This bug was fixed in the package linux - 5.4.0-171.189

---------------
linux (5.4.0-171.189) focal; urgency=medium

  * focal/linux: 5.4.0-171.189 -proposed tracker (LP: #2048282)

  * Packaging resync (LP: #1786013)
    - [Packaging] remove helper scripts
    - [Packaging] update annotations scripts
    - debian/dkms-versions -- update from kernel-versions (main/2024.01.08)

  * Page fault in RDMA ODP triggers BUG_ON during MMU notifier registration
    (LP: #2046534)
    - RDMA/odp: Ensure the mm is still alive before creating an implicit child

  * Hotplugging SCSI disk in QEMU VM fails (LP: #2047382)
    - Revert "PCI: acpiphp: Reassign resources on bridge if necessary"

  * CVE-2023-6040
    - netfilter: nf_tables: Reject tables of unsupported family

  * kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10
    (LP: #2032641)
    - selftests: Skip TM tests on synthetic TM implementations

  * [Debian] autoreconstruct - Do not generate chmod -x for deleted  files
    (LP: #2045562)
    - [Debian] autoreconstruct - Do not generate chmod -x for deleted files

  * CVE-2023-6931
    - perf/core: Add a new read format to get a number of lost samples
    - perf: Fix perf_event_validate_size()
    - perf: Fix perf_event_validate_size() lockdep splat

  * CVE-2023-6932
    - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet

  * CVE-2023-6606
    - smb: client: fix OOB in smbCalcSize()

  * CVE-2023-45863
    - kobject: Fix slab-out-of-bounds in fill_kobj_path()

  * Focal update: v5.4.259 upstream stable release (LP: #2043724)
    - RDMA/cxgb4: Check skb value for failure to allocate
    - lib/test_meminit: fix off-by-one error in test_pages()
    - pwm: hibvt: Explicitly set .polarity in .get_state()
    - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect
    - quota: Fix slow quotaoff
    - net: prevent address rewrite in kernel_bind()
    - drm: etvnaviv: fix bad backport leading to warning
    - drm/msm/dsi: skip the wait for video mode done if not applicable
    - ravb: Fix up dma_free_coherent() call in ravb_remove()
    - ieee802154: ca8210: Fix a potential UAF in ca8210_probe
    - mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type
    - xen-netback: use default TX queue size for vifs
    - drm/vmwgfx: fix typo of sizeof argument
    - ixgbe: fix crash with empty VF macvlan list
    - net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()
    - nfc: nci: assert requested protocol is valid
    - workqueue: Override implicit ordered attribute in
      workqueue_apply_unbound_cpumask()
    - dmaengine: stm32-mdma: abort resume if no ongoing transfer
    - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer
    - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read
    - usb: dwc3: Soft reset phy on probe for host
    - usb: musb: Get the musb_qh poniter after musb_giveback
    - usb: musb: Modify the "HWVers" register address
    - iio: pressure: bmp280: Fix NULL pointer exception
    - iio: pressure: dps310: Adjust Timeout Settings
    - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug
    - mcb: remove is_added flag from mcb_device struct
    - libceph: use kernel_connect()
    - ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
    - Input: powermate - fix use-after-free in powermate_config_complete
    - Input: psmouse - fix fast_reconnect function for PS/2 mode
    - Input: xpad - add PXN V900 support
    - cgroup: Remove duplicates in cgroup v1 tasks file
    - pinctrl: avoid unsafe code pattern in find_pinctrl()
    - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
    - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call
    - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs
    - dmaengine: mediatek: Fix deadlock caused by synchronize_irq()
    - powerpc/8xx: Fix pte_access_permitted() for PAGE_NONE
    - powerpc/64e: Fix wrong test in __ptep_test_and_clear_young()
    - ravb: Fix use-after-free issue in ravb_tx_timeout_work()
    - Documentation: sysctl: align cells in second content column
    - usb: hub: Guard against accesses to uninitialized BOS descriptors
    - Bluetooth: hci_event: Ignore NULL link key
    - Bluetooth: Reject connection with the device which has same BD_ADDR
    - Bluetooth: Fix a refcnt underflow problem for hci_conn
    - Bluetooth: vhci: Fix race when opening vhci device
    - Bluetooth: hci_event: Fix coding style
    - Bluetooth: avoid memcmp() out of bounds warning
    - ice: fix over-shifted variable
    - nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
    - regmap: fix NULL deref on lookup
    - KVM: x86: Mask LVTPC when handling a PMI
    - netfilter: nft_payload: fix wrong mac header matching
    - qed: fix LL2 RX buffer allocation
    - xfrm: fix a data-race in xfrm_gen_index()
    - xfrm: interface: use DEV_STATS_INC()
    - net: ipv4: fix return value check in esp_remove_trailer
    - net: ipv6: fix return value check in esp_remove_trailer
    - net: rfkill: gpio: prevent value glitch during probe
    - tcp: fix excessive TLP and RACK timeouts from HZ rounding
    - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single 
skb
    - tun: prevent negative ifindex
    - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
    - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
    - i40e: prevent crash on probe if hw registers have invalid values
    - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
    - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
    - netfilter: nft_set_rbtree: .deactivate fails if element has expired
    - net: pktgen: Fix interface flags printing
    - resource: Add irqresource_disabled()
    - ACPI: Drop acpi_dev_irqresource_disabled()
    - ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
    - ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
    - ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA
    - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA
    - ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA
    - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone
    - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals 
to 1
    - btrfs: initialize start_slot in btrfs_log_prealloc_extents
    - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
    - overlayfs: set ctime when setting mtime and atime
    - gpio: timberdale: Fix potential deadlock on &tgpio->lock
    - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
    - tracing: relax trace_event_eval_update() execution with cond_resched()
    - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
    - Bluetooth: Avoid redundant authentication
    - Bluetooth: hci_core: Fix build warnings
    - wifi: mac80211: allow transmitting EAPOL frames with tainted key
    - wifi: cfg80211: avoid leaking stack data into trace
    - regulator/core: Revert "fix kobject release warning and memory leak in
      regulator_register()"
    - sky2: Make sure there is at least one frag_addr available
    - drm: panel-orientation-quirks: Add quirk for One Mix 2S
    - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
    - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
    - Bluetooth: hci_event: Fix using memcmp when comparing keys
    - mtd: rawnand: qcom: Unmap the right resource upon probe failure
    - mtd: spinand: micron: correct bitmask for ecc status
    - mtd: physmap-core: Restore map_rom fallback
    - mmc: core: sdio: hold retuning if sdio in 1-bit mode
    - mmc: core: Capture correct oemid-bits for eMMC cards
    - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
    - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
    - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
    - USB: serial: option: add entry for Sierra EM9191 with new firmware
    - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
    - s390/pci: fix iommu bitmap allocation
    - gpio: vf610: set value before the direction to avoid a glitch
    - ASoC: pxa: fix a memory leak in probe()
    - phy: mapphone-mdm6600: Fix runtime disable on probe
    - phy: mapphone-mdm6600: Fix runtime PM for remove
    - phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins
    - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
    - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
    - xfrm6: fix inet6_dev refcount underflow problem
    - Linux 5.4.259

  * Focal update: v5.4.258 upstream stable release (LP: #2042107)
    - NFS/pNFS: Report EINVAL errors from connect() to the server
    - SUNRPC: Mark the cred for revalidation if the server rejects it
    - tracing: Increase trace array ref count on enable and filter files
    - ata: libahci: clear pending interrupt status
    - ext4: remove the 'group' parameter of ext4_trim_extent
    - ext4: add new helper interface ext4_try_to_trim_range()
    - ext4: scope ret locally in ext4_try_to_trim_range()
    - ext4: change s_last_trim_minblks type to unsigned long
    - ext4: mark group as trimmed only if it was fully scanned
    - ext4: replace the traditional ternary conditional operator with with
      max()/min()
    - ext4: move setting of trimmed bit into ext4_try_to_trim_range()
    - ext4: do not let fstrim block system suspend
    - ASoC: meson: spdifin: start hw on dai probe
    - netfilter: nf_tables: disallow element removal on anonymous sets
    - bpf: Avoid deadlock when using queue and stack maps from NMI
    - selftests/tls: Add {} to avoid static checker warning
    - selftests: tls: swap the TX and RX sockets in some tests
    - ASoC: imx-audmix: Fix return error with devm_clk_get()
    - i40e: Fix for persistent lldp support
    - SAUCE: Revert "UBUNTU: SAUCE: i40e Fix GPF when deleting VMs"
    - i40e: Remove scheduling while atomic possibility
    - i40e: Fix warning message and call stack during rmmod i40e driver
    - i40e: Fix VF VLAN offloading when port VLAN is configured
    - powerpc/perf/hv-24x7: Update domain value check
    - dccp: fix dccp_v4_err()/dccp_v6_err() again
    - net: hns3: add 5ms delay before clear firmware reset irq source
    - net: bridge: use DEV_STATS_INC()
    - team: fix null-ptr-deref when team device type is changed
    - net: rds: Fix possible NULL-pointer dereference
    - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe()
    - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup()
    - Input: i8042 - add quirk for TUXEDO Gemini 17 Gen1/Clevo PD70PN
    - scsi: qla2xxx: Fix update_fcport for current_topology
    - scsi: qla2xxx: Fix deletion race condition
    - drm/amd/display: Reinstate LFC optimization
    - drm/amd/display: Fix LFC multiplier changing erratically
    - drm/amd/display: prevent potential division by zero errors
    - ata: libata: disallow dev-initiated LPM transitions to unsupported states
    - MIPS: Alchemy: only build mmc support helpers if au1xmmc is enabled
    - clk: tegra: fix error return case for recalc_rate
    - ARM: dts: ti: omap: motorola-mapphone: Fix abe_clkctrl warning on boot
    - bus: ti-sysc: Fix SYSC_QUIRK_SWSUP_SIDLE_ACT handling for uart wake-up
    - xtensa: add default definition for XCHAL_HAVE_DIV32
    - xtensa: iss/network: make functions static
    - xtensa: boot: don't add include-dirs
    - xtensa: boot/lib: fix function prototypes
    - gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip
    - parisc: sba: Fix compile warning wrt list of SBA devices
    - parisc: iosapic.c: Fix sparse warnings
    - parisc: drivers: Fix sparse warning
    - parisc: irq: Make irq_stack_union static to avoid sparse warning
    - selftests/ftrace: Correctly enable event in instance-event.tc
    - ring-buffer: Avoid softlockup in ring_buffer_resize()
    - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset()
    - spi: nxp-fspi: reset the FLSHxCR1 registers
    - bpf: Clarify error expectations from bpf_clone_redirect
    - powerpc/watchpoints: Annotate atomic context in more places
    - ncsi: Propagate carrier gain/loss events to the NCSI controller
    - fbdev/sh7760fb: Depend on FB=y
    - nvme-pci: do not set the NUMA node of device if it has none
    - watchdog: iTCO_wdt: No need to stop the timer in probe
    - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running
    - i40e: improve locking of mac_filter_hash
    - i40e: always propagate error value in i40e_set_vsi_promisc()
    - i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc
    - smack: Record transmuting in smk_transmuted
    - smack: Retrieve transmuting information in smack_inode_getsecurity()
    - Smack:- Use overlay inode label in smack_inode_copy_up()
    - serial: 8250_port: Check IRQ data before use
    - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
    - ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre
      M70q
    - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION 
CODES
    - i2c: i801: unregister tco_pdev in i801_probe() error path
    - ring-buffer: Update "shortest_full" in polling
    - btrfs: properly report 0 avail for very full file systems
    - net: thunderbolt: Fix TCPv6 GSO checksum calculation
    - ata: libata-core: Fix ata_port_request_pm() locking
    - ata: libata-core: Fix port and device removal
    - ata: libata-core: Do not register PM operations for SAS ports
    - ata: libata-sata: increase PMP SRST timeout to 10s
    - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
    - rbd: move rbd_dev_refresh() definition
    - rbd: decouple header read-in from updating rbd_dev->header
    - rbd: decouple parent info read-in from updating rbd_dev
    - rbd: take header_rwsem in rbd_dev_refresh() only when updating
    - Revert "PCI: qcom: Disable write access to read only registers for IP
      v2.3.3"
    - scsi: zfcp: Fix a double put in zfcp_port_enqueue()
    - qed/red_ll2: Fix undefined behavior bug in struct qed_ll2_info
    - wifi: mwifiex: Fix tlv_buf_left calculation
    - net: replace calls to sock->ops->connect() with kernel_connect()
    - net: prevent rewrite of msg_name in sock_sendmsg()
    - wifi: iwlwifi: dbg_ini: fix structure packing
    - wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet
    - drivers/net: process the result of hdlc_open() and add call of 
hdlc_close()
      in uhdlc_close()
    - wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling
    - regmap: rbtree: Fix wrong register marked as in-cache when creating new 
node
    - ima: Finish deprecation of IMA_TRUSTED_KEYRING Kconfig
    - scsi: target: core: Fix deadlock due to recursive locking
    - NFS4: Trace state recovery operation
    - NFS: Add a helper nfs_client_for_each_server()
    - NFSv4: Fix a nfs4_state_manager() race
    - modpost: add missing else to the "of" check
    - net: fix possible store tearing in neigh_periodic_work()
    - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
    - net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent
    - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
    - net: nfc: llcp: Add lock when modifying device list
    - netfilter: handle the connecting collision properly in
      nf_conntrack_proto_sctp
    - net: stmmac: dwmac-stm32: fix resume on STM32 MCU
    - tcp: fix quick-ack counting to count actual ACKs of new data
    - tcp: fix delayed ACKs for MSS boundary condition
    - sctp: update transport state when processing a dupcook packet
    - sctp: update hb timer immediately after users change hb_interval
    - cpupower: add Makefile dependencies for install targets
    - RDMA/core: Require admin capabilities to set system parameters
    - IB/mlx4: Fix the size of a buffer in add_port_entries()
    - gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config()
    - gpio: pxa: disable pinctrl calls for MMP_GPIO
    - RDMA/cma: Fix truncation compilation warning in make_cma_ports
    - RDMA/uverbs: Fix typo of sizeof argument
    - RDMA/siw: Fix connection failure handling
    - RDMA/mlx5: Fix NULL string error
    - parisc: Restore __ldcw_align for PA-RISC 2.0 processors
    - NFS: Fix a race in __nfs_list_for_each_server()
    - ima: rework CONFIG_IMA dependency block
    - [Config] Update IMA_BLACKLIST_KEYRING and IMA_LOAD_X509
    - xen/events: replace evtchn_rwlock with RCU
    - Linux 5.4.258

 -- Roxana Nicolescu <roxana.nicole...@canonical.com>  Fri, 05 Jan 2024
14:59:41 +0100

** Changed in: linux (Ubuntu Focal)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45863

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6040

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6606

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6931

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-6932

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2032641

Title:
  kernel_selftests failures on kernel-P10d-LPAR10.ppc64el.10

Status in ubuntu-kernel-tests:
  In Progress
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Focal:
  Fix Released

Bug description:
  [Impact]
  The powerpc tests from kernel selftests were unable to finish properly
  on Power10 VM with Focal 5.4 kernel. There will be lots of failures for
  powerpc/ptrace and powerpc/tm tests. For example the ptrace-tm-gpr:
    # selftests: powerpc/ptrace: ptrace-tm-gpr
    # test: ptrace_tm_gpr
    # tags: git_version:unknown
    # [FAIL] Test FAILED on line 94
    # GPR[14]: 1 Expected: 2
    # GPR[15]: 1 Expected: 2
    # GPR[16]: 1 Expected: 2
    # GPR[17]: 1 Expected: 2
    # GPR[18]: 1 Expected: 2
    # GPR[19]: 1 Expected: 2
    # GPR[20]: 1 Expected: 2
    # GPR[21]: 1 Expected: 2
    # GPR[22]: 1 Expected: 2
    # GPR[23]: 1 Expected: 2
    # GPR[24]: 1 Expected: 2
    # GPR[25]: 1 Expected: 2
    # GPR[26]: 1 Expected: 2
    # GPR[27]: 1 Expected: 2
    # GPR[28]: 1 Expected: 2
    # GPR[29]: 1 Expected: 2
    # GPR[30]: 1 Expected: 2
    # GPR[31]: 1 Expected: 2
    # failure: ptrace_tm_gpr
    not ok 1 selftests: powerpc/ptrace: ptrace-tm-gpr # exit=1

  [Fix]
  * 031fd80f87 selftests: Skip TM tests on synthetic TM implementations

  This patch has already landed on Jammy+. Only Focal will need this
  patch. And it needs to be backported to skip changes on the
  tm-signal-pagefault.c test, which does not exist on Focal tree.

  [Test Plan]
  Run the patched powerpc tests from kernel selftests:
    $ sudo make TARGETS=powerpc run_tests

  Previously failing powerpc/ptrace and powerpc/tm tests will be skipped.
  For example the ptrace-tm-gpr test:
    # selftests: powerpc/ptrace: ptrace-tm-gpr
    # test: ptrace_tm_gpr
    # tags: git_version:b315960-dirty
    # [SKIP] Test skipped on line 116
    # skip: ptrace_tm_gpr
    ok 2 selftests: powerpc/ptrace: ptrace-tm-gpr

  [Where problems could occur]
  Change limited to testing tools, and it's just skipping unsuitable
  tests for specific architecture, no impact to real kernel functions.

  == Original Bug Report ==
  First time seen on cycle 2023.08.10 because it was the first time we tested 
this instance.
  Tried previous focal version (5.4.09-156) and it seems it's happened before.

  The following tests are failing:
   * powerpc/ptrace:ptrace-tm-gpr       FAIL
   * powerpc/ptrace:ptrace-tm-spd-gpr   FAIL
   * powerpc/ptrace:ptrace-tm-tar       timeout
   * powerpc/ptrace:ptrace-tm-spd-tar   timeout
   * powerpc/ptrace:ptrace-tm-vsx       timeout
   * powerpc/ptrace:ptrace-tm-spd-vsx   timeout
   * powerpc/ptrace:ptrace-tm-spr       timeout

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2032641/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to