of single WQEBB of NOP in cleanup flow
    - scsi: ufs-bsg: Wake the device before sending raw upiu commands
    - bpf: Fix use after free in subprog's jited symbol removal
    - bpf: Fix use after free in bpf_get_prog_name
    - xsk: Fix registration of Rx-only sockets
    - net: phy: smsc: LAN8740: add PHY_RST_AFTER_CLK_EN flag
    - virt_wifi: fix refcnt leak in module exit routine
    - hwmon: (ina3221) Fix read timeout issue
    - sched/topology: Don't try to build empty sched domains
    - sched/topology: Allow sched_asym_cpucapacity to be disabled
    - mt76: dma: fix buffer unmap with non-linear skbs
    - drm/amd/display: do not synchronize "drr" displays
    - SUNRPC: The RDMA back channel mustn't disappear while requests are
      outstanding
    - efi: libstub/arm: Account for firmware reserved memory at the base of RAM
    - x86, efi: Never relocate kernel below lowest acceptable address
    - arm64: cpufeature: Enable Qualcomm Falkor errata 1009 for Kryo
    - arm64: apply ARM64_ERRATUM_845719 workaround for Brahma-B53 core
    - arm64: Brahma-B53 is SSB and spectre v2 safe
    - arm64: apply ARM64_ERRATUM_843419 workaround for Brahma-B53 core
    - arm64: errata: Update stale comment
    - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run

* Disco update: upstream stable patchset 2019-11-20 (LP: #1853382)
    - regulator: of: fix suspend-min/max-voltage parsing
    - ASoC: wm8994: Do not register inapplicable controls for WM1811
    - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay
    - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay
    - arm64: dts: Fix gpio to pinmux mapping
    - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
    - ASoC: rt5682: add NULL handler to set_jack function
    - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe()
      could be uninitialized
    - ASoC: wm_adsp: Don't generate kcontrols without READ flags
    - ASoc: rockchip: i2s: Fix RPM imbalance
    - ARM: dts: logicpd-torpedo-som: Remove twl_keypad
    - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable()
    - ARM: mm: fix alignment handler faults under memory pressure
    - scsi: qla2xxx: fix a potential NULL pointer dereference
    - scsi: scsi_dh_alua: handle RTPG sense code correctly during state
      transitions
    - scsi: sni_53c710: fix compilation error
    - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
    - ARM: dts: imx7s: Correct GPT's ipg clock source
    - perf c2c: Fix memory leak in build_cl_output()
    - 8250-men-mcb: fix error checking when get_num_ports returns -ENODEV
    - perf kmem: Fix memory leak in compact_gfp_flags()
    - ARM: davinci: dm365: Fix McBSP dma_slave_map entry
    - drm/amdgpu: fix potential VM faults
    - scsi: target: core: Do not overwrite CDB byte 1
    - tracing: Fix "gfp_t" format for synthetic events
    - ARM: 8926/1: v7m: remove register save to stack before svc
    - of: unittest: fix memory leak in unittest_data_add
    - MIPS: bmips: mark exception vectors as char arrays
    - irqchip/gic-v3-its: Use the exact ITSList for VMOVP
    - i2c: stm32f7: fix first byte to send in slave mode
    - i2c: stm32f7: fix a race in slave mode with arbitration loss irq
    - i2c: stm32f7: remove warning when compiling with W=1
    - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
    - nbd: protect cmd->status with cmd->lock
    - nbd: handle racing with error'ed out commands
    - cxgb4: fix panic when attaching to ULD fail
    - dccp: do not leak jiffies on the wire
    - erspan: fix the tun_info options_len check for erspan
    - inet: stop leaking jiffies on the wire
    - net: annotate accesses to sk->sk_incoming_cpu
    - net: annotate lockless accesses to sk->sk_napi_id
    - net: dsa: bcm_sf2: Fix IMP setup for port different than 8
    - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum
    - net: fix sk_page_frag() recursion from memory reclaim
    - net: hisilicon: Fix ping latency when deal with high throughput
    - net/mlx4_core: Dynamically set guaranteed amount of counters per VF
    - netns: fix GFP flags in rtnl_net_notifyid()
    - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq()
    - selftests: net: reuseport_dualstack: fix uninitalized parameter
    - udp: fix data-race in udp_set_dev_scratch()
    - vxlan: check tun_info options_len properly
    - net: add skb_queue_empty_lockless()
    - udp: use skb_queue_empty_lockless()
    - net: use skb_queue_empty_lockless() in poll() handlers
    - net: use skb_queue_empty_lockless() in busy poll contexts
    - net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
    - ipv4: fix route update on metric change.
    - selftests: fib_tests: add more tests for metric update
    - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget
    - r8169: fix wrong PHY ID issue with RTL8168dp
    - net/mlx5e: Fix ethtool self test: link speed
    - net: dsa: b53: Do not clear existing mirrored port mask
    - net: bcmgenet: don't set phydev->link from MAC
    - net: phy: bcm7xxx: define soft_reset for 40nm EPHY
    - net: bcmgenet: reset 40nm EPHY on energy detect
    - net: usb: lan78xx: Connect PHY before registering MAC
    - net: dsa: fix switch tree list
    - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2
    - net/flow_dissector: switch to siphash
    - wireless: Skip directory when generating certificates
    - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI
      table
    - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9
    - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
    - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc
    - ASoC: pcm3168a: The codec does not support S32_LE
    - arm64: dts: ti: k3-am65-main: Fix gic-its node unit-address
    - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending
      driver fails
    - regulator: da9062: fix suspend_enable/disable preparation
    - ASoC: topology: Fix a signedness bug in soc_tplg_dapm_widget_create()
    - pinctrl: intel: Allocate IRQ chip dynamic
    - arm64: dts: rockchip: fix Rockpro64 RK808 interrupt line
    - arm64: dts: rockchip: fix RockPro64 vdd-log regulator settings
    - arm64: dts: rockchip: fix RockPro64 sdhci settings
    - ARM: 8908/1: add __always_inline to functions called from __get_user_check()
    - arm64: dts: rockchip: fix RockPro64 sdmmc settings
    - ARM: dts: vf610-zii-scu4-aib: Specify 'i2c-mux-idle-disconnect'
    - arm64: dts: imx8mq: Use correct clock for usdhc's ipg clk
    - drm/amdgpu: fix error handling in amdgpu_bo_list_create
    - ARM: dts: bcm2837-rpi-cm3: Avoid leds-gpio probing issue
    - ALSA: hda: Add Elkhart Lake PCI ID
    - ALSA: hda: Add Tigerlake/Jasperlake PCI ID
    - irqchip/sifive-plic: Skip contexts except supervisor in plic_init()
    - net: rtnetlink: fix a typo fbd -> fdb
    - net/mlx5: Fix flow counter list auto bits struct
    - net: hns3: fix mis-counting IRQ vector numbers issue
    - net: reorder 'struct net' fields to avoid false sharing
    - net: netem: correct the parent's backlog when corrupted packet was dropped
    - CIFS: Fix retry mid list corruption on reconnects

* Disco update: upstream stable patchset 2019-11-18 (LP: #1853067)
    - dm snapshot: introduce account_start_copy() and account_end_copy()
    - dm snapshot: rework COW throttling to fix deadlock
    - Btrfs: fix inode cache block reserve leak on failure to allocate data space
    - btrfs: qgroup: Always free PREALLOC META reserve in
      btrfs_delalloc_release_extents()
    - f2fs: flush quota blocks after turnning it off
    - drm/msm/dpu: handle failures while initializing displays
    - bcache: fix input overflow to writeback_rate_minimum
    - ath10k: assign 'n_cipher_suites = 11' for WCN3990 to enable WPA3
    - staging: mt7621-pinctrl: use pinconf-generic for 'dt_node_to_map' and
      'dt_free_map'
    - HID: Add ASUS T100CHI keyboard dock battery quirks
    - HID: steam: fix boot loop with bluetooth firmware
    - HID: steam: fix deadlock with input devices.
    - usb: dwc3: gadget: early giveback if End Transfer already completed
    - usb: dwc3: gadget: clear DWC3_EP_TRANSFER_STARTED on cmd complete
    - ALSA: usb-audio: Cleanup DSD whitelist
    - usb: handle warm-reset port requests on hub resume
    - rtc: pcf8523: set xtal load capacitance from DT
    - arm64: Add MIDR encoding for HiSilicon Taishan CPUs
    - arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs
    - mlxsw: spectrum: Set LAG port collector only when active
    - scsi: lpfc: Correct localport timeout duration error
    - CIFS: Respect SMB2 hdr preamble size in read responses
    - cifs: add credits from unmatched responses/messages
    - ALSA: hda/realtek - Apply ALC294 hp init also for S4 resume
    - media: vimc: Remove unused but set variables
    - ext4: disallow files with EXT4_JOURNAL_DATA_FL from EXT4_IOC_SWAP_BOOT
    - net: dsa: mv88e6xxx: Release lock while requesting IRQ
    - PCI/PME: Fix possible use-after-free on remove
    - drm/amd/display: fix odm combine pipe reset
    - power: supply: max14656: fix potential use-after-free
    - iio: adc: meson_saradc: Fix memory allocation order
    - iio: fix center temperature of bmc150-accel-core
    - libsubcmd: Make _FORTIFY_SOURCE defines dependent on the feature
    - perf tests: Avoid raising SEGV using an obvious NULL dereference
    - perf map: Fix overlapped map handling
    - perf script brstackinsn: Fix recovery from LBR/binary mismatch
    - perf jevents: Fix period for Intel fixed counters
    - perf tools: Propagate get_cpuid() error
    - perf annotate: Propagate perf_env__arch() error
    - perf annotate: Fix the signedness of failure returns
    - perf annotate: Propagate the symbol__annotate() error return
    - perf annotate: Return appropriate error code for allocation failures
    - staging: rtl8188eu: fix null dereference when kzalloc fails
    - RDMA/hfi1: Prevent memory leak in sdma_init
    - RDMA/iwcm: Fix a lock inversion issue
    - HID: hyperv: Use in-place iterator API in the channel callback
    - nfs: Fix nfsi->nrequests count error on nfs_inode_remove_request
    - arm64: ftrace: Ensure synchronisation in PLT setup for Neoverse-N1 #1542419
    - tty: serial: owl: Fix the link time qualifier of 'owl_uart_exit()'
    - tty: n_hdlc: fix build on SPARC
    - gpio: max77620: Use correct unit for debounce times
    - fs: cifs: mute -Wunused-const-variable message
    - serial: mctrl_gpio: Check for NULL pointer
    - efi/cper: Fix endianness of PCIe class code
    - efi/x86: Do not clean dummy variable in kexec path
    - MIPS: include: Mark __cmpxchg as __always_inline
    - x86/xen: Return from panic notifier
    - ocfs2: clear zero in unaligned direct IO
    - fs: ocfs2: fix possible null-pointer dereferences in
      ocfs2_xa_prepare_entry()
    - fs: ocfs2: fix a possible null-pointer dereference in
      ocfs2_write_end_nolock()
    - fs: ocfs2: fix a possible null-pointer dereference in
      ocfs2_info_scan_inode_alloc()
    - arm64: armv8_deprecated: Checking return value for memory allocation
    - sched/vtime: Fix guest/system mis-accounting on task switch
    - perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp
    - drm/amdgpu: fix memory leak
    - iio: imu: adis16400: release allocated memory on failure
    - MIPS: include: Mark __xchg as __always_inline
    - MIPS: fw: sni: Fix out of bounds init of o32 stack
    - virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr
    - nbd: fix possible sysfs duplicate warning
    - NFSv4: Fix leak of clp->cl_acceptor string
    - s390/uaccess: avoid (false positive) compiler warnings
    - tracing: Initialize iter->seq after zeroing in tracing_read_pipe()
    - ARM: 8914/1: NOMMU: Fix exc_ret for XIP
    - nbd: verify socket is supported during setup
    - USB: legousbtower: fix a signedness bug in tower_probe()
    - thunderbolt: Use 32-bit writes when writing ring producer/consumer
    - fuse: flush dirty data/metadata before non-truncate setattr
    - fuse: truncate pending writes on O_TRUNC
    - ALSA: bebob: Fix prototype of helper function to return negative value
    - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather
      segments")
    - USB: gadget: Reject endpoints with 0 maxpacket value
    - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set
      virt_boundary_mask to avoid SG overflows")
    - USB: ldusb: fix ring-buffer locking
    - USB: ldusb: fix control-message timeout
    - usb: xhci: fix __le32/__le64 accessors in debugfs code
    - USB: serial: whiteheat: fix potential slab corruption
    - USB: serial: whiteheat: fix line-speed endianness
    - scsi: target: cxgbit: Fix cxgbit_fw4_ack()
    - HID: i2c-hid: add Trekstor Primebook C11B to descriptor override
    - HID: Fix assumption that devices have inputs
    - HID: fix error message in hid_open_report()
    - nl80211: fix validation of mesh path nexthop
    - s390/cmm: fix information leak in cmm_timeout_handler()
    - s390/idle: fix cpu idle time calculation
    - arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default
    - dmaengine: qcom: bam_dma: Fix resource leak
    - dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle
    - drm/amdgpu/powerplay/vega10: allow undervolting in p7
    - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid()
    - batman-adv: Avoid free/alloc race when handling OGM buffer
    - llc: fix sk_buff leak in llc_sap_state_process()
    - llc: fix sk_buff leak in llc_conn_service()
    - rxrpc: Fix call ref leak
    - rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record
    - rxrpc: Fix trace-after-put looking at the put peer record
    - NFC: pn533: fix use-after-free and memleaks
    - bonding: fix potential NULL deref in bond_update_slave_arr
    - net: usb: sr9800: fix uninitialized local variable
    - sch_netem: fix rcu splat in netem_enqueue()
    - ALSA: timer: Simplify error path in snd_timer_open()
    - ALSA: timer: Fix mutex deadlock at releasing card
    - ALSA: usb-audio: DSD auto-detection for Playback Designs
    - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel
    - ALSA: usb-audio: Add DSD support for Gustard U16/X26 USB Interface
    - powerpc/powernv: Fix CPU idle to be called with IRQs disabled
    - Revert "ALSA: hda: Flush interrupts on disabling"
    - perf annotate: Fix arch specific ->init() failure errors
    - kselftest: exclude failed TARGETS from runlist
    - tty: serial: rda: Fix the link time qualifier of 'rda_uart_exit()'
    - RDMA/cm: Fix memory leak in cm_add/remove_one
    - sched/fair: Scale bandwidth quota and period without losing quota/period
      ratio precision
    - perf/core: Rework memory accounting in perf_mmap()
    - perf/core: Fix corner case in perf_rotate_context()
    - iio: imu: st_lsm6dsx: fix waitime for st_lsm6dsx i2c controller
    - HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy()
    - um-ubd: Entrust re-queue to the upper layers
    - ARC: perf: Accommodate big-endian CPU
    - arm64: cpufeature: Enable Qualcomm Falkor/Kryo errata 1003
    - virtio_ring: fix stalls for packed rings
    - rtlwifi: rtl_pci: Fix problem of too small skb->len
    - dmaengine: imx-sdma: fix size check for sdma script_number
    - sched/fair: Fix low cpu usage with high throttling by removing expiration of
      cpu-local slices
    - sched/fair: Fix -Wunused-but-set-variable warnings

* Dell XPS 13 9350/9360 headphone audio hiss (LP: #1654448) // [XPS 13 9360,
    Realtek ALC3246, Black Headphone Out, Front] High noise floor
    (LP: #1845810) // Disco update: upstream stable patchset 2019-11-18
    (LP: #1853067)
    - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360

* Disco update: upstream stable patchset 2019-11-13 (LP: #1852459)
    - nvme-pci: Fix a race in controller removal
    - scsi: ufs: skip shutdown if hba is not powered
    - scsi: megaraid: disable device when probe failed after enabled device
    - scsi: qla2xxx: Fix unbound sleep in fcport delete path.
    - ARM: OMAP2+: Fix missing reset done flag for am3 and am43
    - ARM: OMAP2+: Fix warnings with broken omap2_set_init_voltage()
    - ieee802154: ca8210: prevent memory leak
    - ARM: dts: am4372: Set memory bandwidth limit for DISPC
    - net: dsa: qca8k: Use up to 7 ports for all operations
    - MIPS: dts: ar9331: fix interrupt-controller size
    - xen/efi: Set nonblocking callbacks
    - nl80211: fix null pointer dereference
    - mac80211: fix txq null pointer dereference
    - netfilter: nft_connlimit: disable bh on garbage collection
    - net: dsa: rtl8366rb: add missing of_node_put after calling
      of_get_child_by_name
    - mips: Loongson: Fix the link time qualifier of 'serial_exit()'
    - net: hisilicon: Fix usage of uninitialized variable in function
      mdio_sc_cfg_reg_write()
    - lib: textsearch: fix escapes in example code
    - namespace: fix namespace.pl script to support relative paths
    - libata/ahci: Fix PCS quirk application
    - Revert "drm/radeon: Fix EEH during kexec"
    - ocfs2: fix panic due to ocfs2_wq is null
    - ipv4: fix race condition between route lookup and invalidation
    - ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
    - net: avoid potential infinite loop in tc_ctl_action()
    - net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
    - net: bcmgenet: Set phydev->dev_flags only for internal PHYs
    - net: i82596: fix dma_alloc_attr for sni_82596
    - net/ibmvnic: Fix EOI when running in XIVE mode.
    - net: ipv6: fix listify ip6_rcv_finish in case of forwarding
    - net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow
    - sctp: change sctp_prot .no_autobind with true
    - USB: legousbtower: fix memleak on disconnect
    - ALSA: hda/realtek - Add support for ALC711
    - ALSA: hda/realtek - Enable headset mic on Asus MJ401TA
    - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers
    - ALSA: hda - Force runtime PM on Nvidia HDMI codecs
    - usb: udc: lpc32xx: fix bad bit shift operation
    - USB: serial: ti_usb_3410_5052: fix port-close races
    - USB: ldusb: fix memleak on disconnect
    - USB: usblp: fix use-after-free on disconnect
    - USB: ldusb: fix read info leaks
    - MIPS: tlbex: Fix build_restore_pagemask KScratch restore
    - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS
    - scsi: zfcp: fix reaction on bit error threshold notification
    - scsi: sd: Ignore a failure to sync cache due to lack of authorization
    - scsi: core: save/restore command resid for error handling
    - scsi: core: try to get module before removing device
    - scsi: ch: Make it possible to open a ch device multiple times again
    - Input: da9063 - fix capability and drop KEY_SLEEP
    - Input: synaptics-rmi4 - avoid processing unknown IRQs
    - ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
    - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit()
    - cfg80211: wext: avoid copying malformed SSIDs
    - mac80211: Reject malformed SSID elements
    - drm/ttm: Restore ttm prefaulting
    - drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1
    - drivers/base/memory.c: don't access uninitialized memmaps in
      soft_offline_page_store()
    - fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c
    - mmc: cqhci: Commit descriptors before setting the doorbell
    - mm/memory-failure.c: don't access uninitialized memmaps in memory_failure()
    - mm/slub: fix a deadlock in show_slab_objects()
    - mm/page_owner: don't access uninitialized memmaps when reading
      /proc/pagetypeinfo
    - hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic()
    - mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped
      more than once
    - xtensa: drop EXPORT_SYMBOL for outs*/ins*
    - parisc: Fix vmap memory leak in ioremap()/iounmap()
    - EDAC/ghes: Fix Use after free in ghes_edac remove path
    - arm64: Enable workaround for Cavium TX2 erratum 219 when running SMT
    - CIFS: avoid using MID 0xFFFF
    - CIFS: Fix use after free of file info structures
    - perf/aux: Fix AUX output stopping
    - tracing: Fix race in perf_trace_buf initialization
    - dm cache: fix bugs when a GFP_NOWAIT allocation fails
    - x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area
    - x86/apic/x2apic: Fix a NULL pointer deref when handling a dying cpu
    - pinctrl: cherryview: restore Strago DMI workaround for all versions
    - pinctrl: armada-37xx: fix control of pins 32 and up
    - pinctrl: armada-37xx: swap polarity on LED group
    - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
    - Btrfs: add missing extents release on file extent cluster relocation error
    - Btrfs: check for the full sync flag while holding the inode lock during
      fsync
    - btrfs: tracepoints: Fix bad entry members of qgroup events
    - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
    - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
    - xen/netback: fix error path of xenvif_connect_data()
    - PCI: PM: Fix pci_power_up()
    - blk-rq-qos: fix first node deletion of rq_qos_del()
    - RDMA/cxgb4: Do not dma memory off of the stack
    - drm: Clear the fence pointer when writeback job signaled
    - clk: ti: dra7: Fix mcasp8 clock bits
    - ARM: dts: Fix wrong clocks for dra7 mcasp
    - scsi: qla2xxx: Fix N2N link reset
    - scsi: qla2xxx: Fix N2N link up fail
    - ARM: dts: Fix gpio0 flags for am335x-icev2
    - ARM: OMAP2+: Add missing LCDC midlemode for am335x
    - nvme-tcp: fix wrong stop condition in io_work
    - nvme-pci: Save PCI state before putting drive into deepest state
    - nvme: fix an error code in nvme_init_subsystem()
    - nvme-rdma: Fix max_hw_sectors calculation
    - Added QUIRKs for ADATA XPG SX8200 Pro 512GB
    - nvme-rdma: fix possible use-after-free in connect timeout
    - blk-mq: honor IO scheduler for multiqueue devices
    - loop: change queue block size to match when using DIO
    - drm/amdgpu: fix multiple memory leaks in acp_hw_init
    - drm/amd/display: memory leak
    - s390/mm: fix -Wunused-but-set-variable warnings
    - net: phy: fix write to mii-ctrl1000 register
    - Convert filldir[64]() from __put_user() to unsafe_put_user()
    - elf: don't use MAP_FIXED_NOREPLACE for elf executable mappings
    - Make filldir[64]() verify the directory entry filename is valid
    - uaccess: implement a proper unsafe_copy_to_user() and switch filldir over to
      it
    - filldir[64]: remove WARN_ON_ONCE() for bad directory entries
    - rxrpc: Fix possible NULL pointer access in ICMP handling
    - sched: etf: Fix ordering of packets with same txtime
    - net: aquantia: correctly handle macvlan and multicast coexistence
    - net: phy: micrel: Discern KSZ8051 and KSZ8795 PHYs
    - net: phy: micrel: Update KSZ87xx PHY name
    - netdevsim: Fix error handling in nsim_fib_init and nsim_fib_exit
    - rxrpc: use rcu protection while reading sk->sk_user_data
    - binder: Don't modify VMA bounds in ->mmap handler
    - drm/amdgpu/vce: fix allocation size in enc ring test
    - drm/amdgpu/vcn: fix allocation size in enc ring test
    - drm/amdgpu/uvd6: fix allocation size in enc ring test (v2)
    - drm/amdgpu/uvd7: fix allocation size in enc ring test (v2)
    - mmc: mxs: fix flags passed to dmaengine_prep_slave_sg
    - mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C
    - mm/memunmap: don't access uninitialized memmap in memunmap_pages()
    - zram: fix race between backing_dev_show and backing_dev_store
    - s390/zcrypt: fix memleak at release
    - fs/dax: Fix pmd vs pte conflict detection
    - x86/hyperv: Make vapic support x2apic mode
    - btrfs: tracepoints: Fix wrong parameter order for qgroup events
    - ceph: just skip unrecognized info in ceph_reply_info_extra
    - opp: of: drop incorrect lockdep_assert_held()

* Colour banding in Lenovo G50-80 laptop display (i915) (LP: #1819968) //
    Disco update: upstream stable patchset 2019-11-13 (LP: #1852459)
    - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50

-- Khalid Elmously <khalid.elmously@canonical.com>  Mon, 02 Dec 2019 14:25:23 -0500

Changed in linux (Ubuntu Disco):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-01-06:

#6

Download full text (42.4 KiB)

This bug was fixed in the package linux - 4.15.0-74.84

---------------
linux (4.15.0-74.84) bionic; urgency=medium

* bionic/linux: 4.15.0-74.84 -proposed tracker (LP: #1856749)

* [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
- [Packaging] bind hv_kvp_daemon startup to hv_kvp device

  * Unrevert "arm64: Use firmware to detect CPUs that are not affected by
    Spectre-v2" (LP: #1854207)
    - arm64: Get rid of __smccc_workaround_1_hvc_*
    - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2

  * Bionic kernel panic on Cavium ThunderX CN88XX (LP: #1853485)
    - SAUCE: irqchip/gic-v3-its: Add missing return value in
      its_irq_domain_activate()

linux (4.15.0-73.82) bionic; urgency=medium

* bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)

* CVE-2019-14901
- SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
- SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
- SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

* Please add patch fixing RK818 ID detection (LP: #1853192)
- SAUCE: mfd: rk808: Fix RK818 ID template

  * [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

* Lenovo dock MAC Address pass through doesn't work in Ubuntu (LP: #1827961)
- r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

  * s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues

  * External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

  * Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

* CVE-2019-19083
- drm/amd/display: memory leak

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remov...

This bug was fixed in the package linux - 4.15.0-74.84

---------------
linux (4.15.0-74.84) bionic; urgency=medium

* bionic/linux: 4.15.0-74.84 -proposed tracker (LP: #1856749)

* [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
    - [Packaging] bind hv_kvp_daemon startup to hv_kvp device

* Unrevert "arm64: Use firmware to detect CPUs that are not affected by
    Spectre-v2" (LP: #1854207)
    - arm64: Get rid of __smccc_workaround_1_hvc_*
    - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2

* Bionic kernel panic on Cavium ThunderX CN88XX (LP: #1853485)
    - SAUCE: irqchip/gic-v3-its: Add missing return value in
      its_irq_domain_activate()

linux (4.15.0-73.82) bionic; urgency=medium

* bionic/linux: 4.15.0-73.82 -proposed tracker (LP: #1854819)

* CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

* CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

* Please add patch fixing RK818 ID detection (LP: #1853192)
    - SAUCE: mfd: rk808: Fix RK818 ID template

* [SRU][B/OEM-B/OEM-OSP1/D] Enable new Elan touchpads which are not in current
    whitelist (LP: #1853246)
    - HID: quirks: Fix keyboard + touchpad on Lenovo Miix 630
    - Input: elan_i2c - export the device id whitelist
    - HID: quirks: Refactor ELAN 400 and 401 handling

* Lenovo dock MAC Address pass through doesn't work in Ubuntu  (LP: #1827961)
    - r8152: Add macpassthru support for ThinkPad Thunderbolt 3 Dock Gen 2

* s390/dasd: reduce the default queue depth and nr of hardware queues
    (LP: #1852257)
    - s390/dasd: reduce the default queue depth and nr of hardware queues

* External microphone can't work on some dell machines with the codec alc256
    or alc236 (LP: #1853791)
    - SAUCE: ALSA: hda/realtek - Move some alc256 pintbls to fallback table
    - SAUCE: ALSA: hda/realtek - Move some alc236 pintbls to fallback table

* Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection
    (LP: #1853197)
    - xfrm: Fix memleak on xfrm state destroy

* CVE-2019-19083
    - drm/amd/display: memory leak

* update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval

* CONFIG_ARCH_ROCKCHIP is not set in ubuntu 18.04 aarch64,arm64 (LP: #1825222)
    - [Config] Enable ROCKCHIP support for arm64

* backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash

* The alsa hda driver is not loaded due to the missing of PCIID for Comet
    Lake-S [8086:a3f0] (LP: #1852070)
    - SAUCE: ALSA: hda: Add Cometlake-S PCI ID

* Can't adjust brightness on DELL UHD dGPU AIO (LP: #1813877)
    - SAUCE: platform/x86: dell-uart-backlight: add missing status command
    - SAUCE: platform/x86: dell-uart-backlight: load driver by scalar status
    - SAUCE: platform/x86: dell-uart-backlight: add force parameter
    - SAUCE: platform/x86: dell-uart-backlight: add quirk for old platforms

* Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens

* Disable unreliable HPET on CFL-H system (LP: #1852216)
    - SAUCE: x86/intel: Disable HPET on Intel Coffe Lake H platforms

* i40e: Setting VF MAC address causes General Protection Fault (LP: #1852432)
    - i40e: Fix crash caused by stress setting of VF MAC addresses

* Bionic update: upstream stable patchset 2019-11-27 (LP: #1854216)
    - spi: mediatek: use correct mata->xfer_len when in fifo transfer
    - tee: optee: add missing of_node_put after of_device_is_available
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - idr: Fix idr_get_next race with idr_remove
    - mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
    - mm/memory_hotplug: fix updating the node span
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - fbdev: Ditch fb_edid_add_monspecs
    - net: ovs: fix return type of ndo_start_xmit function
    - net: xen-netback: fix return type of ndo_start_xmit function
    - ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
    - ARM: dts: omap5: enable OTG role for DWC3 controller
    - f2fs: return correct errno in f2fs_gc
    - ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
    - SUNRPC: Fix priority queue fairness
    - IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
    - kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
    - arm64/numa: Report correct memblock range for the dummy node
    - ath10k: fix vdev-start timeout on error
    - ata: ahci_brcm: Allow using driver or DSL SoCs
    - ath9k: fix reporting calculated new FFT upper max
    - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in
      fotg210_get_status()
    - usb: dwc3: gadget: Check ENBLSLPM before sending ep command
    - nl80211: Fix a GET_KEY reply attribute
    - irqchip/irq-mvebu-icu: Fix wrong private data retrieval
    - watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
    - KVM: PPC: Inform the userspace about TCE update failures
    - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
    - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
    - ext4: fix build error when DX_DEBUG is defined
    - clk: keystone: Enable TISCI clocks if K3_ARCH
    - sunrpc: Fix connect metrics
    - mei: samples: fix a signedness bug in amt_host_if_call()
    - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
    - cxgb4: Use proper enum in IEEE_FAUX_SYNC
    - powerpc/pseries: Fix DTL buffer registration
    - powerpc/pseries: Fix how we iterate over the DTL entries
    - powerpc/xive: Move a dereference below a NULL test
    - ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
    - ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
    - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
    - PM / hibernate: Check the success of generating md5 digest before
      hibernation
    - tools: PCI: Fix compilation warnings
    - clocksource/drivers/sh_cmt: Fixup for 64-bit machines
    - clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
    - md: allow metadata updates while suspending an array - fix
    - ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
    - i40e: Use proper enum in i40e_ndo_set_vf_link_state
    - ixgbe: Fix crash with VFs and flow director on interface flap
    - IB/mthca: Fix error return code in __mthca_init_one()
    - IB/mlx4: Avoid implicit enumerated type conversion
    - ACPICA: Never run _REG on system_memory and system_IO
    - powerpc/time: Use clockevents_register_device(), fixing an issue with large
      decrementer
    - ata: ep93xx: Use proper enums for directions
    - media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
    - media: pxa_camera: Fix check for pdev->dev.of_node
    - media: i2c: adv748x: Support probing a single output
    - ALSA: hda/sigmatel - Disable automute for Elo VuPoint
    - KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
    - USB: serial: cypress_m8: fix interrupt-out transfer length
    - mtd: physmap_of: Release resources on error
    - cpu/SMT: State SMT is disabled even with nosmt and without "=force"
    - brcmfmac: reduce timeout for action frame scan
    - brcmfmac: fix full timeout waiting for action frame on-channel tx
    - qtnfmac: pass sgi rate info flag to wireless core
    - qtnfmac: drop error reports for out-of-bounds key indexes
    - clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
    - clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
    - i2c: brcmstb: Allow enabling the driver on DSL SoCs
    - NFSv4.x: fix lock recovery during delegation recall
    - dmaengine: ioat: fix prototype of ioat_enumerate_channels
    - media: cec-gpio: select correct Signal Free Time
    - Input: st1232 - set INPUT_PROP_DIRECT property
    - Input: silead - try firmware reload after unsuccessful resume
    - remoteproc: Check for NULL firmwares in sysfs interface
    - kexec: Allocate decrypted control pages for kdump if SME is enabled
    - x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
    - dmaengine: rcar-dmac: set scatter/gather max segment size
    - crypto: mxs-dcp - Fix SHA null hashes and output length
    - crypto: mxs-dcp - Fix AES issues
    - xfrm: use correct size to initialise sp->ovec
    - ACPI / SBS: Fix rare oops when removing modules
    - iwlwifi: mvm: don't send keys when entering D3
    - x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
    - mmc: tmio: Fix SCC error detection
    - fbdev: sbuslib: use checked version of put_user()
    - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
    - reset: Fix potential use-after-free in __of_reset_control_get()
    - bcache: recal cached_dev_sectors on detach
    - media: dw9714: Fix error handling in probe function
    - s390/kasan: avoid vdso instrumentation
    - proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
    - backlight: lm3639: Unconditionally call led_classdev_unregister
    - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
    - printk: Give error on attempt to set log buffer length to over 2G
    - media: isif: fix a NULL pointer dereference bug
    - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
    - media: cx231xx: fix potential sign-extension overflow on large shift
    - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
    - gpio: syscon: Fix possible NULL ptr usage
    - spi: fsl-lpspi: Prevent FIFO under/overrun by default
    - pinctrl: gemini: Mask and set properly
    - spi: spidev: Fix OF tree warning logic
    - ARM: 8802/1: Call syscall_trace_exit even when system call skipped
    - orangefs: rate limit the client not running info message
    - pinctrl: gemini: Fix up TVC clock group
    - hwmon: (pwm-fan) Silence error on probe deferral
    - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
    - netfilter: nft_compat: do not dump private area
    - misc: cxl: Fix possible null pointer dereference
    - mac80211: minstrel: fix using short preamble CCK rates on HT clients
    - mac80211: minstrel: fix CCK rate group streams value
    - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
    - spi: rockchip: initialize dma_slave_config properly
    - mlxsw: spectrum_switchdev: Check notification relevance based on upper
      device
    - ARM: dts: omap5: Fix dual-role mode on Super-Speed port
    - tools: PCI: Fix broken pcitest compilation
    - powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
    - mmc: tmio: fix SCC error handling to avoid false positive CRC error
    - ARM: dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet
      PHY
    - tcp: up initial rmem to 128KB and SYN rwin to around 64KB
    - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq
    - f2fs: keep lazytime on remount
    - IB/hfi1: Error path MAD response size is incorrect
    - PM / devfreq: Fix devfreq_add_device() when drivers are built as modules.
    - PM / devfreq: Fix handling of min/max_freq == 0
    - PM / devfreq: stopping the governor before device_unregister()
    - watchdog: core: fix null pointer dereference when releasing cdev
    - watchdog: renesas_wdt: stop when unregistering
    - watchdog: sama5d4: fix timeout-sec usage
    - printk: Do not miss new messages when replaying the log
    - printk: CON_PRINTBUFFER console registration is a bit racy
    - ALSA: hda: Fix mismatch for register mask and value in ext controller.
    - x86/PCI: Apply VMD's AERSID fixup generically
    - IB/rxe: avoid srq memory leak
    - RDMA/hns: Bugfix for reserved qp number
    - RDMA/hns: Submit bad wr when post send wr exception
    - RDMA/hns: Bugfix for CM test
    - RDMA/hns: Limit the size of extend sge of sq
    - rpmsg: glink: smem: Support rx peak for size less than 4 bytes
    - qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers
    - clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume
    - printk: Correct wrong casting
    - mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size
    - atmel_lcdfb: support native-mode display-timings
    - fbdev: fix broken menu dependencies
    - bcache: account size of buckets used in uuid write to
      ca->meta_sectors_written
    - media: cx18: Don't check for address of video_dev
    - lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync
    - scsi: arcmsr: clean up clang warning on extraneous parentheses
    - hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors
    - tcp: start receiver buffer autotuning sooner
    - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
      hibernate
    - PM / devfreq: Fix static checker warning in try_then_request_governor
    - x86/resctrl: Fix rdt_find_domain() return value and checks

* Bionic update: upstream stable patchset 2019-11-25 (LP: #1853915)
    - kvm: mmu: Don't read PDPTEs when paging is not enabled
    - KVM: x86: introduce is_pae_paging
    - MIPS: BCM63XX: fix switch core reset on BCM6368
    - scsi: core: Handle drivers which set sg_tablesize to zero
    - Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs"
    - ax88172a: fix information leak on short answers
    - net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
    - slip: Fix memory leak in slip_open error path
    - ALSA: usb-audio: Fix missing error check at mixer resolution test
    - ALSA: usb-audio: not submit urb for stopped endpoint
    - Input: ff-memless - kill timer in destroy()
    - Input: synaptics-rmi4 - fix video buffer size
    - Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver
    - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
    - Input: synaptics-rmi4 - clear IRQ enables for F54
    - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
    - IB/hfi1: Ensure full Gen3 speed in a Gen4 system
    - i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present
    - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
    - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
    - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
    - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
    - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
    - mmc: sdhci-of-at91: fix quirk2 overwrite
    - iio: adc: max9611: explicitly cast gain_selectors
    - tee: optee: take DT status property into account
    - ath10k: fix kernel panic by moving pci flush after napi_disable
    - iio: dac: mcp4922: fix error handling in mcp4922_write_raw
    - arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage
    - arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage
    - ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
    - arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply
    - ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
    - rtc: rv8803: fix the rv8803 id in the OF table
    - remoteproc/davinci: Use %zx for formating size_t
    - extcon: cht-wc: Return from default case to avoid warnings
    - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
    - ALSA: seq: Do error checks at creating system ports
    - ath9k: fix tx99 with monitor mode interface
    - ath10k: limit available channels via DT ieee80211-freq-limit
    - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
    - ASoC: dpcm: Properly initialise hw->rate_max
    - pinctrl: ingenic: Probe driver at subsys_initcall
    - MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
    - ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
    - liquidio: fix race condition in instruction completion processing
    - ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks
    - i40e: use correct length for strncpy
    - i40e: hold the rtnl lock on clearing interrupt scheme
    - i40e: Prevent deleting MAC address from VF when set by PF
    - IB/rxe: fixes for rdma read retry
    - iwlwifi: don't WARN on trying to dump dead firmware
    - iwlwifi: mvm: avoid sending too many BARs
    - ARM: dts: pxa: fix the rtc controller
    - ARM: dts: pxa: fix power i2c base address
    - rtl8187: Fix warning generated when strncpy() destination length matches the
      sixe argument
    - soc: imx: gpc: fix PDN delay
    - ASoC: rsnd: ssi: Fix issue in dma data address assignment
    - net: phy: mscc: read 'vsc8531,vddmac' as an u32
    - net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32
    - ARM: dts: meson8: fix the clock controller register size
    - ARM: dts: meson8b: fix the clock controller register size
    - net: lan78xx: Bail out if lan78xx_get_endpoints fails
    - ASoC: sgtl5000: avoid division by zero if lo_vag is zero
    - ARM: dts: exynos: Disable pull control for S5M8767 PMIC
    - ath10k: wmi: disable softirq's while calling ieee80211_rx
    - IB/ipoib: Ensure that MTU isn't less than minimum permitted
    - RDMA/core: Rate limit MAD error messages
    - RDMA/core: Follow correct unregister order between sysfs and cgroup
    - mips: txx9: fix iounmap related issue
    - ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
    - of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
    - ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in
      other DTS files
    - ARM: dts: omap3-gta04: fixes for tvout / venc
    - ARM: dts: omap3-gta04: tvout: enable as display1 alias
    - ARM: dts: omap3-gta04: fix touchscreen tsc2007
    - ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
    - ARM: dts: omap3-gta04: keep vpll2 always on
    - sched/debug: Use symbolic names for task state constants
    - arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire
    - dmaengine: dma-jz4780: Don't depend on MACH_JZ4780
    - dmaengine: dma-jz4780: Further residue status fix
    - EDAC, sb_edac: Return early on ADDRV bit and address type test
    - rtc: mt6397: fix possible race condition
    - rtc: pl030: fix possible race condition
    - ath9k: add back support for using active monitor interfaces for tx99
    - IB/hfi1: Missing return value in error path for user sdma
    - signal: Always ignore SIGKILL and SIGSTOP sent to the global init
    - signal: Properly deliver SIGILL from uprobes
    - signal: Properly deliver SIGSEGV from x86 uprobes
    - f2fs: fix memory leak of percpu counter in fill_super()
    - scsi: qla2xxx: Fix iIDMA error
    - scsi: qla2xxx: Defer chip reset until target mode is enabled
    - scsi: qla2xxx: Fix dropped srb resource.
    - scsi: lpfc: Fix errors in log messages.
    - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
    - ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
    - scsi: pm80xx: Corrected dma_unmap_sg() parameter
    - scsi: pm80xx: Fixed system hang issue during kexec boot
    - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
    - Drivers: hv: vmbus: Fix synic per-cpu context initialization
    - nvmem: core: return error code instead of NULL from nvmem_device_get
    - media: dt-bindings: adv748x: Fix decimal unit addresses
    - media: fix: media: pci: meye: validate offset to avoid arbitrary access
    - media: dvb: fix compat ioctl translation
    - arm64: dts: meson: libretech: update board model
    - ALSA: intel8x0m: Register irq handler after register initializations
    - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
    - llc: avoid blocking in llc_sap_close()
    - ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value
    - soc: qcom: wcnss_ctrl: Avoid string overflow
    - ARM: dts: socfpga: Fix I2C bus unit-address error
    - pinctrl: at91: don't use the same irqchip with multiple gpiochips
    - cxgb4: Fix endianness issue in t4_fwcache()
    - blok, bfq: do not plug I/O if all queues are weight-raised
    - arm64: dts: meson: Fix erroneous SPI bus warnings
    - power: supply: ab8500_fg: silence uninitialized variable warnings
    - power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
    - power: supply: max8998-charger: Fix platform data retrieval
    - component: fix loop condition to call unbind() if bind() fails
    - kernfs: Fix range checks in kernfs_get_target_path
    - ip_gre: fix parsing gre header in ipgre_err
    - ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036
    - ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
    - ath9k: Fix a locking bug in ath9k_add_interface()
    - s390/qeth: invoke softirqs after napi_schedule()
    - PCI/ACPI: Correct error message for ASPM disabling
    - serial: uartps: Fix suspend functionality
    - serial: samsung: Enable baud clock for UART reset procedure in resume
    - serial: mxs-auart: Fix potential infinite loop
    - samples/bpf: fix a compilation failure
    - spi: mediatek: Don't modify spi_transfer when transfer.
    - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
    - net: hns3: fix return type of ndo_start_xmit function
    - powerpc/iommu: Avoid derefence before pointer check
    - powerpc/64s/hash: Fix stab_rr off by one initialization
    - powerpc/pseries: Disable CPU hotplug across migrations
    - powerpc: Fix duplicate const clang warning in user access code
    - RDMA/i40iw: Fix incorrect iterator type
    - libfdt: Ensure INT_MAX is defined in libfdt_env.h
    - power: supply: twl4030_charger: fix charging current out-of-bounds
    - power: supply: twl4030_charger: disable eoc interrupt on linear charge
    - net: toshiba: fix return type of ndo_start_xmit function
    - net: xilinx: fix return type of ndo_start_xmit function
    - net: broadcom: fix return type of ndo_start_xmit function
    - net: amd: fix return type of ndo_start_xmit function
    - net: sun: fix return type of ndo_start_xmit function
    - nfp: provide a better warning when ring allocation fails
    - usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already
      started
    - usb: chipidea: Fix otg event handler
    - mlxsw: spectrum: Init shaper for TCs 8..15
    - ARM: dts: am335x-evm: fix number of cpsw
    - f2fs: fix to recover inode's uid/gid during POR
    - ARM: dts: ux500: Correct SCU unit address
    - ARM: dts: ux500: Fix LCDA clock line muxing
    - ARM: dts: ste: Fix SPI controller node names
    - spi: pic32: Use proper enum in dmaengine_prep_slave_rg
    - cpufeature: avoid warning when compiling with clang
    - crypto: arm/crc32 - avoid warning when compiling with Clang
    - ARM: dts: marvell: Fix SPI and I2C bus warnings
    - x86/mce-inject: Reset injection struct after injection
    - ARM: dts: clearfog: fix sdhci supply property name
    - bnx2x: Ignore bandwidth attention in single function mode
    - samples/bpf: fix compilation failure
    - net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider
    - net: micrel: fix return type of ndo_start_xmit function
    - net: freescale: fix return type of ndo_start_xmit function
    - x86/CPU: Use correct macros for Cyrix calls
    - x86/CPU: Change query logic so CPUID is enabled before testing
    - MIPS: kexec: Relax memory restriction
    - arm64: dts: rockchip: Fix microSD in rk3399 sapphire board
    - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
    - media: au0828: Fix incorrect error messages
    - media: davinci: Fix implicit enum conversion warning
    - ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock
    - usb: gadget: uvc: configfs: Drop leaked references to config items
    - usb: gadget: uvc: configfs: Prevent format changes after linking header
    - i2c: aspeed: fix invalid clock parameters for very large divisors
    - phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs
    - phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs
    - phy: phy-twl4030-usb: fix denied runtime access
    - usb: gadget: uvc: Factor out video USB request queueing
    - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
    - coresight: Fix handling of sinks
    - coresight: perf: Fix per cpu path management
    - coresight: perf: Disable trace path upon source error
    - coresight: etm4x: Configure EL2 exception level when kernel is running in
      HYP
    - coresight: tmc: Fix byte-address alignment for RRP
    - misc: kgdbts: Fix restrict error
    - misc: genwqe: should return proper error value.
    - vfio/pci: Fix potential memory leak in vfio_msi_cap_len
    - vfio/pci: Mask buggy SR-IOV VF INTx support
    - scsi: libsas: always unregister the old device if going to discover new
    - phy: lantiq: Fix compile warning
    - ARM: dts: tegra30: fix xcvr-setup-use-fuses
    - ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
    - ARM: dts: paz00: fix wakeup gpio keycode
    - net: smsc: fix return type of ndo_start_xmit function
    - net: faraday: fix return type of ndo_start_xmit function
    - f2fs: fix to recover inode's project id during POR
    - f2fs: mark inode dirty explicitly in recover_inode()
    - EDAC: Raise the maximum number of memory controllers
    - ARM: dts: realview: Fix SPI controller node names
    - firmware: dell_rbu: Make payload memory uncachable
    - Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto
      races
    - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
    - x86/hyperv: Suppress "PCI: Fatal: No config space access function found"
    - crypto: s5p-sss: Fix Fix argument list alignment
    - crypto: fix a memory leak in rsa-kcs1pad's encryption mode
    - iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug
      dump
    - iwlwifi: api: annotate compressed BA notif array sizes
    - iwlwifi: mvm: Allow TKIP for AP mode
    - scsi: NCR5380: Clear all unissued commands on host reset
    - scsi: NCR5380: Have NCR5380_select() return a bool
    - scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE
    - scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data
    - scsi: NCR5380: Check for invalid reselection target
    - scsi: NCR5380: Don't clear busy flag when abort fails
    - scsi: NCR5380: Don't call dsprintk() following reselection interrupt
    - scsi: NCR5380: Handle BUS FREE during reselection
    - scsi: NCR5380: Check for bus reset
    - arm64: dts: amd: Fix SPI bus warnings
    - arm64: dts: lg: Fix SPI controller node names
    - ARM: dts: lpc32xx: Fix SPI controller node names
    - rtc: armada38x: fix possible race condition
    - netfilter: masquerade: don't flush all conntracks if only one address
      deleted on device
    - usb: xhci-mtk: fix ISOC error when interval is zero
    - fuse: use READ_ONCE on congestion_threshold and max_background
    - IB/iser: Fix possible NULL deref at iser_inv_desc()
    - net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused
    - memfd: Use radix_tree_deref_slot_protected to avoid the warning.
    - slcan: Fix memory leak in error path
    - ipmr: Fix skb headroom in ipmr_get_route().
    - IB/hfi1: Use a common pad buffer for 9B and 16B packets
    - net: ethernet: dwmac-sun8i: Use the correct function in exit path
    - mm: mempolicy: fix the wrong return value and potential pages leak of mbind
    - scsi: bfa: use proper time accessor for stats_reset_time
    - y2038: make do_gettimeofday() and get_seconds() inline
    - ARM: dts: rcar: Correct SATA device sizes to 2 MiB
    - ARM: dts: exynos: Use i2c-gpio for HDMI-DDC on Arndale
    - ARM: dts: exynos: Fix HDMI-HPD line handling on Arndale
    - i40evf: Validate the number of queues a PF sends
    - i40evf: set IFF_UNICAST_FLT flag for the VF
    - i40evf: cancel workqueue sync for adminq when a VF is removed
    - IB/rxe: avoid back-to-back retries
    - brcmfmac: fix wrong strnchr usage
    - mtd: rawnand: fsl_ifc: check result of SRAM initialization
    - mtd: rawnand: fsl_ifc: fixup SRAM init for newer ctrl versions
    - rtnetlink: move type calculation out of loop
    - udf: Fix crash during mount
    - sched/debug: Explicitly cast sched_feat() to bool
    - usb: mtu3: disable vbus rise/fall interrupts of ltssm
    - dmaengine: at_xdmac: remove a stray bottom half unlock
    - scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0
    - scsi: qla2xxx: Fix deadlock between ATIO and HW lock
    - scsi: qla2xxx: Fix port speed display on chip reset
    - scsi: lpfc: Correct invalid EQ doorbell write on if_type=6
    - net: aquantia: fix hw_atl_utils_fw_upload_dwords
    - ALSA: hda: Fix implicit definition of pci_iomap() on SH
    - net: bcmgenet: Fix speed selection for reverse MII
    - arm64: dts: broadcom: Fix I2C and SPI bus warnings
    - ARM: dts: bcm: Fix SPI bus warnings
    - ARM: dts: aspeed: Fix I2C bus warnings
    - ARM: dts: sunxi: Fix I2C bus warnings
    - ARM: dts: sun9i: Fix I2C bus warnings
    - arm64: fix for bad_mode() handler to always result in panic
    - netfilter: nf_tables: avoid BUG_ON usage
    - media: vsp1: Fix YCbCr planar formats pitch calculation
    - PCI: mediatek: Fix unchecked return value
    - ARM: dts: xilinx: Fix I2C and SPI bus warnings
    - ipmi_si_pci: fix NULL device in ipmi_si error message
    - ipmi_si: fix potential integer overflow on large shift
    - net: cavium: fix return type of ndo_start_xmit function
    - net: ibm: fix return type of ndo_start_xmit function
    - selftests/powerpc: Do not fail with reschedule
    - usb: usbtmc: Fix ioctl USBTMC_IOCTL_ABORT_BULK_OUT
    - s390/zcrypt: enable AP bus scan without a valid default domain
    - s390/vdso: avoid 64-bit vdso mapping for compat tasks
    - brcmsmac: allocate ucode with GFP_KERNEL
    - brcmsmac: Use kvmalloc() for ucode allocations
    - EDAC: Correct DIMM capacity unit symbol
    - gpiolib: Fix gpio_direction_* for single direction GPIOs
    - arm64: dts: fsl: Fix I2C and SPI bus warnings
    - ARM: dts: imx51-zii-rdu1: Fix the rtc compatible string
    - f2fs: update i_size after DIO completion
    - RDMA: Fix dependencies for rdma_user_mmap_io
    - crypto: s5p-sss: Fix race in error handling
    - iwlwifi: pcie: gen2: build A-MSDU only for GSO
    - iwlwifi: pcie: fit reclaim msg to MAX_MSG_LEN
    - usb: usbtmc: uninitialized symbol 'actual' in usbtmc_ioctl_clear
    - s390/vdso: correct vdso mapping for compat tasks

* Bionic update: upstream stable patchset 2019-11-21 (LP: #1853519)
    - bonding: fix state transition issue in link monitoring
    - CDC-NCM: handle incomplete transfer of MTU
    - ipv4: Fix table id reference in fib_sync_down_addr
    - net: ethernet: octeon_mgmt: Account for second possible VLAN header
    - net: fix data-race in neigh_event_send()
    - net: qualcomm: rmnet: Fix potential UAF when unregistering
    - net: usb: qmi_wwan: add support for DW5821e with eSIM support
    - NFC: fdp: fix incorrect free object
    - nfc: netlink: fix double device reference drop
    - NFC: st21nfca: fix double free
    - qede: fix NULL pointer deref in __qede_remove()
    - ALSA: timer: Fix incorrectly assigned timer instance
    - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite
      Saffire Pro i/o series
    - ALSA: hda/ca0132 - Fix possible workqueue stall
    - mm: thp: handle page cache THP correctly in PageTransCompoundMap
    - mm, vmstat: hide /proc/pagetypeinfo from normal users
    - dump_stack: avoid the livelock of the dump_lock
    - tools: gpio: Use !building_out_of_srctree to determine srctree
    - perf tools: Fix time sorting
    - drm/radeon: fix si_enable_smc_cac() failed issue
    - HID: wacom: generic: Treat serial number and related fields as unsigned
    - arm64: Do not mask out PTE_RDONLY in pte_same()
    - ceph: fix use-after-free in __ceph_remove_cap()
    - ceph: add missing check in d_revalidate snapdir handling
    - iio: adc: stm32-adc: fix stopping dma
    - iio: imu: adis16480: make sure provided frequency is positive
    - iio: srf04: fix wrong limitation in distance measuring
    - netfilter: nf_tables: Align nft_expr private data to 64-bit
    - netfilter: ipset: Fix an error code in ip_set_sockfn_get()
    - intel_th: pci: Add Comet Lake PCH support
    - intel_th: pci: Add Jasper Lake PCH support
    - can: usb_8dev: fix use-after-free on disconnect
    - can: c_can: c_can_poll(): only read status register after status IRQ
    - can: peak_usb: fix a potential out-of-sync while decoding packets
    - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid
      skb mem leak
    - can: gs_usb: gs_can_open(): prevent memory leak
    - can: mcba_usb: fix use-after-free on disconnect
    - can: peak_usb: fix slab info leak
    - configfs: stash the data we need into configfs_buffer at open time
    - configfs_register_group() shouldn't be (and isn't) called in rmdirable parts
    - configfs: new object reprsenting tree fragments
    - configfs: provide exclusion between IO and removals
    - configfs: fix a deadlock in configfs_symlink()
    - usb: dwc3: Allow disabling of metastability workaround
    - mfd: palmas: Assign the right powerhold mask for tps65917
    - ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes
    - ARM: dts: dra7: Disable USB metastability workaround for USB2
    - [Config] updateconfigs for SGL_ALLOC
    - lib/scatterlist: Introduce sgl_alloc() and sgl_free()
    - usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path
    - usbip: Implement SG support to vhci-hcd and stub driver
    - PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
    - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config
    - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring()
    - RDMA/qedr: Fix reported firmware version
    - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq
    - scsi: qla2xxx: fixup incorrect usage of host_byte
    - RDMA/uverbs: Prevent potential underflow
    - net: openvswitch: free vport unless register_netdevice() succeeds
    - scsi: lpfc: Honor module parameter lpfc_use_adisc
    - scsi: qla2xxx: Initialized mailbox to prevent driver load failure
    - ipvs: don't ignore errors in case refcounting ip_vs module fails
    - ipvs: move old_secure_tcp into struct netns_ipvs
    - bonding: fix unexpected IFF_BONDING bit unset
    - macsec: fix refcnt leak in module exit routine
    - usb: fsl: Check memory resource before releasing it
    - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode.
    - usb: gadget: composite: Fix possible double free memory bug
    - usb: gadget: configfs: fix concurrent issue between composite APIs
    - usb: dwc3: remove the call trace of USBx_GFLADJ
    - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise
      RIP validity
    - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h)
    - USB: Skip endpoints with 0 maxpacket length
    - USB: ldusb: use unsigned size format specifiers
    - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case
    - scsi: qla2xxx: stop timer in shutdown path
    - fjes: Handle workqueue allocation failure
    - net: hisilicon: Fix "Trying to free already-free IRQ"
    - hv_netvsc: Fix error handling in netvsc_attach()
    - NFSv4: Don't allow a cached open with a revoked delegation
    - net: ethernet: arc: add the missed clk_disable_unprepare
    - igb: Fix constant media auto sense switching when no cable is connected
    - e1000: fix memory leaks
    - x86/apic: Move pending interrupt check code into it's own function
    - x86/apic: Drop logical_smp_processor_id() inline
    - x86/apic/32: Avoid bogus LDR warnings
    - can: flexcan: disable completely the ECC mechanism
    - mm/filemap.c: don't initiate writeback if mapping has no dirty pages
    - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is
      dead
    - usbip: Fix free of unallocated memory in vhci tx
    - net: prevent load/store tearing on sk->sk_stamp
    - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
    - x86/cpu: Add Tremont to the cpu vulnerability whitelist
    - Documentation: Add ITLB_MULTIHIT documentation
    - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path
    - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges
    - mm, meminit: recalculate pcpu batch and high limits after init completes
    - SMB3: Fix persistent handles reconnect
    - dmaengine: sprd: Fix the possible memory leak issue
    - iw_cxgb4: fix ECN check on the passive accept
    - perf/x86/uncore: Fix event group support
    - usbip: tools: Fix read_usb_vudc_device() error path handling
    - RDMA/hns: Prevent memory leaks of eq->buf_list
    - drm/amdgpu: If amdgpu_ib_schedule fails return back the error.
    - drm/amd/display: Passive DP->HDMI dongle detection fix
    - pinctrl: intel: Initialize GPIO properly when used through irqchip
    - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode
    - pinctrl: cherryview: Fix irq_valid_mask calculation
    - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets
    - vsock/virtio: fix sock refcnt holding during the shutdown

* Bionic update: upstream stable patchset 2019-11-19 (LP: #1853208)
    - arm64: dts: Fix gpio to pinmux mapping
    - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
    - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe()
      could be uninitialized
    - ASoC: wm_adsp: Don't generate kcontrols without READ flags
    - ASoc: rockchip: i2s: Fix RPM imbalance
    - ARM: dts: logicpd-torpedo-som: Remove twl_keypad
    - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable()
    - ARM: mm: fix alignment handler faults under memory pressure
    - scsi: scsi_dh_alua: handle RTPG sense code correctly during state
      transitions
    - scsi: sni_53c710: fix compilation error
    - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
    - ARM: dts: imx7s: Correct GPT's ipg clock source
    - perf c2c: Fix memory leak in build_cl_output()
    - perf kmem: Fix memory leak in compact_gfp_flags()
    - ARM: davinci: dm365: Fix McBSP dma_slave_map entry
    - scsi: target: core: Do not overwrite CDB byte 1
    - ARM: 8926/1: v7m: remove register save to stack before svc
    - of: unittest: fix memory leak in unittest_data_add
    - MIPS: bmips: mark exception vectors as char arrays
    - i2c: stm32f7: remove warning when compiling with W=1
    - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
    - nbd: handle racing with error'ed out commands
    - cxgb4: fix panic when attaching to ULD fail
    - dccp: do not leak jiffies on the wire
    - net: annotate accesses to sk->sk_incoming_cpu
    - net: annotate lockless accesses to sk->sk_napi_id
    - net: dsa: bcm_sf2: Fix IMP setup for port different than 8
    - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum
    - net: fix sk_page_frag() recursion from memory reclaim
    - net: hisilicon: Fix ping latency when deal with high throughput
    - net/mlx4_core: Dynamically set guaranteed amount of counters per VF
    - selftests: net: reuseport_dualstack: fix uninitalized parameter
    - udp: fix data-race in udp_set_dev_scratch()
    - net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
    - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget
    - net: dsa: b53: Do not clear existing mirrored port mask
    - net: usb: lan78xx: Connect PHY before registering MAC
    - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2
    - net: dsa: fix switch tree list
    - net: bcmgenet: reset 40nm EPHY on energy detect
    - net: add skb_queue_empty_lockless()
    - udp: use skb_queue_empty_lockless()
    - net: use skb_queue_empty_lockless() in poll() handlers
    - net: use skb_queue_empty_lockless() in busy poll contexts
    - vxlan: check tun_info options_len properly
    - erspan: fix the tun_info options_len check for erspan
    - inet: stop leaking jiffies on the wire
    - net/flow_dissector: switch to siphash
    - kbuild: use -fmacro-prefix-map to make __FILE__ a relative path
    - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI
      table
    - iio: adc: stm32-adc: move registers definitions
    - powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions
    - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag
    - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue
    - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc
    - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay
    - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay
    - scsi: qla2xxx: fix a potential NULL pointer dereference
    - irqchip/gic-v3-its: Use the exact ITSList for VMOVP
    - netns: fix GFP flags in rtnl_net_notifyid()
    - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq()
    - wireless: Skip directory when generating certificates
    - ASoC: pcm3168a: The codec does not support S32_LE
    - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending
      driver fails

-- Khalid Elmously <khalid.elmously@canonical.com>  Wed, 18 Dec 2019 17:20:22 -0500

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-01-06:

#7

Download full text (15.0 KiB)

This bug was fixed in the package linux - 4.4.0-171.200

---------------
linux (4.4.0-171.200) xenial; urgency=medium

* xenial/linux: 4.4.0-171.200 -proposed tracker (LP: #1854835)

* CVE-2019-14901
- SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
- SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
- SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

  * CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

  * cloudimg: no iavf/i40evf module so no network available with SR-IOV enabled
    cloud (LP: #1848481)
    - [Packaging]: include i40evf in generic

  * update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: fix bug that might cause hang after consecutive open/close
      interface.
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval

  * backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - linux/kernel.h: move DIV_ROUND_DOWN_ULL() macro
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash

  * Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens

  * Xenial update: 4.4.203 upstream stable release (LP: #1853881)
    - slip: Fix memory leak in slip_open error path
    - ax88172a: fix information leak on short answers
    - ALSA: usb-audio: Fix missing error check at mixer resolution test
    - ALSA: usb-audio: not submit urb for stopped endpoint
    - Input: ff-memless - kill timer in destroy()
    - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
    - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
    - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
    - mm: memcg: switch to css_tryget() in g...

This bug was fixed in the package linux - 4.4.0-171.200

---------------
linux (4.4.0-171.200) xenial; urgency=medium

* xenial/linux: 4.4.0-171.200 -proposed tracker (LP: #1854835)

* CVE-2019-14901
    - SAUCE: mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame()

* CVE-2019-14896 // CVE-2019-14897
    - SAUCE: libertas: Fix two buffer overflows at parsing bss descriptor

* CVE-2019-14895
    - SAUCE: mwifiex: fix possible heap overflow in mwifiex_process_country_ie()

* CVE-2019-18660: patches for Ubuntu (LP: #1853142) // CVE-2019-18660
    - powerpc/64s: support nospectre_v2 cmdline option
    - powerpc/book3s64: Fix link stack flush on context switch
    - KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel

* cloudimg: no iavf/i40evf module so no network available with SR-IOV enabled
    cloud (LP: #1848481)
    - [Packaging]: include i40evf in generic

* update ENA driver for DIMLIB dynamic interrupt moderation (LP: #1853180)
    - net: ena: fix bug that might cause hang after consecutive open/close
      interface.
    - net: ena: add intr_moder_rx_interval to struct ena_com_dev and use it
    - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
    - net: ena: reimplement set/get_coalesce()
    - net: ena: enable the interrupt_moderation in driver_supported_features
    - net: ena: remove code duplication in
      ena_com_update_nonadaptive_moderation_interval _*()
    - net: ena: remove old adaptive interrupt moderation code from ena_netdev
    - net: ena: remove ena_restore_ethtool_params() and relevant fields
    - net: ena: remove all old adaptive rx interrupt moderation code from ena_com
    - net: ena: fix update of interrupt moderation register
    - net: ena: fix retrieval of nonadaptive interrupt moderation intervals
    - net: ena: fix incorrect update of intr_delay_resolution
    - net: ena: Select DIMLIB for ENA_ETHERNET
    - SAUCE: net: ena: fix issues in setting interrupt moderation params in
      ethtool
    - SAUCE: net: ena: fix too long default tx interrupt moderation interval

* backport DIMLIB (lib/dim/) to pre-5.2 kernels (LP: #1852637)
    - include/linux/bitops.h: introduce BITS_PER_TYPE
    - linux/kernel.h: move DIV_ROUND_DOWN_ULL() macro
    - [Config] enable DIMLIB
    - linux/dim: import DIMLIB (lib/dim/)
    - SAUCE: linux/dim: avoid library object filename clash

* Enable framebuffer fonts auto selection for HighDPI screen (LP: #1851623)
    - fonts: Fix coding style
    - fonts: Prefer a bigger font for high resolution screens

* Xenial update: 4.4.203 upstream stable release (LP: #1853881)
    - slip: Fix memory leak in slip_open error path
    - ax88172a: fix information leak on short answers
    - ALSA: usb-audio: Fix missing error check at mixer resolution test
    - ALSA: usb-audio: not submit urb for stopped endpoint
    - Input: ff-memless - kill timer in destroy()
    - ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable
    - ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either
    - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
    - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
    - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
    - mmc: sdhci-of-at91: fix quirk2 overwrite
    - iio: dac: mcp4922: fix error handling in mcp4922_write_raw
    - ALSA: pcm: signedness bug in snd_pcm_plug_alloc()
    - ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45
    - ALSA: seq: Do error checks at creating system ports
    - gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated
    - ASoC: dpcm: Properly initialise hw->rate_max
    - MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3
    - ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook
    - i40e: use correct length for strncpy
    - i40e: hold the rtnl lock on clearing interrupt scheme
    - i40e: Prevent deleting MAC address from VF when set by PF
    - ARM: dts: pxa: fix power i2c base address
    - rtl8187: Fix warning generated when strncpy() destination length matches the
      sixe argument
    - net: lan78xx: Bail out if lan78xx_get_endpoints fails
    - ASoC: sgtl5000: avoid division by zero if lo_vag is zero
    - ath10k: wmi: disable softirq's while calling ieee80211_rx
    - mips: txx9: fix iounmap related issue
    - of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC
    - ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in
      other DTS files
    - ARM: dts: omap3-gta04: tvout: enable as display1 alias
    - ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot
    - ARM: dts: omap3-gta04: keep vpll2 always on
    - dmaengine: dma-jz4780: Further residue status fix
    - signal: Always ignore SIGKILL and SIGSTOP sent to the global init
    - signal: Properly deliver SIGILL from uprobes
    - signal: Properly deliver SIGSEGV from x86 uprobes
    - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir()
    - ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set
    - scsi: pm80xx: Corrected dma_unmap_sg() parameter
    - scsi: pm80xx: Fixed system hang issue during kexec boot
    - kprobes: Don't call BUG_ON() if there is a kprobe in use on free list
    - nvmem: core: return error code instead of NULL from nvmem_device_get
    - media: fix: media: pci: meye: validate offset to avoid arbitrary access
    - ALSA: intel8x0m: Register irq handler after register initializations
    - pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map()
    - llc: avoid blocking in llc_sap_close()
    - powerpc/vdso: Correct call frame information
    - ARM: dts: socfpga: Fix I2C bus unit-address error
    - pinctrl: at91: don't use the same irqchip with multiple gpiochips
    - cxgb4: Fix endianness issue in t4_fwcache()
    - power: supply: ab8500_fg: silence uninitialized variable warnings
    - power: supply: max8998-charger: Fix platform data retrieval
    - kernfs: Fix range checks in kernfs_get_target_path
    - s390/qeth: invoke softirqs after napi_schedule()
    - PCI/ACPI: Correct error message for ASPM disabling
    - serial: mxs-auart: Fix potential infinite loop
    - powerpc/iommu: Avoid derefence before pointer check
    - powerpc/64s/hash: Fix stab_rr off by one initialization
    - powerpc/pseries: Disable CPU hotplug across migrations
    - libfdt: Ensure INT_MAX is defined in libfdt_env.h
    - power: supply: twl4030_charger: fix charging current out-of-bounds
    - power: supply: twl4030_charger: disable eoc interrupt on linear charge
    - net: toshiba: fix return type of ndo_start_xmit function
    - net: xilinx: fix return type of ndo_start_xmit function
    - net: broadcom: fix return type of ndo_start_xmit function
    - net: amd: fix return type of ndo_start_xmit function
    - usb: chipidea: Fix otg event handler
    - ARM: dts: am335x-evm: fix number of cpsw
    - ARM: dts: ux500: Correct SCU unit address
    - ARM: dts: ux500: Fix LCDA clock line muxing
    - ARM: dts: ste: Fix SPI controller node names
    - cpufeature: avoid warning when compiling with clang
    - bnx2x: Ignore bandwidth attention in single function mode
    - net: micrel: fix return type of ndo_start_xmit function
    - x86/CPU: Use correct macros for Cyrix calls
    - MIPS: kexec: Relax memory restriction
    - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
    - media: davinci: Fix implicit enum conversion warning
    - usb: gadget: uvc: configfs: Drop leaked references to config items
    - usb: gadget: uvc: configfs: Prevent format changes after linking header
    - usb: gadget: uvc: Factor out video USB request queueing
    - usb: gadget: uvc: Only halt video streaming endpoint in bulk mode
    - misc: kgdbts: Fix restrict error
    - misc: genwqe: should return proper error value.
    - vfio/pci: Fix potential memory leak in vfio_msi_cap_len
    - scsi: libsas: always unregister the old device if going to discover new
    - ARM: dts: tegra30: fix xcvr-setup-use-fuses
    - ARM: tegra: apalis_t30: fix mmc1 cmd pull-up
    - net: smsc: fix return type of ndo_start_xmit function
    - EDAC: Raise the maximum number of memory controllers
    - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
    - arm64: dts: amd: Fix SPI bus warnings
    - fuse: use READ_ONCE on congestion_threshold and max_background
    - Bluetooth: hci_ldisc: Fix null pointer derefence in case of early data
    - Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in
      hci_uart_set_proto()
    - memfd: Use radix_tree_deref_slot_protected to avoid the warning.
    - slcan: Fix memory leak in error path
    - net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
    - x86/atomic: Fix smp_mb__{before,after}_atomic()
    - kprobes/x86: Prohibit probing on exception masking instructions
    - uprobes/x86: Prohibit probing on MOV SS instruction
    - [Config] Remove unused SH-Mobile HDMI driver
    - fbdev: Remove unused SH-Mobile HDMI driver
    - fbdev: Ditch fb_edid_add_monspecs
    - block: introduce blk_rq_is_passthrough
    - libata: have ata_scsi_rw_xlat() fail invalid passthrough requests
    - net: ovs: fix return type of ndo_start_xmit function
    - f2fs: return correct errno in f2fs_gc
    - SUNRPC: Fix priority queue fairness
    - ath10k: fix vdev-start timeout on error
    - ath9k: fix reporting calculated new FFT upper max
    - usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in
      fotg210_get_status()
    - nl80211: Fix a GET_KEY reply attribute
    - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
    - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
    - mei: samples: fix a signedness bug in amt_host_if_call()
    - cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
    - cxgb4: Use proper enum in IEEE_FAUX_SYNC
    - powerpc/pseries: Fix DTL buffer registration
    - powerpc/pseries: Fix how we iterate over the DTL entries
    - mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
    - ixgbe: Fix crash with VFs and flow director on interface flap
    - IB/mthca: Fix error return code in __mthca_init_one()
    - ata: ep93xx: Use proper enums for directions
    - ALSA: hda/sigmatel - Disable automute for Elo VuPoint
    - KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
    - USB: serial: cypress_m8: fix interrupt-out transfer length
    - mtd: physmap_of: Release resources on error
    - brcmfmac: fix full timeout waiting for action frame on-channel tx
    - NFSv4.x: fix lock recovery during delegation recall
    - dmaengine: ioat: fix prototype of ioat_enumerate_channels
    - Input: st1232 - set INPUT_PROP_DIRECT property
    - x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
    - crypto: mxs-dcp - Fix SHA null hashes and output length
    - crypto: mxs-dcp - Fix AES issues
    - ACPI / SBS: Fix rare oops when removing modules
    - fbdev: sbuslib: use checked version of put_user()
    - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
    - bcache: recal cached_dev_sectors on detach
    - proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
    - backlight: lm3639: Unconditionally call led_classdev_unregister
    - printk: Give error on attempt to set log buffer length to over 2G
    - media: isif: fix a NULL pointer dereference bug
    - GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
    - media: cx231xx: fix potential sign-extension overflow on large shift
    - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
    - gpio: syscon: Fix possible NULL ptr usage
    - spi: spidev: Fix OF tree warning logic
    - ARM: 8802/1: Call syscall_trace_exit even when system call skipped
    - hwmon: (pwm-fan) Silence error on probe deferral
    - mac80211: minstrel: fix CCK rate group streams value
    - spi: rockchip: initialize dma_slave_config properly
    - arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
    - Linux 4.4.203

* Xenial update: 4.4.202 upstream stable release (LP: #1853177)
    - kvm: mmu: Don't read PDPTEs when paging is not enabled
    - MIPS: BCM63XX: fix switch core reset on BCM6368
    - powerpc/Makefile: Use cflags-y/aflags-y for setting endian options
    - powerpc: Fix compiling a BE kernel with a powerpc64le toolchain
    - powerpc/boot: Request no dynamic linker for boot wrapper
    - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
    - Linux 4.4.202

* Xenial update: 4.4.201 upstream stable release (LP: #1852335)
    - CDC-NCM: handle incomplete transfer of MTU
    - net: fix data-race in neigh_event_send()
    - NFC: fdp: fix incorrect free object
    - NFC: st21nfca: fix double free
    - qede: fix NULL pointer deref in __qede_remove()
    - nfc: netlink: fix double device reference drop
    - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite
      Saffire Pro i/o series
    - ALSA: hda/ca0132 - Fix possible workqueue stall
    - mm, vmstat: hide /proc/pagetypeinfo from normal users
    - dump_stack: avoid the livelock of the dump_lock
    - perf tools: Fix time sorting
    - drm/radeon: fix si_enable_smc_cac() failed issue
    - ceph: fix use-after-free in __ceph_remove_cap()
    - iio: imu: adis16480: make sure provided frequency is positive
    - netfilter: nf_tables: Align nft_expr private data to 64-bit
    - netfilter: ipset: Fix an error code in ip_set_sockfn_get()
    - can: usb_8dev: fix use-after-free on disconnect
    - can: c_can: c_can_poll(): only read status register after status IRQ
    - can: peak_usb: fix a potential out-of-sync while decoding packets
    - can: gs_usb: gs_can_open(): prevent memory leak
    - can: peak_usb: fix slab info leak
    - drivers: usb: usbip: Add missing break statement to switch
    - configfs: fix a deadlock in configfs_symlink()
    - PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
    - scsi: qla2xxx: fixup incorrect usage of host_byte
    - scsi: lpfc: Honor module parameter lpfc_use_adisc
    - ipvs: move old_secure_tcp into struct netns_ipvs
    - bonding: fix unexpected IFF_BONDING bit unset
    - usb: fsl: Check memory resource before releasing it
    - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode.
    - usb: gadget: composite: Fix possible double free memory bug
    - usb: gadget: configfs: fix concurrent issue between composite APIs
    - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise
      RIP validity
    - USB: Skip endpoints with 0 maxpacket length
    - scsi: qla2xxx: stop timer in shutdown path
    - net: hisilicon: Fix "Trying to free already-free IRQ"
    - NFSv4: Don't allow a cached open with a revoked delegation
    - igb: Fix constant media auto sense switching when no cable is connected
    - e1000: fix memory leaks
    - can: flexcan: disable completely the ECC mechanism
    - mm/filemap.c: don't initiate writeback if mapping has no dirty pages
    - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is
      dead
    - net: prevent load/store tearing on sk->sk_stamp
    - Linux 4.4.201

-- Kleber Sacilotto de Souza <kleber.souza@canonical.com>  Tue, 03 Dec 2019 11:20:54 +0100

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Kamal Mostafa (kamalmostafa) on 2024-03-31

Changed in linux (Ubuntu):
assignee:	Kamal Mostafa (kamalmostafa) → nobody

Ubuntu
linux package

backport DIMLIB (lib/dim/) to pre-5.2 kernels

Bug Description

CVE References

Other bug subscribers

Remote bug watches

	Status	Importance	Assigned to
linux (Ubuntu)	In Progress	Undecided	Unassigned
Xenial	Fix Released	Undecided	Kamal Mostafa
Bionic	Fix Released	Undecided	Kamal Mostafa
Disco	Fix Released	Undecided	Kamal Mostafa

Ubuntulinux package

backport DIMLIB (lib/dim/) to pre-5.2 kernels

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package